CVE-2025-62037 updated 1 month, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 2 months ago @LeSuisse dismissed 1 month, 2 weeks ago WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. Affected products togo =<< 1.0.4 Matching in nixpkgs pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-unstable 3 nixpkgs-unstable 3 nixos-unstable-small 3 nixos-25.05 3 nixos-25.05-small 3 nixpkgs-25.05-darwin 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-unstable 3 nixpkgs-unstable 3 nixos-unstable-small 3 nixos-25.05 3 nixos-25.05-small 3 nixpkgs-25.05-darwin 3
CVE-2025-62036 updated 1 month, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 2 months ago @LeSuisse dismissed 1 month, 2 weeks ago WordPress Togo theme < 1.0.4 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. Affected products togo =<< 1.0.4 Matching in nixpkgs pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-unstable 3 nixpkgs-unstable 3 nixos-unstable-small 3 nixos-25.05 3 nixos-25.05-small 3 nixpkgs-25.05-darwin 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-unstable 3 nixpkgs-unstable 3 nixos-unstable-small 3 nixos-25.05 3 nixos-25.05-small 3 nixpkgs-25.05-darwin 3
CVE-2025-62035 updated 1 month, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 2 months ago @LeSuisse dismissed 1 month, 2 weeks ago WordPress Togo theme < 1.0.4 - PHP Object Injection vulnerability Deserialization of Untrusted Data vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. Affected products togo =<< 1.0.4 Matching in nixpkgs pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-unstable 3 nixpkgs-unstable 3 nixos-unstable-small 3 nixos-25.05 3 nixos-25.05-small 3 nixpkgs-25.05-darwin 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-unstable 3 nixpkgs-unstable 3 nixos-unstable-small 3 nixos-25.05 3 nixos-25.05-small 3 nixpkgs-25.05-darwin 3
CVE-2025-54721 updated 1 month, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 2 months ago @LeSuisse dismissed 1 month, 2 weeks ago WordPress Resca theme <= 3.0.2 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Resca resca allows Reflected XSS.This issue affects Resca: from n/a through <= 3.0.2. Affected products resca =<<= 3.0.2 Matching in nixpkgs pkgs.jpegrescan Losslessly shrink any JPEG file nixos-unstable 2019-03-27 nixpkgs-unstable 2019-03-27 nixos-unstable-small 2019-03-27 nixos-25.05 2019-03-27 nixos-25.05-small 2019-03-27 nixpkgs-25.05-darwin 2019-03-27 Package maintainers: 1 @RamKromberg Ram Kromberg <ramkromberg@mail.com>
pkgs.jpegrescan Losslessly shrink any JPEG file nixos-unstable 2019-03-27 nixpkgs-unstable 2019-03-27 nixos-unstable-small 2019-03-27 nixos-25.05 2019-03-27 nixos-25.05-small 2019-03-27 nixpkgs-25.05-darwin 2019-03-27
CVE-2025-64277 updated 1 month, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 2 months ago @LeSuisse dismissed 1 month, 2 weeks ago WordPress ChatBot plugin <= 7.3.9 - Broken Access Control vulnerability Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.3.9. Affected products chatbot =<<= 7.3.9 Matching in nixpkgs pkgs.gnomeExtensions.penguin-ai-chatbot A GNOME Shell extension that provides a chatbot interface using various LLM providers, including Anthropic, OpenAI, Gemini, and OpenRouter. Features include multiple provider support, customizable models, chat history, customizable appearance, a keyboard shortcut, and copy-to-clipboard functionality. nixos-unstable 22 nixpkgs-unstable 22 nixos-unstable-small 22 nixos-25.05 22 nixos-25.05-small 22 nixpkgs-25.05-darwin 22 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.penguin-ai-chatbot A GNOME Shell extension that provides a chatbot interface using various LLM providers, including Anthropic, OpenAI, Gemini, and OpenRouter. Features include multiple provider support, customizable models, chat history, customizable appearance, a keyboard shortcut, and copy-to-clipboard functionality. nixos-unstable 22 nixpkgs-unstable 22 nixos-unstable-small 22 nixos-25.05 22 nixos-25.05-small 22 nixpkgs-25.05-darwin 22
CVE-2025-64259 updated 1 month, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 2 months ago @LeSuisse dismissed 1 month, 2 weeks ago WordPress Theater for WordPress plugin <= 0.18.8 - Broken Access Control vulnerability Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through <= 0.18.8. Affected products theatre =<<= 0.18.8 Matching in nixpkgs pkgs.haskellPackages.theatre-dev Minimalistic actor library experiments nixos-unstable 0.5.0.1 nixpkgs-unstable 0.5.0.1 nixos-unstable-small 0.5.0.1 nixos-25.05 0.5.0.1 nixos-25.05-small 0.5.0.1 nixpkgs-25.05-darwin 0.5.0.1
pkgs.haskellPackages.theatre-dev Minimalistic actor library experiments nixos-unstable 0.5.0.1 nixpkgs-unstable 0.5.0.1 nixos-unstable-small 0.5.0.1 nixos-25.05 0.5.0.1 nixos-25.05-small 0.5.0.1 nixpkgs-25.05-darwin 0.5.0.1
CVE-2025-49251 updated 2 months, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 4 months ago @LeSuisse removed 33 packages grafana grafanactl mcp-grafana grafana-loki grafana-alloy grafana-kiosk grafana-to-ntfy grafana-dash-n-grab dhallPackages.dhall-grafana terraform-providers.grafana python312Packages.grafanalib python313Packages.grafanalib haskellPackages.amazonka-grafana grafanaPlugins.grafana-oncall-app grafanaPlugins.grafana-clock-panel grafanaPlugins.grafana-pyroscope-app grafanaPlugins.grafana-googlesheets-datasource grafanaPlugins.grafana-opensearch-datasource grafanaPlugins.grafana-clickhouse-datasource python313Packages.types-aiobotocore-grafana python312Packages.types-aiobotocore-grafana grafanaPlugins.grafana-metricsdrilldown-app grafanaPlugins.grafana-discourse-datasource grafanaPlugins.grafana-sentry-datasource grafanaPlugins.grafana-github-datasource grafanaPlugins.grafana-exploretraces-app grafanaPlugins.grafana-mqtt-datasource grafanaPlugins.grafana-lokiexplore-app grafanaPlugins.grafana-worldmap-panel grafanaPlugins.grafana-polystat-panel grafanaPlugins.grafana-piechart-panel python313Packages.mypy-boto3-grafana python312Packages.mypy-boto3-grafana 2 months, 2 weeks ago @LeSuisse dismissed 2 months, 2 weeks ago WordPress Fana <= 1.1.28 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Fana allows PHP Local File Inclusion. This issue affects Fana: from n/a through 1.1.28. Affected products fana =<1.1.28 Matching in nixpkgs
CVE-2025-49253 updated 2 months, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 4 months ago @LeSuisse removed 3 packages typstPackages.lasagna_0_1_0 typstPackages.lasaveur_0_1_3 typstPackages.lasaveur_0_1_4 2 months, 2 weeks ago @LeSuisse dismissed 2 months, 2 weeks ago WordPress Lasa <= 1.1 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Lasa allows PHP Local File Inclusion. This issue affects Lasa: from n/a through 1.1. Affected products lasa =<1.1 Matching in nixpkgs
CVE-2025-49259 updated 2 months, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 4 months ago @LeSuisse removed 11 packages charasay gnome-characters keepass-charactercopy unicode-character-database haskellPackages.character-ps coqPackages.mathcomp-character python312Packages.characteristic python313Packages.characteristic magnetophonDSP.CharacterCompressor python312Packages.character-encoding-utils python313Packages.character-encoding-utils 2 months, 2 weeks ago @LeSuisse dismissed 2 months, 2 weeks ago WordPress Hara <= 1.2.10 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Hara allows PHP Local File Inclusion. This issue affects Hara: from n/a through 1.2.10. Affected products hara =<1.2.10 Matching in nixpkgs
CVE-2025-23999 updated 2 months, 2 weeks ago by @LeSuisse Activity log Created automatic suggestion 4 months ago @LeSuisse removed 14 packages kdePackages.breeze kdePackages.breeze-gtk kdePackages.breeze-grub libsForQt5.breeze-icons kdePackages.breeze-icons breeze-hacked-cursor-theme kdePackages.breeze-plymouth python312Packages.seabreeze python313Packages.seabreeze plasma5Packages.breeze-icons kdePackages.qqc2-breeze-style wordpressPackages.plugins.breeze kdePackages.sierra-breeze-enhanced qt6Packages.sierra-breeze-enhanced 2 months, 2 weeks ago @LeSuisse dismissed 2 months, 2 weeks ago WordPress Breeze plugin <= 2.2.13 - Broken Access Control vulnerability Missing Authorization vulnerability in Cloudways Breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through 2.2.13. Affected products breeze =<2.2.13 Matching in nixpkgs