OpenCPN is a ship-borne GUI navigation application

May 4, 2025

OpenCPN is a chartplotter and navigation tool. It’s designed to be used at the helm station of your boat while underway.

The post OpenCPN is a ship-borne GUI navigation application appeared first on LinuxLinks.

Source: Read More

Previous Article3 Graphical Frontends for ImageMagick

Next Article Meta AI Releases Llama Prompt Ops: A Python Toolkit for Prompt Optimization on Llama Models

Highlights

CVE-2025-47928 – Spotify/Github Spotipy Untrusted Code Execution Vulnerability

May 15, 2025

CVE ID : CVE-2025-47928

Published : May 15, 2025, 8:16 p.m. | 4 hours, 41 minutes ago

Description : Spotipy is a Python library for the Spotify Web API. As of commit 4f5759dbfb4506c7b6280572a4db1aabc1ac778d, using `pull_request_target` on `.github/workflows/integration_tests.yml` followed by the checking out the head.sha of a forked PR can be exploited by attackers, since untrusted code can be executed having full access to secrets (from the base repo). By exploiting the vulnerability is possible to exfiltrate `GITHUB_TOKEN` and secrets `SPOTIPY_CLIENT_ID`, `SPOTIPY_CLIENT_SECRET`. In particular `GITHUB_TOKEN` which can be used to completely overtake the repo since the token has content write privileges. The `pull_request_target` in GitHub Actions is a major security concern—especially in public repositories—because it executes untrusted code from a PR, but with the context of the base repository, including access to its secrets. Commit 9dfb7177b8d7bb98a5a6014f8e6436812a47576f reverted the change that caused the issue.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

OpenCPN is a ship-borne GUI navigation application

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Laravel Seeder Generator

New Linux udisks flaw lets attackers get root on major Linux distros

CVE-2025-7755 – Code-projects Online Ordering System Unrestricted File Upload Vulnerability

Microsoft saved $500 million using AI — after slashing over 15,000 jobs in 2025

CVE-2025-47928 – Spotify/Github Spotipy Untrusted Code Execution Vulnerability

Dull Desktop? Install ‘Picture of the Day’ App on Ubuntu

CVE-2025-47959 – Visual Studio Command Injection Vulnerability

This $120 Android tablet proves you don’t need to spend hundreds for a mobile entertainment device

OpenCPN is a ship-borne GUI navigation application

Related Posts