Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.18+8 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...

SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2025:4528-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4528-1 advisory. Update to version 2.50.4. Security issues fixed: - CVE-2025-14174: processing maliciously crafted web content may lead to memory corruption due...

Fedora 43 : webkitgtk (2025-96a708ea95)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-96a708ea95 advisory. Correctly handle the program name passed to the sleep disabler. Ensure GStreamer is initialized before using the Quirks. Fix several crashes and...

Fedora 43 : webkitgtk (2025-b07cd2cae2)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b07cd2cae2 advisory. Fix seeking and looping of media elements that set the loop property. Fix several crashes and rendering issues. Fix CVE-2025-13947, CVE-2025-43458,...

mdast-util-to-hast 安全漏洞

mdast-util-to-hast is an open source utility from syntax-tree that converts mdast to has. A security vulnerability exists in mdast-util-to-hast versions prior to 13.2.1, which stems from mishandling of class names and could lead to rendering issues...

EUVD-2017-7225

Malware in sbrugna...

EUVD-2011-1129

Malware in sbrugna...

EUVD-2011-2348

Malware in sbrugna...

EUVD-2025-1599

Malicious code in bioql PyPI...

Fedora 42 : webkitgtk (2025-61ca72f430)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-61ca72f430 advisory. Update to 2.48.5. Changes since 2.48.3: Improve emoji font selection. Improve playback of multimedia streams from blob URLs. Fix crash when using a...

CVE-2025-4700

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific circumstances, could have potentially allowed a successful attacker to trigger unintended content rendering leading to XSS...

Amazon Linux 2023 : tigervnc, tigervnc-icons, tigervnc-license (ALAS2023-2025-1060)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1060 advisory. A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and...

Fedora 42 : webkitgtk (2025-5427adc3f4)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5427adc3f4 advisory. Limit the data stored in session state. Remove the empty area below the title bar in Web Inspector when not docked. Fix various crashes and renderin...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2. Security issues fixed: CVE-2025-31205: lack of checks may lead to cross-origin data exfiltration through a malicious website bsc1243282. CVE-2025-31204: improper memory handling when processing certain web content m...

CVE-2024-8239

The Starbox WordPress plugin before 3.5.3 does not properly render social media profiles URLs in certain contexts, like the malicious user's profile or pages where the starbox shortcode is used, which may be abused by users with at least the contributor role to conduct Stored XSS attacks...

Fedora 41 : webkitgtk (2025-c40948de3a)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c40948de3a advisory. Enable CSS Overscroll Behavior by default. Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thre...

Fedora 40 : webkitgtk (2025-256a86d7c8)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-256a86d7c8 advisory. Limit the data stored in session state. Remove the empty area below the title bar in Web Inspector when not docked. Fix various crashes and renderin...

Fedora 41 : webkitgtk (2025-3e8ed13bf0)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-3e8ed13bf0 advisory. Update to WebKitGTK 2.46.6: Fix a crash when enabling Skia CPU rendering. Fix several crashes and rendering issues. Fix CVE-2024-54543,...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 bsc1234851: Security fixes: CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected...

SUSE-SU-2025:0104-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 bsc1234851: Security fixes: - CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash - CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected...