Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite uses urllib3-2.3.0-py3-none-any.whl, cryptography-46.0.3-cp311-abi3-manylinux234x8664.whl, pillow-12.1.0-cp311-cp311-manylinux227x8664.manylinux228x8664.whl, lodash-4.17.21.tgz and axios-1.12.2.tgz which are vulnerable to CVE-2025-50181, CVE-2025-50182,...

[SECURITY] Fedora 42 Update: python3.13-3.13.13-1.fc42

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

Okara: Detection and Attribution of TLS Man-In-The-Middle Vulnerabilities in Android Apps with Foundation Models

Transport Layer Security TLS is fundamental to secure online communication, yet vulnerabilities in certificate validation that enable Man-in-the-Middle MitM attacks remain a pervasive threat in Android apps. Existing detection tools are hampered by low-coverage UI interaction, costly...

CVE-2026-24798

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine prog/3rdPartyLibs/miniupnpc modules. This vulnerability is associated with program files upnpreplyparse.C. This issue affects DagorEngine: through dagor20250115...

Security Bulletin: IBM Maximo Application Suite uses multiple third party libraries which is vulnerable to multiple CVEs

Summary IBM Maximo Application Suite uses setuptools 76.1.0, urllib3-1.26.20-py2.py3-none-any.whl, cross-spawn v7.0.3, braces v3.0.2, axios-1.11.0.tgz, xmltodict-0.14.2-py2.py3-none-any.whl, WebSphere Application Server Liberty version 25.0.0.8 which is vulnerable to CVE-2025-47273, CVE-2025-5018...

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to CVEs.

Summary IBM Maximo Application Suite uses spring-beans-6.2.9.jar, spring-context-6.1.14.jar, flask-3.1.0-py3-none-any.whl, kafka-clients-3.9.0.jar, cxf-core-3.6.7.jar, urllib3-1.26.20-py2.py3-none-any.whl, postgresql-42.7.5.jar, requests-2.32.3-py3-none-any.whl,commons-beanutils-1.9.4.jar which i...

EUVD-2014-0140

Malware in sbrugna...

DRUPAL-CONTRIB-2025-106

This module enables you to store and display JSON data using optional 3rd party libraries. The module doesn't sufficiently filter data using some of the included field formatters leading to a Cross-site Scripting XSS vulnerability...

JSON Field - Critical - Cross Site Scripting - SA-CONTRIB-2025-106

This module enables you to store and display JSON data using optional 3rd party libraries. The module doesn't sufficiently filter data using some of the included field formatters leading to a Cross-site Scripting XSS vulnerability...

Revisiting Third-Party Library Detection: a Ground Truth Dataset and Its Implications across Security Tasks

Accurate detection of third-party libraries TPLs is fundamental to Android security, supporting vulnerability tracking, malware detection, and supply chain auditing. Despite many proposed tools, their real-world effectiveness remains unclear.We present the first large-scale empirical study of ten...

[SECURITY] Fedora 41 Update: python3.13-3.13.7-1.fc41

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

[SECURITY] Fedora 42 Update: python3.13-3.13.6-1.fc42

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

TraceLens: Question-Driven Debugging for Taint Flow Understanding

Taint analysis is a security analysis technique used to track the flow of potentially dangerous data through an application and its dependent libraries. Investigating why certain unexpected flows appear and why expected flows are missing is an important sensemaking process during end-user taint...

[SECURITY] Fedora 41 Update: python3.13-3.13.5-1.fc41

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

[SECURITY] Fedora 42 Update: python3.13-3.13.5-1.fc42

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

Version-Level Third-Party Library Detection in Android Applications Via Class Structural Similarity

Android applications apps integrate reusable and well-tested third-party libraries TPLs to enhance functionality and shorten development cycles. However, recent research reveals that TPLs have become the largest attack surface for Android apps, where the use of insecure TPLs can compromise both...

[SECURITY] Fedora 41 Update: python3.11-3.11.13-1.fc41

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

[SECURITY] Fedora 42 Update: python3.12-3.12.11-1.fc42

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

[SECURITY] Fedora 42 Update: python3.11-3.11.13-1.fc42

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

[SECURITY] Fedora 42 Update: python3.10-3.10.18-1.fc42

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...