| Bug | Description | Note |
|---|
| CVE-2022-23538 | github.com/sylabs/scs-library-client is the Go client for the Singular ... | check details, might as well affect golang-github-apptainer-container-library-client |
| CVE-2023-26044 | react/http is an event-driven, streaming HTTP client and server implem ... | check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected |
| CVE-2023-49316 | In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ... | check if affecting ldap-account-manager or unused path |
| CVE-2023-50251 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50252 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50262 | Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ... | check sources embedding php-dompdf if affected |
| CVE-2024-3884 | A flaw was found in Undertow that can cause remote denial of service a ... | check |
| CVE-2024-22420 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2024-22421 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2025-4382 | A flaw was found in systems utilizing LUKS-encrypted disks with GRUB c ... | double check if vulnerability only considered present after grub_is_cli_disabled is introduced |
| CVE-2025-4690 | A regular expression used by AngularJS' linky https://docs.angularjs.o ... | check |
| CVE-2025-4953 | A flaw was found in Podman. In a Containerfile or Podman, data written ... | check details |
| CVE-2025-6499 | A vulnerability classified as problematic was found in vstakhov libucl ... | check if impacts security wise rspamd, which embeds libucl and uses it a compile time |
| CVE-2025-8671 | A mismatch caused by client-triggered server-sent stream resets betwee ... | check, some projects will assign own CVEs and should then be covered under that specific CVE instead |
| CVE-2025-8941 | A flaw was found in linux-pam. The pam_namespace module may improperly ... | check if RedHat specific incomplete fix for CVE-2025-6020 |
| CVE-2025-11010 | A vulnerability has been found in vstakhov libucl up to 0.9.2. Affecte ... | check if impacts security wise rspamd, which embeds libucl and uses it a compile time |
| CVE-2025-11147 | Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vuln ... | clarifying with reporter and Eduard Bloch on the issue. |
| CVE-2025-12084 | When building nested elements using xml.dom.minidom methods such as ap ... | check |
| CVE-2025-12383 | In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can ca ... | check |
| CVE-2025-12385 | Allocation of Resources Without Limits or Throttling, Improper Validat ... | check |
| CVE-2025-12744 | A flaw was found in the ABRT daemon\u2019s handling of user-supplied m ... | check |
| CVE-2025-12819 | Untrusted search path in auth_query connection handler in PgBouncer be ... | check |
| CVE-2025-13472 | A fix was made in BlazeMeter Jenkins Plugin version 4.27 to allow user ... | check |
| CVE-2025-13751 | Interactive service agent in OpenVPN version 2.5.0 through 2.7_rc2 on ... | check |
| CVE-2025-13947 | A flaw was found in WebKitGTK. This vulnerability allows remote, user- ... | check |
| CVE-2025-13948 | A vulnerability was determined in opsre go-ldap-admin up to 20251011. ... | check |
| CVE-2025-13992 | Side-channel information leakage in Navigation and Loading in Google C ... | check |
| CVE-2025-29864 | Protection Mechanism Failure vulnerability in ESTsoft ALZip on Windows ... | check |
| CVE-2025-33208 | NVIDIA TAO contains a vulnerability where an attacker may cause a reso ... | check |
| CVE-2025-39665 | User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.4 ... | check |
| CVE-2025-41066 | Horde Groupware v5.2.22 has a user enumeration vulnerability that allo ... | check |
| CVE-2025-50360 | A heap buffer overflow in compiler.c and compiler.h in Pepper language ... | check |
| CVE-2025-50361 | Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL ... | check |
| CVE-2025-54065 | GZDoom is a feature centric port for all Doom engine games. GZDoom is ... | check |
| CVE-2025-55076 | A local privilege escalation vulnerability exists in the InstallationH ... | check |
| CVE-2025-55182 | A pre-authentication remote code execution vulnerability exists in Rea ... | check |
| CVE-2025-58064 | CKEditor 5 is a modern JavaScript rich-text editor with an MVC archite ... | check |
| CVE-2025-60796 | phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting ( ... | check, possibly not reported upstream |
| CVE-2025-60797 | phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability i ... | check, possibly not reported upstream |
| CVE-2025-60798 | phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability i ... | check, possibly not reported upstream |
| CVE-2025-60799 | phpPgAdmin 7.13.0 and earlier contains an incorrect access control vul ... | check, possibly not reported upstream |
| CVE-2025-61261 | A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1 ... | check |
| CVE-2025-62686 | A local privilege escalation vulnerability exists in the Plugin Allian ... | check |
| CVE-2025-65102 | PJSIP is a free and open source multimedia communication library. Prio ... | check, might affect asterisk and ring |
| CVE-2025-65345 | alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Direct ... | check |
| CVE-2025-66035 | Angular is a development platform for building mobile and desktop web ... | check |
| CVE-2025-66412 | Angular is a development platform for building mobile and desktop web ... | check |
| CVE-2025-66433 | HTCondor Access Point before 25.3.1 allows an authenticated user to im ... | check, upstream advisory claims only affects 24.7.3 and above but unclear if only listing supported versions, and no details on fix |