| Bug | Description | Note |
|---|
| CVE-2022-23538 | github.com/sylabs/scs-library-client is the Go client for the Singular ... | check details, might as well affect golang-github-apptainer-container-library-client |
| CVE-2022-36028 | Greenlight is an end-user interface for BigBlueButton servers. Version ... | check |
| CVE-2022-36029 | Greenlight is an end-user interface for BigBlueButton servers. Version ... | check |
| CVE-2022-40975 | Missing Authorization vulnerability in Aazztech Post Slider.This issue ... | check |
| CVE-2022-45852 | Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ... | check |
| CVE-2022-48611 | A logic issue was addressed with improved checks. This issue is fixed ... | check |
| CVE-2022-48682 | In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows ... | check |
| CVE-2023-6095 | Vladimir Kononovich, a Security Researcher has found a flaw that allow ... | check |
| CVE-2023-6096 | Vladimir Kononovich, a Security Researcher has found a flaw that using ... | check |
| CVE-2023-6116 | Team ENVY, a Security Research TEAM has found a flaw that allows for a ... | check |
| CVE-2023-6725 | An access-control flaw was found in the OpenStack Designate component ... | check, details unclear |
| CVE-2023-20248 | A vulnerability in the web-based management interface of Cisco TelePre ... | check |
| CVE-2023-20249 | A vulnerability in the web-based management interface of Cisco TelePre ... | check |
| CVE-2023-23976 | Incorrect Default Permissions vulnerability in Metagauss RegistrationM ... | check |
| CVE-2023-23985 | Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This ... | check |
| CVE-2023-23989 | Improper Neutralization of Input During Web Page Generation ('Cross-si ... | check |
| CVE-2023-25785 | Missing Authorization vulnerability in Shoaib Saleem WP Post Rating al ... | check |
| CVE-2023-25790 | Improper Authentication, Improper Neutralization of Input During Web P ... | check |
| CVE-2023-26044 | react/http is an event-driven, streaming HTTP client and server implem ... | check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected |
| CVE-2023-26603 | JumpCloud Agent before 1.178.0 Creates a Temporary File in a Directory ... | check |
| CVE-2023-31090 | Unrestricted Upload of File with Dangerous Type vulnerability in Unlim ... | check |
| CVE-2023-41290 | A path traversal vulnerability has been reported to affect QuFirewall. ... | check |
| CVE-2023-41291 | A path traversal vulnerability has been reported to affect QuFirewall. ... | check |
| CVE-2023-42955 | Claris International has successfully resolved an issue of potentially ... | check |
| CVE-2023-47222 | An exposure of sensitive information vulnerability has been reported t ... | check |
| CVE-2023-47252 | An issue was discovered in PnpSmm in Insyde InsydeH2O with kernel 5.0 ... | check |
| CVE-2023-49316 | In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ... | check if affecting ldap-account-manager or unused path |
| CVE-2023-50251 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50252 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50262 | Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ... | check sources embedding php-dompdf if affected |
| CVE-2023-50361 | A buffer copy without checking size of input vulnerability has been re ... | check |
| CVE-2023-50362 | A buffer copy without checking size of input vulnerability has been re ... | check |
| CVE-2023-50363 | An incorrect authorization vulnerability has been reported to affect s ... | check |
| CVE-2023-50364 | A buffer copy without checking size of input vulnerability has been re ... | check |
| CVE-2023-51364 | A path traversal vulnerability has been reported to affect several QNA ... | check |
| CVE-2023-51365 | A path traversal vulnerability has been reported to affect several QNA ... | check |
| CVE-2023-51482 | Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manag ... | check |
| CVE-2023-51484 | Improper Authentication vulnerability in wp-buy Login as User or Custo ... | check |
| CVE-2023-51794 | Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a ... | check |
| CVE-2023-52220 | Missing Authorization vulnerability in MonsterInsights Google Analytic ... | check |
| CVE-2024-0151 | Insufficient argument checking in Secure state Entry functions in soft ... | check |
| CVE-2024-0740 | Eclipse Target Management: Terminal and Remote System Explorer (RSE) v ... | check |
| CVE-2024-0916 | Unauthenticatedfile upload allows remote code execution. This issue af ... | check |
| CVE-2024-1789 | The WP SMTP plugin for WordPress is vulnerable to SQL Injection via th ... | check |
| CVE-2024-3076 | The MM-email2image WordPress plugin through 0.2.5 does not have CSRF c ... | check |
| CVE-2024-3209 | A vulnerability was found in UPX up to 4.2.2. It has been rated as cri ... | check upstream report status, seems not filled as issue |
| CVE-2024-3682 | The WP STAGING and WP STAGING Pro plugins for WordPress are vulnerable ... | check |
| CVE-2024-3962 | The Product Addons & Fields for WooCommerce plugin for WordPress is vu ... | check |
| CVE-2024-4182 | Mattermost versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and ... | check |
| CVE-2024-4183 | Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x bef ... | check |
| CVE-2024-4195 | Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 ... | check |
| CVE-2024-4198 | Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 ... | check |
| CVE-2024-4234 | Improper Neutralization of Input During Web Page Generation ('Cross-si ... | check |
| CVE-2024-4235 | A vulnerability classified as problematic was found in Netgear DG834Gv ... | check |
| CVE-2024-4236 | A vulnerability, which was classified as critical, has been found in T ... | check |
| CVE-2024-4237 | A vulnerability, which was classified as critical, was found in Tenda ... | check |
| CVE-2024-4238 | A vulnerability has been found in Tenda AX1806 1.0.0.1 and classified ... | check |
| CVE-2024-21002 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ... | check |
| CVE-2024-21003 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ... | check |
| CVE-2024-21004 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ... | check |
| CVE-2024-21005 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ... | check |
| CVE-2024-21905 | An integer overflow or wraparound vulnerability has been reported to a ... | check |
| CVE-2024-22091 | Mattermost versions 8.1.x <= 8.1.10, 9.6.x <= 9.6.0, 9.5.x <= 9.5.2 an ... | check |
| CVE-2024-22373 | An out-of-bounds write vulnerability exists in the JPEG2000Codec::Deco ... | check |
| CVE-2024-22391 | A heap-based buffer overflow vulnerability exists in the LookupTable:: ... | check |
| CVE-2024-22420 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2024-22421 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2024-24856 | The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee ... | check |
| CVE-2024-24862 | In function pci1xxxx_spi_probe, there is a potential null pointer that ... | check |
| CVE-2024-24863 | In malidp_mw_connector_reset, new memory is allocated with kzalloc, bu ... | check |
| CVE-2024-25343 | Tenda N300 F3 router vulnerability allows users to bypass intended sec ... | check |
| CVE-2024-25569 | An out-of-bounds read vulnerability exists in the RAWCodec::DecodeByte ... | check |
| CVE-2024-26256 | libarchive Remote Code Execution Vulnerability | check |
| CVE-2024-27124 | An OS command injection vulnerability has been reported to affect seve ... | check |
| CVE-2024-27280 | Buffer overread vulnerability in StringIO | check details |
| CVE-2024-27282 | | check other versions and fixing commits |
| CVE-2024-27790 | Claris International has resolved an issue of potentially allowing una ... | check |
| CVE-2024-28180 | Package jose aims to provide an implementation of the Javascript Objec ... | check completeness |
| CVE-2024-28325 | Asus RT-N12+ B1 router stores credentials in cleartext, which could al ... | check |
| CVE-2024-28326 | Incorrect Access Control in Asus RT-N12+ B1 routers allows local attac ... | check |
| CVE-2024-28327 | Asus RT-N12+ B1 router stores user passwords in plaintext, which could ... | check |
| CVE-2024-28328 | CSV Injection vulnerability in the Asus RT-N12+ router allows administ ... | check |
| CVE-2024-28718 | An issue in OpenStack magnum yoga-eom version allows a remote attacker ... | check |
| CVE-2024-28836 | An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiati ... | check, missing details |
| CVE-2024-29291 | An issue in Laravel Framework 8 through 11 might allow a remote attack ... | check |
| CVE-2024-30166 | In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ... | check, missing details |
| CVE-2024-32046 | Mattermost versions 9.6.x <= 9.6.0, 9.5.x <= 9.5.2, 9.4.x <= 9.4.4 and ... | check |
| CVE-2024-32404 | Server-Side Template Injection (SSTI) vulnerability in inducer relate ... | check |
| CVE-2024-32406 | Server-Side Template Injection (SSTI) vulnerability in inducer relate ... | check |
| CVE-2024-32473 | Moby is an open source container framework that is a key component of ... | check, said to be specific to the 26.0.0 and 26.0.1 versions but needs double-checking |
| CVE-2024-32476 | Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ... | check |
| CVE-2024-32651 | changedetection.io is an open source web page change detection, websit ... | check |
| CVE-2024-32730 | SAP Enable Now Manager does not perform necessary authorization checks ... | check |
| CVE-2024-32764 | A missing authentication for critical function vulnerability has been ... | check |
| CVE-2024-32766 | An OS command injection vulnerability has been reported to affect seve ... | check |
| CVE-2024-32822 | Missing Authorization vulnerability in impleCode Reviews Plus.This iss ... | check |
| CVE-2024-32826 | Missing Authorization vulnerability in Vektor,Inc. VK Block Patterns.T ... | check |
| CVE-2024-32828 | Missing Authorization vulnerability in Octolize Flexible Shipping.This ... | check |
| CVE-2024-32829 | Missing Authorization vulnerability in Supsystic Data Tables Generator ... | check |
| CVE-2024-32880 | pyload is an open-source Download Manager written in pure Python. An a ... | check |
| CVE-2024-32884 | gitoxide is a pure Rust implementation of Git. `gix-transport` does no ... | check |
| CVE-2024-32957 | Missing Authorization vulnerability in Live Composer Team Page Builder ... | check |
| CVE-2024-33255 | Jerryscript commit cefd391 was discovered to contain an Assertion Fail ... | check |
| CVE-2024-33258 | Jerryscript commit ff9ff8f was discovered to contain a segmentation vi ... | check |
| CVE-2024-33259 | Jerryscript commit cefd391 was discovered to contain a segmentation vi ... | check |
| CVE-2024-33260 | Jerryscript commit cefd391 was discovered to contain a segmentation vi ... | check |
| CVE-2024-33263 | QuickJS commit 3b45d15 was discovered to contain an Assertion Failure ... | check |
| CVE-2024-33342 | D-Link DIR-822+ V1.0.5 was found to contain a command injection in Set ... | check |
| CVE-2024-33343 | D-Link DIR-822+ V1.0.5 was found to contain a command injection in Chg ... | check |
| CVE-2024-33344 | D-Link DIR-822+ V1.0.5 was found to contain a command injection in fte ... | check |
| CVE-2024-33665 | angular-translate through 2.19.1 allows XSS via a crafted key that is ... | check |
| CVE-2024-33677 | Cross-Site Request Forgery (CSRF) vulnerability in Renzo Johnson Conta ... | check |
| CVE-2024-33678 | Cross-Site Request Forgery (CSRF) vulnerability in ClickCease ClickCea ... | check |
| CVE-2024-33679 | Cross-Site Request Forgery (CSRF) vulnerability in FameThemes FameThem ... | check |
| CVE-2024-33680 | Cross-Site Request Forgery (CSRF) vulnerability in MainWP MainWP Child ... | check |
| CVE-2024-33682 | Cross-Site Request Forgery (CSRF) vulnerability in Cookie Information ... | check |
| CVE-2024-33683 | Cross-Site Request Forgery (CSRF) vulnerability in WP Republic Hide Da ... | check |
| CVE-2024-33688 | Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Telur ... | check |
| CVE-2024-33689 | Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli, Tony Ha ... | check |
| CVE-2024-33690 | Cross-Site Request Forgery (CSRF) vulnerability in Jegstudio Financio. ... | check |
| CVE-2024-33691 | Cross-Site Request Forgery (CSRF) vulnerability in OptinMonster Popup ... | check |
| CVE-2024-33692 | Improper Neutralization of Input During Web Page Generation ('Cross-si ... | check |
| CVE-2024-33693 | Improper Neutralization of Input During Web Page Generation ('Cross-si ... | check |
| CVE-2024-33694 | Improper Neutralization of Input During Web Page Generation ('Cross-si ... | check |
| CVE-2024-33695 | Improper Neutralization of Input During Web Page Generation ('Cross-si ... | check |
| CVE-2024-33696 | Improper Neutralization of Input During Web Page Generation ('Cross-si ... | check |
| CVE-2024-33697 | Improper Neutralization of Input During Web Page Generation ('Cross-si ... | check |