[SECURITY] Fedora 44 Update: tor-0.4.9.8-1.fc44

The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and...

CVE-2026-33603

Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and...

CVE-2026-41196

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

[SECURITY] Fedora 44 Update: openssh-10.2p1-6.fc44

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

[SECURITY] Fedora 43 Update: mariadb11.8-11.8.5-1.fc43

MariaDB is a community developed fork from MySQL - a multi-user, multi-thread ed SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs...

GHSA-H956-RH7X-PPGJ RustFS has a gRPC Hardcoded Token Authentication Bypass

Vulnerability Overview Description RustFS implements gRPC authentication using a hardcoded static token "rustfs rpc" that is: 1. Publicly exposed in the source code repository 2. Hardcoded on both client and server sides 3. Non-configurable with no mechanism for token rotation 4. Universally vali...

EUVD-2011-0913

Malicious code in bioql PyPI...

EUVD-2011-0912

Malicious code in bioql PyPI...

Connect Your AI to Everything: Spring AI's MCP Boot Starters

The Model Context Protocol MCP standardizes how AI applications interact with external tools and resources. Spring joined the MCP ecosystem early as a key contributor, helping to develop and maintain the official MCP Java SDK that serves as the foundation for Java-based MCP implementations...

MECHA: Multithreaded and Efficient Cryptographic Hardware Access

This paper presents a multithread and efficient cryptographic hardware access MECHA for efficient and fast cryptographic operations that eliminates the need for context switching. Utilizing a UNIX domain socket, MECHA manages multiple requests from multiple applications simultaneously, resulting ...

EulerOS 2.0 SP11 : libsoup (EulerOS-SA-2025-1665)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup. A vulnerability in snifffeedorhtml and skipinsignificantspace functions may lead to a heap buffer...

ABB M2M Gateway TLS Handshake bypass in embedded Python (CVE-2023-40217)

An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is...

OESA-2025-1508 postgresql-13 security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

OESA-2025-1395 mariadb security update

MariaDB turns data into structured information in a wide array of applications, ranging from banking to websites. It is an enhanced, drop-in replacement for MySQL. MariaDB is used because it is fast, scalable and robust, with a rich ecosystem of storage engines, plugins and many other tools make ...

Linux Distros Unpatched Vulnerability : CVE-2011-0900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in the tsclaunchremote function src/support.c in Terminal Server Client tsclient 0.150, and possibly other versions, allows...

Linux Distros Unpatched Vulnerability : CVE-2011-0901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple stack-based buffer overflows in the tsclaunchremote function src/support.c in Terminal Server Client tsclient 0.150, and possibly other versions, allow...

SUSE CVE-2024-53846

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...

UBUNTU-CVE-2024-53846

OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and...

UBUNTU-CVE-2022-48827

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...