| Bug | Description | Note |
|---|
| CVE-2018-9383 | In asn1_ber_decoder of asn1_decoder.c, there is a possible out of boun ... | check |
| CVE-2018-9389 | In ip6_append_data of ip6_output.c, there is a possible way to achieve ... | check, potentially src:linux upstream and not Android specific |
| CVE-2022-23538 | github.com/sylabs/scs-library-client is the Go client for the Singular ... | check details, might as well affect golang-github-apptainer-container-library-client |
| CVE-2023-24010 | An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 ... | check |
| CVE-2023-24011 | An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 ... | check |
| CVE-2023-24012 | An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 ... | check |
| CVE-2023-26044 | react/http is an event-driven, streaming HTTP client and server implem ... | check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected |
| CVE-2023-49316 | In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ... | check if affecting ldap-account-manager or unused path |
| CVE-2023-50251 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50252 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50262 | Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ... | check sources embedding php-dompdf if affected |
| CVE-2024-22420 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2024-22421 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2024-28180 | Package jose aims to provide an implementation of the Javascript Objec ... | check completeness |
| CVE-2024-36353 | Insufficient clearing of GPU global memory could allow a malicious pro ... | check, AMD GPU related, but unclear if src:linux |
| CVE-2024-44866 | A buffer overflow in the GuitarPro1::read function of MuseScore Studio ... | check |
| CVE-2024-57520 | Insecure Permissions vulnerability in asterisk v22 allows a remote att ... | check upstream awareness and position |
| CVE-2025-23090 | With the aid of the diagnostics_channel utility, an event can be hooke ... | check, seems to be duplicate of CVE-2025-23083, verify it with CNA |
| CVE-2025-29787 | `zip` is a zip library for rust which supports reading and writing of ... | check, might only be introduced in 1.3.0 |
| CVE-2025-29923 | go-redis is the official Redis client library for the Go programming l ... | research introducing commit, might be post 9.5.1 |