[SECURITY] Fedora 40 Update: golang-1.22.11-1.fc40

The Go Programming Language...

Advisory ROSA-SA-2025-2646

software: python2 2.7.18 WASP: ROSA-CHROME packageevrstring: python2-2.7.18-7 CVE-ID: CVE-2022-0391 BDU-ID: 2022-02302 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the urllib.parse module of the Python programming language interpreter is related to the non-neutralization of CRLF sequences...

ROS-20250128-03

A vulnerability in the Go programming language is related to the fact that the application does not properly control the consumption of internal resources in several Parse functions. Exploitation of the vulnerability could allow An attacker acting remotely to cause a denial of service...

Scale 安全漏洞

Scale is an open source work, project and task management platform with more than 30 features from the individual developers at pankajindevops. A security vulnerability exists in Scale 20241113 and prior versions that stems from improper access control in the component API Endpoint...

Important: Red Hat Security Advisory: python-jinja2 security update

An update for python-jinja2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

WordPress Flexmls® IDX Plugin plugin <= 3.14.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via API parameters vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via API parameters vulnerability discovered by 1337Wannabe in WordPress Plugin Flexmls® IDX versions = 3.14.26...

Important: python-jinja2 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

[SECURITY] Fedora 41 Update: golang-1.23.5-1.fc41

The Go Programming Language...

CVE-2024-9492

DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility installer can lead to privilege escalation and arbitrary code execution when running the impacted installer...

CVE-2024-9492 Uncontrolled search path can lead to DLL hijacking in Flash Programming Utility installer

DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility installer can lead to privilege escalation and arbitrary code execution when running the impacted installer...

CVE-2024-9492

CVE-2024-9492 concerns the Silicon Flash Programming Utility installer, where an uncontrolled search path enables DLL hijacking. The issue is triggered when the impacted installer is run, with a local attacker needing low complexity and user interaction, potentially leading to privilege escalatio...

CVE-2024-9492 Uncontrolled search path can lead to DLL hijacking in Flash Programming Utility installer

DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility installer can lead to privilege escalation and arbitrary code execution when running the impacted installer...

Silicon Flash Programming Utility installer 代码问题漏洞

Silicon Flash Programming Utility installer is a Flash Programming Utility installer from Silicon. A security vulnerability exists in the Silicon Flash Programming Utility installer that originates from an uncontrolled search path. An attacker could exploit the vulnerability to escalate privilege...

PT-2025-3717 · Unknown · Flash Programming Utility

Name of the Vulnerable Software and Affected Versions: Flash Programming Utility affected versions not specified Description: The issue is caused by an uncontrolled search path in the Flash Programming Utility installer, leading to DLL hijacking vulnerabilities. This can result in privilege...

Important: Red Hat Security Advisory: python-jinja2 security update

An update for python-jinja2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: python-jinja2 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

IBM Concert Information Disclosure Vulnerability (CNVD-2025-29674)

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an information disclosure vulnerability that stems from the disclosure of sensitive information via...

Cisco Meeting Management 安全漏洞

Cisco Meeting Management CMM is an administrative tool for Cisco Meeting Server, a Cisco local videoconferencing platform from Cisco USA. A security vulnerability exists in Cisco Meeting Management that stems from insufficient REST API user authorization, resulting in a low-privilege authenticate...

You Can’t Improve What You Can’t See: API Monitoring Is Crucial

...

Unspecified Vulnerability in Microsoft Windows Telephony Server (CNVD-2025-02538)

Microsoft Windows Telephony Server is a component of Microsoft Corporation USA that supports the Telephony Application Programming Interface TAPI, which allows computer programs to communicate with shared telephony services. A security vulnerability exists in Microsoft Windows Telephony Server. A...