[SECURITY] Fedora 42 Update: mingw-python3-3.11.15-4.fc42

MinGW Windows python3...

EUVD-2026-17531

PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely. PAGI::Middleware::Session::Store::Cookie attempts to read bytes from the /dev/urandom device directly. If that fails for example, on systems without the device, such as Windows, then it...

Exploit for Type Confusion in Apple Ipados

🛡️ corunaanalysis - Understand Malware Exploit Behavior Simpl...

Exploit for CVE-2026-2472

🚨 CVE-2026-2472-Vertex-AI-SDK-Google-Cloud - Simple Proof of C...

Wireshark Analyzer 4.6.4

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

[SECURITY] Fedora 42 Update: freerdp-3.21.0-1.fc42

The xfreerdp & wlfreerdp Remote Desktop Protocol RDP clients from the FreeR DP project. xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and VirtualBox...

CVE-2025-11235

Progress MOVEit Transfer on Windows REST API modules is affected by an unverified password change vulnerability. Affected versions include MOVEit Transfer 2022.0.0–2022.0.10, 2022.1.0–2022.1.11, 2023.0.0–2023.0.8, and 2023.1.0–2023.1.3. The issue is documented across multiple sources (including R...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell – Advanced Discovery & Exploitation Framework An...

CVE-2025-2534

IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

CVE-2025-11953 Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests

The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary...

[SECURITY] Fedora 41 Update: mingw-python3-3.11.14-1.fc41

MinGW Windows python3...

July 8, 2025—KB5062597 (Monthly Rollup)

July 8, 2025—KB5062597 Monthly Rollup Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in time...

shelling

This repository is an offensive tool for OS command injection. It is a comprehensive OS command injection payload generator, suitable for detecting OS command injection vulnerabilities. The tool, named SHELLING, provides a customizable payload generator with various features, including support fo...

thunderbird: Information Disclosure of /tmp directory listing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...

OPENSUSE-SU-2025:0110-1 Security update for restic

This update for restic fixes the following issues: Update to 0.18.0 - Sec 5291: Mitigate attack on content-defined chunking algorithm - Fix 1843: Correctly restore long filepaths' timestamp on old Windows - Fix 2165: Ignore disappeared backup source files - Fix 5153: Include root tree when...

.NET 9.0 Update - March 11, 2025 (KB5054230)

.NET 9.0 Update - March 11, 2025 KB5054230 NET 9.0 has been refreshed with the latest update as of March 11, 2025. This update contains both security and non-security fixes. See the release notes for details on updated packages..NET 9.0 servicing updates are upgrades. The latest servicing update...

Ivanti Security Control 安全漏洞

Ivanti security controls is a unified IT management platform from US-based Ivanti Inc. It is used to manage and protect Windows-based computers, Linux-based computers and VMware ESXi virtual machine monitoring programs. Ivanti security controls suffers from an elevation of privilege vulnerability...

[SECURITY] Fedora 41 Update: uv-0.5.5-2.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

.NET 6.0 Update - October 08, 2024 (KB5045998)

.NET 6.0 Update - October 08, 2024 KB5045998 .NET 6.0 has been refreshed with the latest update as of October 08, 2024. This update contains both security and non-security fixes. See the release notes for details on updated packages..NET 6.0 servicing updates are upgrades. The latest servicing...

Vulnerabilities fixed in Nvidia GPU Drivers

Nvidia has fixed vulnerabilities in GPU drivers for Windows and Linux. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to grant themselves elevated privileges and execute code with elevated privileges, or gain access to sensitive data. Nvidia has released...