[SECURITY] Fedora 44 Update: kf6-syndication-6.25.0-1.fc44

The Syndication Library...

OPENSUSE-SU-2026:20579-1 Security update for gosec

This update for gosec fixes the following issues: Changes in gosec: - Update to version 2.25.0: choredeps: bump google.golang.org/grpc from 1.75.0 to 1.79.3 1617 fix: allow barry action to access secrets on fork PRs 1616 fix: reduce G117 false positives for custom marshalers and transformed value...

Lobster 安全漏洞

Lobster is a programming language developed by Wouter van Oortmerssen. Versions of Lobster prior to 2.25 contain security vulnerabilities, which stem from uncontrolled recursion in the lobster::TypeName function...

Apache Log4j 安全漏洞

Apache Log4j is a Java-based open source logging tool from the Apache USA Foundation. A security vulnerability exists in Apache Log4j 2.25.2 and earlier versions, which stems from an unperformed TLS hostname validation and could lead to a man-in-the-middle attack...

Prototype Pollution Third-Party Dependency in Bitbucket Data Center and Server - CVE-2022-46175

This High severity vulnerability known as CVE-2022-46175 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.1 and a CV...

CVE-2024-52588

Strapi is an open-source content management system. Prior to version 4.25.2, inputting a local domain into the Webhooks URL field leads to the application fetching itself, resulting in a server side request forgery SSRF. This issue has been patched in version 4.25.2...

GHSA-FM93-G6XP-35XQ Aim Excessive Data Query Operations in a Large Data Table vulnerability

In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large number of Text objects and then querying them simultaneously through the web API, the Aim web server becomes unresponsive to other requests for an extended period while processing and returning these...

CVE-2025-0190

In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large number of Text objects and then querying them simultaneously through the web API, the Aim web server becomes unresponsive to other requests for an extended period while processing and returning these...

CVE-2024-12778

CVE-2024-12778 affects the Aim project (aimhubio/aim) v3.25.0. The root cause is an absence of a limit on the number of metrics requested per call, which, together with a single-threaded server, allows excessive resource consumption and can render the web API unresponsive (DoS). Concretely, retri...

[SECURITY] Fedora 40 Update: python-spotipy-2.25.1-1.fc40

A light weight Python library for the Spotify Web API...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A security vulnerability exists in the SP...