[SECURITY] Fedora 43 Update: keylime-agent-rust-0.2.9-2.fc43

The Keylime agent...

RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface

Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...

[SECURITY] Fedora 44 Update: keylime-agent-rust-0.2.9-1.fc44

The Keylime agent...

Fedora 42 : keylime / keylime-agent-rust (2026-c2b5451b35)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-c2b5451b35 advisory. Update keylime to version 7.14.1 and keylime-agent-rust to version 0.2.9 Fixes: CVE-2026-1709 and CVE-2025-13609 Tenable has extracted the preceding...

[SECURITY] Fedora 43 Update: keylime-agent-rust-0.2.9-1.fc43

The Keylime agent...

WordPress GNUPress Plugin <= 0.2.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin GNUPress versions = 0.2.9...

Guardrails has an arbitrary code execution vulnerability

An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval function, causing i...

pdfmake Security Vulnerabilities

pdfmake is Bartek Pampuch individual developers of a pure JavaScript server-side and client-side PDF document generation library . A security vulnerability exists in pdfmake 0.2.9 and earlier versions, which stems from a vulnerability that allows a remote attacker to run arbitrary code to a...

van_der_Schaar LAB synthcity code issue vulnerability

synthcity is a vanderSchaar LAB open source library for generating and evaluating synthetic tabular data. A code issue vulnerability exists in vanderSchaar LAB synthcity version 0.2.9, which stems from an incorrect operation that can lead to deserialization...

Malicious code in fec-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dcb9ae48dadfaae28ed7f4c8edcde694f63b90d1e7533c789704cabc4147c8c7 The OpenSSF Package Analysis project identified 'fec-sdk' @ 0.2.9 npm as malicious. It is considered malicious because: - The package communicat...

CVE-2023-42441

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine EVM. Starting in version 0.2.9 and prior to version 0.3.10, locks of the type @nonreentrant"" or @nonreentrant'' do not produce reentrancy checks at runtime. This issue is fixed in version 0.3.10. As a workaround, ensure...

Design/Logic Flaw

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine EVM. Starting in version 0.2.9 and prior to version 0.3.10, locks of the type @nonreentrant"" or @nonreentrant'' do not produce reentrancy checks at runtime. This issue is fixed in version 0.3.10. As a workaround, ensure...

Tracked Tweets <= 0.2.9 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape some parameters before outputting them back in an admin page, leading to a Reflected Cross-Site Scripting issue All parameters from the settings page are affected ' /...

Command Injection

Overview ntesseract is a simple wrapper for the Tesseract OCR package for node.js Affected versions of this package are vulnerable to Command Injection via lib/tesseract.js. PoC: var a =require"ntesseract"; a.process"& touch JHU ","",function Remediation Upgrade ntesseract to version 0.2.9 or...

GHSA-PP57-MQMH-44H7 Command Injection in macaddress

All versions of macaddress are vulnerable to command injection. For this vulnerability to be exploited an attacker needs to control the iface argument to the one method. Recommendation Update to version 0.2.9 or later...

WordPress WP-Filebase Download Manager plugin <= 0.2.9 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress WP-Filebase Download Manager plugin = 0.2.9 SQL Injection Vulnerability Date: 2011-09-09 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/wp-filebase.0.2.9.zip Version:...