⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

Create Draft to queue a suggestion for refinement.

Dismiss to remove a suggestion from the queue.

CVE-2025-31639
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 month, 3 weeks ago
WordPress Spare <= 1.7 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare allows Cross Site Request Forgery. This issue affects Spare: from n/a through 1.7.

spare
=<1.7

pkgs.asciiquarium-transparent

An aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.texlivePackages.transparent

Using a color stack for transparency with pdfTeX

pkgs.texlivePackages.transparent-io

Show for approval the filenames used in input, openin, or openout

pkgs.gnomeExtensions.transparent-topbar

Transparent Topbar with Multi monitors support
  • nixos-24.05 4
    • nixos-24.05-small 4

pkgs.gnomeExtensions.transparent-top-bar

Bring back the transparent top bar when free-floating in GNOME Shell 3.32.

pkgs.asciiquarium-transparent.x86_64-linux

Aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.asciiquarium-transparent.aarch64-linux

Aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.asciiquarium-transparent.x86_64-darwin

Aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.asciiquarium-transparent.aarch64-darwin

Aquarium/sea animation in ASCII art (with option of transparent background)

pkgs.texlivePackages.transparent.x86_64-linux

Using a color stack for transparency with pdfTeX

pkgs.gnomeExtensions.transparent-window-moving

Makes the window semi-transparent when moving or resizing

pkgs.texlivePackages.transparent-io.x86_64-linux

Show for approval the filenames used in input, openin, or openout

pkgs.gnomeExtensions.transparent-topbar.x86_64-linux

Transparent Topbar with Multi monitors support
  • nixos-24.05 4
    • nixpkgs-24.05-darwin 4

pkgs.gnomeExtensions.transparent-top-bar.x86_64-linux

Bring back the transparent top bar when free-floating in GNOME Shell 3.32.

pkgs.gnomeExtensions.transparent-topbar.aarch64-linux

Transparent Topbar with Multi monitors support
  • nixos-24.05 4
    • nixpkgs-24.05-darwin 4

pkgs.gnomeExtensions.transparent-top-bar.aarch64-linux

Bring back the transparent top bar when free-floating in GNOME Shell 3.32.

pkgs.gnomeExtensions.transparent-window-moving.x86_64-linux

Makes the window semi-transparent when moving or resizing

pkgs.gnomeExtensions.transparent-window-moving.aarch64-linux

Makes the window semi-transparent when moving or resizing

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency

Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency.x86_64-linux

Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar

pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency.aarch64-linux

Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar
Package maintainers: 4
CVE-2024-4981
7.6 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
updated 1 month, 3 weeks ago by @mweinelt Activity log
  • Created automatic suggestion
  • @fricklerhandwerk removed
    60 packages
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
    • pkgs.haskellPackages.pagure 0.1.2
  • @mweinelt dismissed
  • @mweinelt marked as untriaged
Pagure: _update_file_in_git() follows symbolic links in temporary clones

A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.

pagure
<5.14.1

pkgs.haskellPackages.pagure.x86_64-linux

Pagure REST client library

pkgs.haskellPackages.pagure.aarch64-linux

Pagure REST client library

pkgs.haskellPackages.pagure.x86_64-darwin

Pagure REST client library

pkgs.haskellPackages.pagure.aarch64-darwin

Pagure REST client library

pkgs.haskellPackages.pagure-cli.x86_64-linux

Pagure client

pkgs.haskellPackages.pagure-cli.aarch64-linux

Pagure client

pkgs.haskellPackages.pagure-cli.x86_64-darwin

Pagure client

pkgs.haskellPackages.pagure-cli.aarch64-darwin

Pagure client
CVE-2024-4982
7.6 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 month, 3 weeks ago
Pagure: path traversal in view_issue_raw_file()

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.

pagure
<5.14.1

pkgs.haskellPackages.pagure.x86_64-linux

Pagure REST client library

pkgs.haskellPackages.pagure.aarch64-linux

Pagure REST client library

pkgs.haskellPackages.pagure.x86_64-darwin

Pagure REST client library

pkgs.haskellPackages.pagure.aarch64-darwin

Pagure REST client library

pkgs.haskellPackages.pagure-cli.x86_64-linux

Pagure client

pkgs.haskellPackages.pagure-cli.aarch64-linux

Pagure client

pkgs.haskellPackages.pagure-cli.x86_64-darwin

Pagure client

pkgs.haskellPackages.pagure-cli.aarch64-darwin

Pagure client
CVE-2024-24762
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 2 months ago
python-multipart vulnerable to content-type header Regular expression Denial of Service

`python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can't handle any more requests, leading to regular expression denial of service. This vulnerability has been patched in version 0.0.7.

fastapi
<0.109.1
startlette
<0.36.2
python-multipart
<0.0.7

pkgs.fastapi-cli

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.fastapi-cli.x86_64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.fastapi-cli.aarch64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.fastapi-cli.x86_64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.fastapi-cli.aarch64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-cli

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-sso

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-cli

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-sso

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python311Packages.fastapi-mail

Module for sending emails and attachments

pkgs.python311Packages.fastapi-cli.x86_64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-sso.x86_64-linux

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-cli.x86_64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-sso.x86_64-linux

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python311Packages.fastapi-cli.aarch64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-cli.x86_64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-sso.aarch64-linux

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python311Packages.fastapi-sso.x86_64-darwin

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-cli.aarch64-linux

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-cli.x86_64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-mail.x86_64-linux

Module for sending emails and attachments

pkgs.python312Packages.fastapi-sso.aarch64-linux

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-sso.x86_64-darwin

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python311Packages.fastapi-cli.aarch64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python311Packages.fastapi-sso.aarch64-darwin

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-cli.aarch64-darwin

Run and manage FastAPI apps from the command line with FastAPI CLI

pkgs.python312Packages.fastapi-mail.aarch64-linux

Module for sending emails and attachments

pkgs.python312Packages.fastapi-mail.x86_64-darwin

Module for sending emails and attachments

pkgs.python312Packages.fastapi-sso.aarch64-darwin

FastAPI plugin to enable SSO to most common providers (such as Facebook login, Google login and login via Microsoft Office 365 Account

pkgs.python312Packages.fastapi-mail.aarch64-darwin

Module for sending emails and attachments

pkgs.python311Packages.python-multipart.x86_64-linux

Streaming multipart parser for Python

pkgs.python311Packages.python-multipart.aarch64-linux

Streaming multipart parser for Python

pkgs.python311Packages.python-multipart.x86_64-darwin

Streaming multipart parser for Python

pkgs.python311Packages.python-multipart.aarch64-darwin

Streaming multipart parser for Python

pkgs.python311Packages.prometheus-fastapi-instrumentator

Instrument FastAPI with Prometheus metrics

pkgs.python312Packages.prometheus-fastapi-instrumentator

Instrument FastAPI with Prometheus metrics

pkgs.python311Packages.opentelemetry-instrumentation-fastapi

OpenTelemetry Instrumentation for fastapi

pkgs.python312Packages.opentelemetry-instrumentation-fastapi

OpenTelemetry Instrumentation for fastapi

pkgs.python311Packages.prometheus-fastapi-instrumentator.x86_64-linux

Instrument FastAPI with Prometheus metrics

pkgs.python312Packages.prometheus-fastapi-instrumentator.x86_64-linux

Instrument FastAPI with Prometheus metrics

pkgs.python311Packages.prometheus-fastapi-instrumentator.aarch64-linux

Instrument FastAPI with Prometheus metrics

pkgs.python312Packages.prometheus-fastapi-instrumentator.aarch64-linux

Instrument FastAPI with Prometheus metrics

pkgs.python312Packages.opentelemetry-instrumentation-fastapi.x86_64-linux

OpenTelemetry Instrumentation for fastapi

pkgs.python311Packages.opentelemetry-instrumentation-fastapi.aarch64-linux

OpenTelemetry Instrumentation for fastapi

pkgs.python311Packages.opentelemetry-instrumentation-fastapi.x86_64-darwin

OpenTelemetry Instrumentation for fastapi

pkgs.python312Packages.opentelemetry-instrumentation-fastapi.aarch64-linux

OpenTelemetry Instrumentation for fastapi

pkgs.python312Packages.opentelemetry-instrumentation-fastapi.x86_64-darwin

OpenTelemetry Instrumentation for fastapi

pkgs.python311Packages.opentelemetry-instrumentation-fastapi.aarch64-darwin

OpenTelemetry Instrumentation for fastapi

pkgs.python312Packages.opentelemetry-instrumentation-fastapi.aarch64-darwin

OpenTelemetry Instrumentation for fastapi
Package maintainers: 7
CVE-2025-47509
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 2 months ago
WordPress Top 10 <= 4.1.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Top 10 allows Stored XSS. This issue affects Top 10: from n/a through 4.1.0.

top-10
=<4.1.0

pkgs.darwin.top

pkgs.budgie.budgie-desktop

A feature-rich, modern desktop designed to keep out the way of the user

pkgs.darwin.top.x86_64-darwin

pkgs.darwin.top.aarch64-darwin

pkgs.gnomeExtensions.pip-on-top

Makes "Picture-in-Picture" windows stay on top (even on Wayland session). Compatible with Firefox, but may work with few other browsers too.

pkgs.budgie-desktop.x86_64-linux

Feature-rich, modern desktop designed to keep out the way of the user

pkgs.budgie-desktop.aarch64-linux

Feature-rich, modern desktop designed to keep out the way of the user

pkgs.gnomeExtensions.show-apps-at-top

Put show apps icon at top in Gnome default dash

pkgs.budgie.budgie-desktop.x86_64-linux

A feature-rich, modern desktop designed to keep out the way of the user

pkgs.budgie.budgie-desktop.aarch64-linux

A feature-rich, modern desktop designed to keep out the way of the user

pkgs.gnomeExtensions.pip-on-top.x86_64-linux

Makes "Picture-in-Picture" windows stay on top (even on Wayland session). Compatible with Firefox, but may work with few other browsers too.

pkgs.gnomeExtensions.pip-on-top.aarch64-linux

Makes "Picture-in-Picture" windows stay on top (even on Wayland session). Compatible with Firefox, but may work with few other browsers too.

pkgs.gnomeExtensions.show-apps-at-top.x86_64-linux

Put show apps icon at top in Gnome default dash

pkgs.gnomeExtensions.show-apps-at-top.aarch64-linux

Put show apps icon at top in Gnome default dash
Package maintainers: 4
CVE-2025-47441
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 2 months ago
WordPress Progress Bar <= 2.2.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Reynolds Progress Bar allows Stored XSS. This issue affects Progress Bar: from n/a through 2.2.3.

progress-bar
=<2.2.3

pkgs.haskellPackages.terminal-progress-bar.x86_64-linux

A progress bar in the terminal

pkgs.haskellPackages.terminal-progress-bar.aarch64-linux

A progress bar in the terminal

pkgs.haskellPackages.terminal-progress-bar.x86_64-darwin

A progress bar in the terminal

pkgs.haskellPackages.terminal-progress-bar.aarch64-darwin

A progress bar in the terminal
CVE-2025-1400
3.1 LOW
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 2 months ago
Out-of-bounds Read in libplctag library

Out-of-bounds Read vulnerability in unpack_response (conn.c) in libplctag from 2.0 through 2.6.3 allows Overread Buffers via network.

libplctag
=<2.6.3

pkgs.libplctag

Library that uses EtherNet/IP or Modbus TCP to read and write tags in PLCs

pkgs.libplctag.x86_64-linux

Library that uses EtherNet/IP or Modbus TCP to read and write tags in PLCs

pkgs.libplctag.aarch64-linux

Library that uses EtherNet/IP or Modbus TCP to read and write tags in PLCs

pkgs.libplctag.x86_64-darwin

Library that uses EtherNet/IP or Modbus TCP to read and write tags in PLCs

pkgs.libplctag.aarch64-darwin

Library that uses EtherNet/IP or Modbus TCP to read and write tags in PLCs
Package maintainers: 1
CVE-2025-31177
6.2 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 2 months ago
Gnuplot: gnuplot heap-buffer overflow on utf8_copy_one

gnuplot is affected by a heap buffer overflow at function utf8_copy_one.

gnuplot
<6.0

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot.x86_64-linux

A portable command-line driven graphing utility for many platforms

pkgs.gnuplot.aarch64-linux

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot.x86_64-darwin

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot.aarch64-darwin

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_qt.x86_64-linux

Portable command-line driven graphing utility for many platforms

pkgs.feedgnuplot.x86_64-linux

General purpose pipe-oriented plotting tool

pkgs.gnuplot_qt.aarch64-linux

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_qt.x86_64-darwin

Portable command-line driven graphing utility for many platforms

pkgs.feedgnuplot.aarch64-linux

General purpose pipe-oriented plotting tool

pkgs.feedgnuplot.x86_64-darwin

General purpose pipe-oriented plotting tool

pkgs.gnuplot_qt.aarch64-darwin

Portable command-line driven graphing utility for many platforms

pkgs.feedgnuplot.aarch64-darwin

General purpose pipe-oriented plotting tool

pkgs.texlivePackages.gnuplottex

Embed Gnuplot commands in LaTeX documents

pkgs.gnuplot_aquaterm.x86_64-linux

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_aquaterm.aarch64-linux

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_aquaterm.x86_64-darwin

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_aquaterm.aarch64-darwin

A portable command-line driven graphing utility for many platforms

pkgs.texlivePackages.context-gnuplot

Inclusion of Gnuplot graphs in ConTeXt

pkgs.haskellPackages.gnuplot.x86_64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.x86_64-darwin

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-darwin

2D and 3D plots using gnuplot

pkgs.texlivePackages.gnuplottex.x86_64-linux

Embed Gnuplot commands in LaTeX documents

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

  • nixos-24.05 ???
    • nixpkgs-24.05-darwin
  • nixos-24.11 ???
    • nixpkgs-24.11-darwin
  • nixos-unstable ???
    • nixos-unstable-small
    • nixpkgs-unstable

pkgs.texlivePackages.context-gnuplot.x86_64-linux

Inclusion of Gnuplot graphs in ConTeXt

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe.x86_64-linux

A simple interface to Gnuplot

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot.x86_64-linux

  • nixos-24.05 ???
    • nixos-24.05-small
  • nixos-24.11 ???
    • nixos-24.11-small
  • nixos-unstable ???

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe.aarch64-linux

A simple interface to Gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe.x86_64-darwin

A simple interface to Gnuplot

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot.aarch64-linux

  • nixos-24.05 ???
    • nixos-24.05-small
  • nixos-24.11 ???
    • nixos-24.11-small
  • nixos-unstable ???

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot.x86_64-darwin

  • nixos-24.05 ???
    • nixos-24.05-small
  • nixos-24.11 ???
    • nixos-24.11-small
  • nixos-unstable ???

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe.aarch64-darwin

A simple interface to Gnuplot

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot.aarch64-darwin

  • nixos-24.05 ???
    • nixos-24.05-small
  • nixos-24.11 ???
    • nixos-24.11-small
  • nixos-unstable ???
Package maintainers: 3
CVE-2022-47599
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 2 months ago
WordPress File Manager Plugin <= 5.2.7 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager.This issue affects File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager: from n/a through 5.2.7.

file-manager
=<5.2.7

pkgs.expidus.file-manager.x86_64-linux

ExpidusOS File Manager

pkgs.expidus.file-manager.aarch64-linux

ExpidusOS File Manager

pkgs.python311Packages.show-in-file-manager

Open the system file manager and select files in it

pkgs.python312Packages.show-in-file-manager

Open the system file manager and select files in it

pkgs.python311Packages.show-in-file-manager.x86_64-linux

Open the system file manager and select files in it

pkgs.python312Packages.show-in-file-manager.x86_64-linux

Open the system file manager and select files in it

pkgs.python311Packages.show-in-file-manager.aarch64-linux

Open the system file manager and select files in it

pkgs.python311Packages.show-in-file-manager.x86_64-darwin

Open the system file manager and select files in it

pkgs.python312Packages.show-in-file-manager.aarch64-linux

Open the system file manager and select files in it

pkgs.python312Packages.show-in-file-manager.x86_64-darwin

Open the system file manager and select files in it

pkgs.python311Packages.show-in-file-manager.aarch64-darwin

Open the system file manager and select files in it

pkgs.python312Packages.show-in-file-manager.aarch64-darwin

Open the system file manager and select files in it
Package maintainers: 2
CVE-2024-12225
9.1 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 2 months ago
Io.quarkus:quarkus-security-webauthn: quarkus webauthn unexpected authentication bypass

A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus WebAuthn module publishes default REST endpoints for registering and logging users in while allowing developers to provide custom REST endpoints. When developers provide custom REST endpoints, the default endpoints remain accessible, potentially allowing attackers to obtain a login cookie that has no corresponding user in the Quarkus application or, depending on how the application is written, could correspond to an existing user that has no relation with the current attacker, allowing anyone to log in as an existing user by just knowing that user's user name.

quarkus
<3.15.3.1
io.quarkus:quarkus-security-webauthn

pkgs.quarkus

Quarkus is a Kubernetes-native Java framework tailored for GraalVM and HotSpot, crafted from best-of-breed Java libraries and standards

pkgs.quarkus.x86_64-linux

Quarkus is a Kubernetes-native Java framework tailored for GraalVM and HotSpot, crafted from best-of-breed Java libraries and standards

pkgs.quarkus.aarch64-linux

Quarkus is a Kubernetes-native Java framework tailored for GraalVM and HotSpot, crafted from best-of-breed Java libraries and standards

pkgs.quarkus.x86_64-darwin

Quarkus is a Kubernetes-native Java framework tailored for GraalVM and HotSpot, crafted from best-of-breed Java libraries and standards

pkgs.quarkus.aarch64-darwin

Quarkus is a Kubernetes-native Java framework tailored for GraalVM and HotSpot, crafted from best-of-breed Java libraries and standards
Package maintainers: 1