RLSA-2025:1300 Moderate: gcc-toolset-14-gcc security update

The gcc-toolset-14-gcc13 package contains the GNU Compiler Collection version 14. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

RLSA-2025:1210 Moderate: tbb security update

Threading Building Blocks TBB is a C++ runtime library that abstracts the low-level threading details necessary for optimal multi-core performance. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the securit...

tbb security update

An update is available for tbb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Threading Building Blocks TBB is a C++ runtime library that abstracts the low-lev...

gcc-toolset-13-gcc security update

An update is available for gcc-toolset-13-gcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gcc-toolset-13-gcc13 package contains the GNU Compiler...

RLSA-2025:1329 Moderate: doxygen security update

Doxygen can generate an online class browser in HTML and/or a reference manual in LaTeX from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Security Fixes:...

doxygen security update

An update is available for doxygen. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Doxygen can generate an online class browser in HTML and/or a reference manua...

RLSA-2025:1346 Moderate: gcc security update

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including...

RHEL 7 : pki-core (RHSA-2025:2426)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2426 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: jquery: Untrusted code...

CLSA-2025-1741290577 gcc: Fix of CVE-2020-11023

CVE-2020-11023: fix jQuery untrusted code execution vulnerability in the documentation...

Moderate: Red Hat Security Advisory: pki-core security update

An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.18

Logging for Red Hat OpenShift - 5.8.18 Logging for Red Hat OpenShift - 5.8.18 logging-kibana6-container: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023...

Linux Distros Unpatched Vulnerability : CVE-2020-11022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM...

NVIDIA IGX Orin 安全漏洞

NVIDIA IGX Orin is an industrial-grade edge AI platform from NVIDIA that delivers high performance, advanced functional safety and information security. A security vulnerability exists in the NVIDIA IGX Orin, which originates in the UEFI firmware RCM boot mode and allows an attacker with physical...

PT-2025-7914 · Nvidia +1 · Nvidia Jetson Linux +2

Name of the Vulnerable Software and Affected Versions: NVIDIA Jetson Linux and IGX OS image affected versions not specified Description: The issue is related to a vulnerability in the UEFI firmware RCM boot mode, where an unprivileged attacker with physical access to the device could load untrust...

Important: emacs

Issue Overview: In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs ...

Important: emacs

Issue Overview: In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs ...

Important: emacs

Issue Overview: In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs ...

RHEL 7 : gcc (RHSA-2025:1601)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1601 advisory. The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes:...

RHEL 7 : doxygen (RHSA-2025:1255)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1255 advisory. Doxygen can generate an online class browser in HTML and/or a reference manual in LaTeX from a set of documented source files. The documentation is...

AlmaLinux 8 : gcc-toolset-14-gcc (ALSA-2025:1338)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:1338 advisory. jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 Tenable has extracted the preceding description block directly...