[SECURITY] Fedora 41 Update: python3.9-3.9.21-1.fc41

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

[SECURITY] Fedora 40 Update: python3.8-3.8.20-1.fc40

Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release...

[SECURITY] Fedora 40 Update: python3.9-3.9.20-1.fc40

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google USA. Google Pixel suffers from a security vulnerability that stems from legacy test/debug code in the production version, which may lack LCS signature enforcement, leading to local privilege escalation...

PT-2024-30943 · Google · Android

Name of the Vulnerable Software and Affected Versions: TBD affected versions not specified Description: The issue is related to a missing LCS signing enforcement due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution...

CVE-2024-42243

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...

CVE-2024-32912

there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32912

there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation...

Fedora: Security Advisory (FEDORA-2024-a702b78744)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-32669

Improper Input Validation vulnerability in Samsung Open Source escargot JavaScript engine allows Overflow Buffers. However, it occurs in the test code and does not include in the release. This issue affects escargot: 4.0.0...

CVE-2024-32669

Improper Input Validation vulnerability in Samsung Open Source escargot JavaScript engine allows Overflow Buffers. However, it occurs in the test code and does not include in the release. This issue affects escargot: 4.0.0...

CVE-2024-32669 Possible stack overflow due to a string encoding processing error

Improper Input Validation vulnerability in Samsung Open Source escargot JavaScript engine allows Overflow Buffers. However, it occurs in the test code and does not include in the release. This issue affects escargot: 4.0.0...

CVE-2024-32669 Possible stack overflow due to a string encoding processing error

Improper Input Validation vulnerability in Samsung Open Source escargot JavaScript engine allows Overflow Buffers. However, it occurs in the test code and does not include in the release. This issue affects escargot: 4.0.0...

CVE-2024-32669

CVE-2024-32669 concerns Samsung Open Source Escargot. Connected sources identify an Improper Input Validation issue that can cause buffer overflows in Escargot 4.0.0. The description consistently notes the vulnerability occurs in test code and is not included in the released product, implying lim...

PT-2024-24753 · Samsung · Escargot

Name of the Vulnerable Software and Affected Versions: escargot version 4.0.0 Description: The issue is related to an Improper Input Validation vulnerability in the Samsung Open Source escargot JavaScript engine, which allows Overflow Buffers. However, it is noted that this issue occurs in the te...

[SECURITY] Fedora 39 Update: python3.6-3.6.15-27.fc39

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

Information Disclosure

microsoft/microsoft-graph-core is vulnerable to Information Disclosure. The vulnerability is due to the inclusion of test code that enables the use of the phpInfo function, specifically through the GetPhpInfo.php script, which can expose sensitive system information if the server is misconfigured...

North Korean Hackers Targeting Developers with Malicious npm Packages

A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named execution-time-async, data-time-utils, login-time-utils, mongodb-connection-utils, and...

[SECURITY] Fedora 38 Update: python3.9-3.9.18-3.fc38

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

[SECURITY] Fedora 39 Update: python3.7-3.7.17-4.fc39

Python 3.7 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.7, see other distributions that support it, such as an older Fedora release...