| Bug | Description | Note |
|---|
| CVE-2022-23538 | github.com/sylabs/scs-library-client is the Go client for the Singular ... | check details, might as well affect golang-github-apptainer-container-library-client |
| CVE-2023-26044 | react/http is an event-driven, streaming HTTP client and server implem ... | check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected |
| CVE-2023-49316 | In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ... | check if affecting ldap-account-manager or unused path |
| CVE-2023-50251 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50252 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50262 | Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ... | check sources embedding php-dompdf if affected |
| CVE-2024-22420 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2024-22421 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2025-0033 | Improper access control within AMD SEV-SNP could allow an admin privil ... | check |
| CVE-2025-4382 | A flaw was found in systems utilizing LUKS-encrypted disks with GRUB c ... | double check if vulnerability only considered present after grub_is_cli_disabled is introduced |
| CVE-2025-4690 | A regular expression used by AngularJS' linky https://docs.angularjs.o ... | check |
| CVE-2025-4953 | A flaw was found in Podman. In a Containerfile or Podman, data written ... | check details |
| CVE-2025-6499 | A vulnerability classified as problematic was found in vstakhov libucl ... | check if impacts security wise rspamd, which embeds libucl and uses it a compile time |
| CVE-2025-8671 | A mismatch caused by client-triggered server-sent stream resets betwee ... | check, some projects will assign own CVEs and should then be covered under that specific CVE instead |
| CVE-2025-8941 | A flaw was found in linux-pam. The pam_namespace module may improperly ... | check if RedHat specific incomplete fix for CVE-2025-6020 |
| CVE-2025-11010 | A vulnerability has been found in vstakhov libucl up to 0.9.2. Affecte ... | check if impacts security wise rspamd, which embeds libucl and uses it a compile time |
| CVE-2025-11147 | Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vuln ... | clarifying with reporter and Eduard Bloch on the issue. |
| CVE-2025-43960 | Adminer 4.8.1, when using Monolog for logging, allows a Denial of Serv ... | check, does not seem to be fixed in 4.8.2 and later versions |
| CVE-2025-45091 | Seafile versions 11.0.18-Pro, 12.0.10, and 12.0.10-Pro are vulnerable ... | check |
| CVE-2025-46205 | A heap-use-after free in the PdfTokenizer::ReadDictionary function of ... | check, no actionable data in CVE report, waiting for upstream |
| CVE-2025-53881 | A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate co ... | check |
| CVE-2025-58064 | CKEditor 5 is a modern JavaScript rich-text editor with an MVC archite ... | check |
| CVE-2025-59830 | Rack is a modular Ruby web server interface. Prior to version 2.2.18, ... | check, might be fixed in upper versions due to refactoring, e.g. f904fff079c7 ("Add `Rack::Request#form_pairs` (#2351)") in v3.2.0 |
| CVE-2025-62518 | astral-tokio-tar is a tar archive reading/writing library for async Ru ... | check completeness |