| Bug | Description | Note |
|---|
| CVE-2009-20005 | A stack-based buffer overflow exists in the UtilConfigHome.csp endpoin ... | check |
| CVE-2022-23538 | github.com/sylabs/scs-library-client is the Go client for the Singular ... | check details, might as well affect golang-github-apptainer-container-library-client |
| CVE-2023-26044 | react/http is an event-driven, streaming HTTP client and server implem ... | check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected |
| CVE-2023-49316 | In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ... | check if affecting ldap-account-manager or unused path |
| CVE-2023-50251 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50252 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50262 | Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ... | check sources embedding php-dompdf if affected |
| CVE-2024-22420 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2024-22421 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2025-0419 | Improper Neutralization of Input During Web Page Generation (XSS or 'C ... | check |
| CVE-2025-0420 | Improper Neutralization of Input During Web Page Generation (XSS or 'C ... | check |
| CVE-2025-0546 | Improper Neutralization of Input During Web Page Generation (XSS or 'C ... | check |
| CVE-2025-0879 | Improper Neutralization of Input During Web Page Generation (XSS or 'C ... | check |
| CVE-2025-4382 | A flaw was found in systems utilizing LUKS-encrypted disks with GRUB c ... | double check if vulnerability only considered present after grub_is_cli_disabled is introduced |
| CVE-2025-4690 | A regular expression used by AngularJS' linky https://docs.angularjs.o ... | check |
| CVE-2025-4953 | A flaw was found in Podman. In a Containerfile or Podman, data written ... | check details |
| CVE-2025-6499 | A vulnerability classified as problematic was found in vstakhov libucl ... | check if impacts security wise rspamd, which embeds libucl and uses it a compile time |
| CVE-2025-8077 | A vulnerability exists in NeuVector versions up to and including 5.4.5 ... | check |
| CVE-2025-8411 | Improper Neutralization of Input During Web Page Generation (XSS or 'C ... | check |
| CVE-2025-8463 | Authorization Bypass Through User-Controlled Key vulnerability in Nebu ... | check |
| CVE-2025-8671 | A mismatch caused by client-triggered server-sent stream resets betwee ... | check, some projects will assign own CVEs and should then be covered under that specific CVE instead |
| CVE-2025-8941 | A flaw was found in linux-pam. The pam_namespace module may improperly ... | check if RedHat specific incomplete fix for CVE-2025-6020 |
| CVE-2025-9708 | A vulnerability exists in the Kubernetes C# client where the certifica ... | check |
| CVE-2025-9862 | Server-Side Request Forgery (SSRF) vulnerability in Ghost allows an at ... | check |
| CVE-2025-10155 | An Improper Input Validation vulnerability in the scanning logic of mm ... | check |
| CVE-2025-10156 | An Improper Handling of Exceptional Conditions vulnerability in the ZI ... | check |
| CVE-2025-10157 | A Protection Mechanism Failure vulnerability in mmaitre314 picklescan ... | check |
| CVE-2025-10290 | Opening links via the contextual menu in Focus iOS for certain URL sch ... | check |
| CVE-2025-10439 | Improper Neutralization of Special Elements used in an SQL Command ('S ... | check |
| CVE-2025-10492 | A Java deserialisation vulnerability has been discovered in Jaspersoft ... | check |
| CVE-2025-10592 | A security vulnerability has been detected in itsourcecode Online Publ ... | check |
| CVE-2025-10597 | A vulnerability was determined in kidaze CourseSelectionSystem up to 4 ... | check |
| CVE-2025-10615 | A vulnerability was identified in itsourcecode E-Commerce Website 1.0. ... | check |
| CVE-2025-35430 | CISA Thorium does not adequately validate the paths of downloaded file ... | check |
| CVE-2025-35431 | CISA Thorium does not escape user controlled strings used in LDAP quer ... | check |
| CVE-2025-35432 | CISA Thorium does not rate limit requests to send account verification ... | check |
| CVE-2025-35433 | CISA Thorium does not properly invalidate previously used tokens when ... | check |
| CVE-2025-35434 | CISA Thorium does not validate TLS certificates when connecting to Ela ... | check |
| CVE-2025-35435 | CISA Thorium accepts a stream split size of zero then divides by this ... | check |
| CVE-2025-35436 | CISA Thorium uses '.unwrap()' to handle errors related to account veri ... | check |
| CVE-2025-43960 | Adminer 4.8.1, when using Monolog for logging, allows a Denial of Serv ... | check, does not seem to be fixed in 4.8.2 and later versions |
| CVE-2025-45091 | Seafile versions 11.0.18-Pro, 12.0.10, and 12.0.10-Pro are vulnerable ... | check |
| CVE-2025-50709 | An issue in Perplexity AI GPT-4 allows a remote attacker to obtain sen ... | check |
| CVE-2025-53884 | NeuVector stores user passwords and API keys using a simple, unsalted ... | check |
| CVE-2025-54467 | When a Java command with password parameters is executed and terminate ... | check |
| CVE-2025-55904 | Open5GS v2.7.5, prior to commit 67ba7f92bbd7a378954895d96d9d7b05d5b646 ... | check |
| CVE-2025-56648 | npm parcel 2.0.0-alpha and before has an Origin Validation Error vulne ... | check |
| CVE-2025-57055 | WonderCMS 3.5.0 is vulnerable to Server-Side Request Forgery (SSRF) in ... | check |
| CVE-2025-58064 | CKEditor 5 is a modern JavaScript rich-text editor with an MVC archite ... | check |
| CVE-2025-58431 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ... | check |
| CVE-2025-58432 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ... | check |
| CVE-2025-58766 | Dyad is a local AI app builder. A critical security vulnerability has ... | check |
| CVE-2025-58767 | REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 h ... | check |
| CVE-2025-59304 | A directory traversal issue in Swetrix Web Analytics API 3.1.1 before ... | check |
| CVE-2025-59339 | The Bastion provides authentication, authorization, traceability and a ... | check |
| CVE-2025-59340 | jinjava is a Java-based template engine based on django template synta ... | check |
| CVE-2025-59341 | esm.sh is a nobuild content delivery network(CDN) for modern web devel ... | check |
| CVE-2025-59342 | esm.sh is a nobuild content delivery network(CDN) for modern web devel ... | check |
| CVE-2025-59345 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59346 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59347 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59348 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59349 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59350 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59351 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59352 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59353 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59354 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59410 | Dragonfly is an open source P2P-based file distribution and image acce ... | check |
| CVE-2025-59414 | Nuxt is an open-source web development framework for Vue.js. Prior to ... | check |
| CVE-2025-59416 | The Scratch Channel is a news website. If the user makes a fork, they ... | check |
| CVE-2025-59437 | The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF b ... | check details |