pip Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

PT-2026-35435

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

CVE-2026-33429

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.54 and 9.6.0-alpha.43, an attacker can subscribe to LiveQuery with a watch parameter targeting a protected field. Although the protected field value is properly stripped...

PT-2025-3173 · Adwork Media · Adwork Media Ez Content Locker

Name of the Vulnerable Software and Affected Versions: AdWork Media EZ Content Locker versions n/a through 3.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS in AdWork Media EZ...

opencryptoki security update

3.21.0-9 - timing side-channel in handling of RSA PKCS1 v1.5 padded ciphertexts Marvin Resolves: RHEL-22792...

SUSE: Security Advisory (SUSE-SU-2023:4986-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-47536

An improper access control vulnerability CWE-284 in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny...

SUSE-SU-2023:2047-1 Security update for openssl-ibmca

This update for openssl-ibmca fixes the following issues: - Fixed a timing-based side channel attack in RSA in the IBMCA engine openssl-ibmca...

October 15, 2019—KB4520062 (OS Build 17763.832)

October 15, 2019—KB4520062 OS Build 17763.832 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Starting with update KB4497934, we are introducing functionality that allows you to decide when to install a feature update. You control when yo...

August 19, 2019—KB4512509 (OS Build 17134.984)

August 19, 2019—KB4512509 OS Build 17134.984 The Windows 10 April 2018 Update will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running the Windows 10 April 2018 Update starting July 16, 2019 to help ensure that these devices remain in a...

June 26, 2019—KB4509478 (OS Build 17134.860)

June 26, 2019—KB4509478 OS Build 17134.860 The Windows 10 April 2018 Update will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running the Windows 10 April 2018 Update starting July 16, 2019 to help ensure that these devices remain in a servic...

SUSE-SU-2018:4001-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation bsc1113652. - CVE-2018-5407: Added elliptic curve scalar multiplication timing attack defenses that fixes 'PortSmash' bsc1113534. Non-security...