Automatically generated suggestions

Create Draft to queue a suggestion for refinement.

Dismiss to remove a suggestion from the queue.

CVE-2025-23395
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 2 months, 2 weeks ago
Local root exploit via `logfile_reopen()` in screen 5.0.0 with setuid-root bit set

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user's (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges

screen
=<5.0.0

pkgs.screen

Window manager that multiplexes a physical terminal

pkgs.yascreen

Curses replacement for daemons and embedded apps

pkgs.screenkey

Screencast tool to display your keys inspired by Screenflick

pkgs.screentest

Simple screen testing tool

pkgs.vokoscreen

Simple GUI screencast recorder, using ffmpeg

pkgs.gscreenshot

Screenshot frontend (CLI and GUI) for a variety of screenshot backends

pkgs.qscreenshot

Simple creation and editing of screenshots

pkgs.screen-pipe

Personalized AI powered by what you've seen, said, or heard

pkgs.screenfetch

Fetches system/theme information in terminal for Linux desktop screenshots

pkgs.screenconfig

Automatic configuration of connected screens/monitors

pkgs.screenly-cli

Tools for managing digital signs and screens at scale

pkgs.wl-screenrec

High performance wlroots screen recording, featuring hardware encoding

pkgs.xscreenruler

Simple screen ruler using xlib

pkgs.xscreensaver

Set of screensavers

pkgs.vokoscreen-ng

User friendly Open Source screencaster for Linux and Windows

pkgs.gh-screensaver

gh extension with animated terminal screensavers

pkgs.screen-message

Displays a short text fullscreen in an X11 window

pkgs.lxqt.screengrab

Crossplatform tool for fast making screenshots

pkgs.multilockscreen

Wrapper script for i3lock-color

pkgs.rofi-screenshot

Use rofi to perform various types of screenshots and screen captures

pkgs.betterlockscreen

Fast and sweet looking lockscreen for linux systems with effects

pkgs.gnome-screenshot

Utility used in the GNOME desktop environment for taking screenshots

pkgs.imgur-screenshot

Tool for easy screencapping and uploading to imgur

pkgs.cosmic-screenshot

Screenshot tool for the COSMIC Desktop Environment

pkgs.budgie-screensaver

Fork of old GNOME Screensaver for purposes of providing an authentication prompt on wake

pkgs.lxgw-wenkai-screen

LXGW WenKai font optimized for screen reading

pkgs.discord-screenaudio

Custom discord client that supports streaming with audio on Linux

pkgs.gpu-screen-recorder

Screen recorder that has minimal impact on system performance by recording a window using the GPU only

pkgs.kdePackages.kscreen

KDE's screen management software

pkgs.cinnamon-screensaver

Cinnamon screen locker and screensaver program

pkgs.mpd-touch-screen-gui

Small MPD client that let's you view covers and has controls suitable for small touchscreens

pkgs.mate.mate-screensaver

Screen saver and locker for the MATE desktop

pkgs.asus-wmi-screenpad-ctl

Brightness control program for the asus-wmi-screenpad kernel module

pkgs.kdePackages.libkscreen

KDE's screen management software

pkgs.ssh-askpass-fullscreen

Small, fullscreen SSH askpass GUI using GTK+2

pkgs.xfce.xfce4-screensaver

Screensaver for Xfce

pkgs.gaugePlugins.screenshot

Gauge plugin to take screenshots

pkgs.gpu-screen-recorder-gtk

GTK frontend for gpu-screen-recorder

pkgs.xorg.fontscreencyrillic

pkgs.xfce.xfce4-screenshooter

Screenshot utility for the Xfce desktop

pkgs.kdePackages.kscreenlocker

Library and components for secure lock screen architecture

pkgs.haskellPackages.silkscreen

Prettyprinting transformers

pkgs.python312Packages.npyscreen

Framework for developing console applications using Python and curses

pkgs.python312Packages.oscscreen

Framework for developing console applications using Python and curses

pkgs.python313Packages.npyscreen

Framework for developing console applications using Python and curses

pkgs.python313Packages.oscscreen

Framework for developing console applications using Python and curses

pkgs.python312Packages.screeninfo

Fetch location and size of physical screens

pkgs.python313Packages.screeninfo

Fetch location and size of physical screens

pkgs.gnomeExtensions.screen-rotate

Enable screen rotation regardless of touch mode. Fork of Screen Autorotate by Kosmospredanie.

pkgs.gnomeExtensions.screen-rotator

Allows you to quickly rotate the screen.

pkgs.pantheon.elementary-screenshot

Screenshot tool designed for elementary OS

pkgs.python312Packages.pyscreenshot

Python screenshot

pkgs.python313Packages.pyscreenshot

Python screenshot

pkgs.gnomeExtensions.screenshort-cut

A simple shortcut to take screenshots directly on your top bar!

pkgs.gnomeExtensions.screenshot-tool

Conveniently create, copy, store and upload screenshots. Please log out and log in again after updating.

pkgs.python312Packages.screenlogicpy

Python interface for Pentair Screenlogic devices

pkgs.python313Packages.screenlogicpy

Python interface for Pentair Screenlogic devices

pkgs.gnomeExtensions.fullscreen-button

A button in the status bar to expand current window to fullscreen. Useful for tablets.

pkgs.gnomeExtensions.fullscreen-avoider

Moves the top panel to the secondary monitor if the primary is in fullscreen

pkgs.kodiPackages.screensaver-asteroids

Screensaver that plays Asteroids

pkgs.gnomeExtensions.hide-screen-sharing

Hide Screen Sharing. Useful for software KVMs that always show screen sharing like Desk Flow, Input-Leap, Barrier, etc...

pkgs.gnomeExtensions.move-to-next-screen

Adds a keyboard shortcut to move the current window to the next screen

pkgs.gnomeExtensions.lockscreen-extension

Customize GNOME's Lockscreen

pkgs.gnomeExtensions.move-take-screenshot

Move the 'Take Screenshot' menu item so Alt_Space-Space does what it used to.

pkgs.gnomeExtensions.fullscreen-hot-corner

Enables hot corner in fullscreen mode

pkgs.gnomeExtensions.screen-word-translate

Translate word on the screen.

pkgs.gnomeExtensions.auto-screen-brightness

Automatically switch the screen brightness depending on the power supply status

pkgs.obs-studio-plugins.obs-dvd-screensaver

DVD screen saver for OBS Studio

pkgs.gnomeExtensions.screenshot-window-sizer

Resize windows for GNOME Software screenshots with Ctrl+Alt+s shortcut

pkgs.haskellPackages.screenshot-to-clipboard

Take screenshot and copy it to the system clipboard

pkgs.gnomeExtensions.fullscreen-notifications

Enables all notifications in fullscreen mode

pkgs.gnomeExtensions.peek-top-bar-on-fullscreen

Show the top bar (panel) on demand while having full screen content on (like a YouTube video). Just hover the mouse cursor to the top of the screen, and the panel will show up. This way, you can quickly check the time, or swich some toggles. This is similar to what macOS offers for full screen apps.

pkgs.home-assistant-component-tests.screenlogic

Open source home automation that puts local control and privacy first

pkgs.gnomeExtensions.primary-input-on-lockscreen

Automatically change the keyboard layout on the lock screen to the primary one.

pkgs.gnomeExtensions.fullscreen-to-empty-workspace

New, maximized and fullscreen windows will be moved to empty workspaces.

pkgs.gnomeExtensions.customize-clock-on-lock-screen

Customize Clock on Lock Screen.

pkgs.gnomeExtensions.fullscreen-to-empty-workspace-2

New, maximized and fullscreen windows will be moved to empty workspaces.

pkgs.gnomeExtensions.disable-unredirect-fullscreen-windows

Disables unredirect fullscreen windows in gnome-shell to workaround a bug when clicking on full screen windows goes through to windows underneath. This also happens to fix screen tearing in full-screen windows.

pkgs.gnomeExtensions.do-not-disturb-while-screen-sharing-or-recording

Automatically switches on the "Do Not Disturb" mode while screen sharing or screen recording. As soon as screen sharing/recording is over, "Do Not Disturb" mode will be switched back off.
Package maintainers: 72
CVE-2025-46802
6.0 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 2 months, 2 weeks ago
Temporary chown() of users' TTY to mode 0666 allows PTY hijacking in screen

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

screen
<4.6.2-150000.5.8.1

pkgs.screen

Window manager that multiplexes a physical terminal

pkgs.yascreen

Curses replacement for daemons and embedded apps

pkgs.screenkey

Screencast tool to display your keys inspired by Screenflick

pkgs.screentest

Simple screen testing tool

pkgs.vokoscreen

Simple GUI screencast recorder, using ffmpeg

pkgs.gscreenshot

Screenshot frontend (CLI and GUI) for a variety of screenshot backends

pkgs.qscreenshot

Simple creation and editing of screenshots

pkgs.screen-pipe

Personalized AI powered by what you've seen, said, or heard

pkgs.screenfetch

Fetches system/theme information in terminal for Linux desktop screenshots

pkgs.screenconfig

Automatic configuration of connected screens/monitors

pkgs.screenly-cli

Tools for managing digital signs and screens at scale

pkgs.wl-screenrec

High performance wlroots screen recording, featuring hardware encoding

pkgs.xscreenruler

Simple screen ruler using xlib

pkgs.xscreensaver

Set of screensavers

pkgs.vokoscreen-ng

User friendly Open Source screencaster for Linux and Windows

pkgs.gh-screensaver

gh extension with animated terminal screensavers

pkgs.screen-message

Displays a short text fullscreen in an X11 window

pkgs.lxqt.screengrab

Crossplatform tool for fast making screenshots

pkgs.multilockscreen

Wrapper script for i3lock-color

pkgs.rofi-screenshot

Use rofi to perform various types of screenshots and screen captures

pkgs.betterlockscreen

Fast and sweet looking lockscreen for linux systems with effects

pkgs.gnome-screenshot

Utility used in the GNOME desktop environment for taking screenshots

pkgs.imgur-screenshot

Tool for easy screencapping and uploading to imgur

pkgs.cosmic-screenshot

Screenshot tool for the COSMIC Desktop Environment

pkgs.budgie-screensaver

Fork of old GNOME Screensaver for purposes of providing an authentication prompt on wake

pkgs.lxgw-wenkai-screen

LXGW WenKai font optimized for screen reading

pkgs.discord-screenaudio

Custom discord client that supports streaming with audio on Linux

pkgs.gpu-screen-recorder

Screen recorder that has minimal impact on system performance by recording a window using the GPU only

pkgs.kdePackages.kscreen

KDE's screen management software

pkgs.cinnamon-screensaver

Cinnamon screen locker and screensaver program

pkgs.mpd-touch-screen-gui

Small MPD client that let's you view covers and has controls suitable for small touchscreens

pkgs.mate.mate-screensaver

Screen saver and locker for the MATE desktop

pkgs.asus-wmi-screenpad-ctl

Brightness control program for the asus-wmi-screenpad kernel module

pkgs.kdePackages.libkscreen

KDE's screen management software

pkgs.ssh-askpass-fullscreen

Small, fullscreen SSH askpass GUI using GTK+2

pkgs.xfce.xfce4-screensaver

Screensaver for Xfce

pkgs.gaugePlugins.screenshot

Gauge plugin to take screenshots

pkgs.gpu-screen-recorder-gtk

GTK frontend for gpu-screen-recorder

pkgs.xorg.fontscreencyrillic

pkgs.xfce.xfce4-screenshooter

Screenshot utility for the Xfce desktop

pkgs.kdePackages.kscreenlocker

Library and components for secure lock screen architecture

pkgs.haskellPackages.silkscreen

Prettyprinting transformers

pkgs.python312Packages.npyscreen

Framework for developing console applications using Python and curses

pkgs.python312Packages.oscscreen

Framework for developing console applications using Python and curses

pkgs.python313Packages.npyscreen

Framework for developing console applications using Python and curses

pkgs.python313Packages.oscscreen

Framework for developing console applications using Python and curses

pkgs.python312Packages.screeninfo

Fetch location and size of physical screens

pkgs.python313Packages.screeninfo

Fetch location and size of physical screens

pkgs.gnomeExtensions.screen-rotate

Enable screen rotation regardless of touch mode. Fork of Screen Autorotate by Kosmospredanie.

pkgs.gnomeExtensions.screen-rotator

Allows you to quickly rotate the screen.

pkgs.pantheon.elementary-screenshot

Screenshot tool designed for elementary OS

pkgs.python312Packages.pyscreenshot

Python screenshot

pkgs.python313Packages.pyscreenshot

Python screenshot

pkgs.gnomeExtensions.screenshort-cut

A simple shortcut to take screenshots directly on your top bar!

pkgs.gnomeExtensions.screenshot-tool

Conveniently create, copy, store and upload screenshots. Please log out and log in again after updating.

pkgs.python312Packages.screenlogicpy

Python interface for Pentair Screenlogic devices

pkgs.python313Packages.screenlogicpy

Python interface for Pentair Screenlogic devices

pkgs.gnomeExtensions.fullscreen-button

A button in the status bar to expand current window to fullscreen. Useful for tablets.

pkgs.gnomeExtensions.fullscreen-avoider

Moves the top panel to the secondary monitor if the primary is in fullscreen

pkgs.kodiPackages.screensaver-asteroids

Screensaver that plays Asteroids

pkgs.gnomeExtensions.hide-screen-sharing

Hide Screen Sharing. Useful for software KVMs that always show screen sharing like Desk Flow, Input-Leap, Barrier, etc...

pkgs.gnomeExtensions.move-to-next-screen

Adds a keyboard shortcut to move the current window to the next screen

pkgs.gnomeExtensions.lockscreen-extension

Customize GNOME's Lockscreen

pkgs.gnomeExtensions.move-take-screenshot

Move the 'Take Screenshot' menu item so Alt_Space-Space does what it used to.

pkgs.gnomeExtensions.fullscreen-hot-corner

Enables hot corner in fullscreen mode

pkgs.gnomeExtensions.screen-word-translate

Translate word on the screen.

pkgs.gnomeExtensions.auto-screen-brightness

Automatically switch the screen brightness depending on the power supply status

pkgs.obs-studio-plugins.obs-dvd-screensaver

DVD screen saver for OBS Studio

pkgs.gnomeExtensions.screenshot-window-sizer

Resize windows for GNOME Software screenshots with Ctrl+Alt+s shortcut

pkgs.haskellPackages.screenshot-to-clipboard

Take screenshot and copy it to the system clipboard

pkgs.gnomeExtensions.fullscreen-notifications

Enables all notifications in fullscreen mode

pkgs.gnomeExtensions.peek-top-bar-on-fullscreen

Show the top bar (panel) on demand while having full screen content on (like a YouTube video). Just hover the mouse cursor to the top of the screen, and the panel will show up. This way, you can quickly check the time, or swich some toggles. This is similar to what macOS offers for full screen apps.

pkgs.home-assistant-component-tests.screenlogic

Open source home automation that puts local control and privacy first

pkgs.gnomeExtensions.primary-input-on-lockscreen

Automatically change the keyboard layout on the lock screen to the primary one.

pkgs.gnomeExtensions.fullscreen-to-empty-workspace

New, maximized and fullscreen windows will be moved to empty workspaces.

pkgs.gnomeExtensions.customize-clock-on-lock-screen

Customize Clock on Lock Screen.

pkgs.gnomeExtensions.fullscreen-to-empty-workspace-2

New, maximized and fullscreen windows will be moved to empty workspaces.

pkgs.gnomeExtensions.disable-unredirect-fullscreen-windows

Disables unredirect fullscreen windows in gnome-shell to workaround a bug when clicking on full screen windows goes through to windows underneath. This also happens to fix screen tearing in full-screen windows.

pkgs.gnomeExtensions.do-not-disturb-while-screen-sharing-or-recording

Automatically switches on the "Do Not Disturb" mode while screen sharing or screen recording. As soon as screen sharing/recording is over, "Do Not Disturb" mode will be switched back off.
Package maintainers: 72
CVE-2025-31049
9.8 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 2 months, 2 weeks ago
WordPress Dash <= 1.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3.

dash
=<1.3

pkgs.dash

POSIX-compliant implementation of /bin/sh that aims to be as small as possible

pkgs.dasht

Search API docs offline, in terminal or browser

pkgs.kdash

Simple and fast dashboard for Kubernetes

pkgs.dasher

Information-efficient text-entry interface, driven by natural continuous pointing gestures

pkgs.iodash

Lightweight C++ I/O library for POSIX operation systems

pkgs.wldash

Wayland launcher/dashboard

pkgs.dashing

Dash Generator Script for Any HTML

pkgs.gh-dash

Github Cli extension to display a dashboard with pull requests and issues

pkgs.dash-mpd-cli

Download media content from a DASH-MPEG or DASH-WebM MPD manifest

pkgs.riemann-dash

Javascript, websockets-powered dashboard for Riemann

pkgs.gdb-dashboard

Modular visual interface for GDB in Python
  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.helm-dashboard

Simplified way of working with Helm

pkgs.xfce.xfdashboard

GNOME shell like dashboard

pkgs.netbird-dashboard

NetBird Management Service Web UI Panel

pkgs.homepage-dashboard

Highly customisable dashboard with Docker and service API integrations

pkgs.grafana-dash-n-grab

Grafana Dash-n-Grab (gdg) -- backup and restore Grafana dashboards, datasources, and other entities

pkgs.python312Packages.dash

Python framework for building analytical web applications

pkgs.python313Packages.dash

Python framework for building analytical web applications

pkgs.tests.writers.bin.dash

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.gnomeExtensions.dashbar

NOT MAINTAINED ANYMORE

pkgs.python312Packages.pydash

Python utility libraries for doing stuff in a functional way

pkgs.python313Packages.pydash

Python utility libraries for doing stuff in a functional way

pkgs.python312Packages.dashing

Terminal dashboards for Python

pkgs.python313Packages.dashing

Terminal dashboards for Python

pkgs.tests.writers.simple.dash

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.python312Packages.mpegdash

MPEG-DASH MPD(Media Presentation Description) Parser

pkgs.python313Packages.mpegdash

MPEG-DASH MPD(Media Presentation Description) Parser

pkgs.gnomeExtensions.dash-to-dock

pkgs.python312Packages.dash-table

First-Class Interactive DataTable for Dash

pkgs.python313Packages.dash-table

First-Class Interactive DataTable for Dash

pkgs.gnomeExtensions.dash-in-panel

Dash in top panel.

pkgs.gnomeExtensions.dash-to-panel

An icon taskbar for the Gnome Shell. This extension moves the dash into the gnome main panel so that the application launchers and system tray are combined into a single panel, similar to that found in KDE Plasma and Windows 7+. A separate dock is no longer needed for easy access to running and favorited applications.

pkgs.gnomeExtensions.dash2dock-lite

The Animated & Effectful Dock

pkgs.gnomeExtensions.dock-from-dash

Dock using native GNOME Shell Dash.

pkgs.typstPackages.dashy-todo_0_0_1

A method to display TODOs at the side of the page

pkgs.typstPackages.dashy-todo_0_0_2

A method to display TODOs at the side of the page

pkgs.typstPackages.dashy-todo_0_0_3

A method to display TODOs at the side of the page

pkgs.gnomeExtensions.dash-to-panel-menu

Dash to panel menu. Fork from Favorites Menu by cvine. https://extensions.gnome.org/extension/115/favorites-menu/

pkgs.python312Packages.karton-dashboard

Web application that allows for Karton task and queue introspection

pkgs.python312Packages.optuna-dashboard

Real-time Web Dashboard for Optuna

pkgs.python313Packages.karton-dashboard

Web application that allows for Karton task and queue introspection

pkgs.python313Packages.optuna-dashboard

Real-time Web Dashboard for Optuna

pkgs.typstPackages.dashing-dept-news_0_1_0

Share the news with bold graphic design and a modern layout

pkgs.typstPackages.dashing-dept-news_0_1_1

Share the news with bold graphic design and a modern layout

pkgs.python312Packages.dash-core-components

Dash component starter pack

pkgs.python312Packages.dash-html-components

HTML components for Dash

pkgs.python313Packages.dash-core-components

Dash component starter pack

pkgs.python313Packages.dash-html-components

HTML components for Dash

pkgs.gnomeExtensions.dash-to-dock-workaround

Quick fix for the https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-ubuntu-dock/+bug/1961508

pkgs.python312Packages.esphome-dashboard-api

API to interact with ESPHome Dashboard

pkgs.python313Packages.esphome-dashboard-api

API to interact with ESPHome Dashboard

pkgs.python312Packages.dash-bootstrap-templates

Collection of 52 Plotly figure templates with a Bootstrap theme

pkgs.python313Packages.dash-bootstrap-templates

Collection of 52 Plotly figure templates with a Bootstrap theme

pkgs.python312Packages.dash-bootstrap-components

Bootstrap components for Plotly Dash

pkgs.python313Packages.dash-bootstrap-components

Bootstrap components for Plotly Dash

pkgs.buildbotPackages.buildbot-plugins.wsgi-dashboards

Buildbot WSGI dashboards Plugin
Package maintainers: 31
CVE-2025-32286
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 2 months, 2 weeks ago
WordPress Butcher <= 2.40 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusTheme Butcher allows PHP Local File Inclusion. This issue affects Butcher: from n/a through 2.40.

butcher
=<2.40

pkgs.haskellPackages.butcher

Chops a command or program invocation into digestable pieces
CVE-2025-32293
8.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 2 months, 2 weeks ago
WordPress Finance Consultant <= 2.8 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Finance Consultant allows Object Injection. This issue affects Finance Consultant: from n/a through 2.8.

finance
=<2.8

pkgs.python312Packages.yfinance

Module to doiwnload Yahoo! Finance market data

pkgs.python313Packages.yfinance

Module to doiwnload Yahoo! Finance market data

pkgs.python312Packages.mplfinance

Matplotlib utilities for the visualization, and visual analysis, of financial data

pkgs.python313Packages.mplfinance

Matplotlib utilities for the visualization, and visual analysis, of financial data

pkgs.python312Packages.finvizfinance

Finviz Finance information downloader

pkgs.python313Packages.finvizfinance

Finviz Finance information downloader
Package maintainers: 2
CVE-2025-32285
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 2 months, 2 weeks ago
WordPress Butcher theme <= 2.40 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ApusTheme Butcher allows Reflected XSS. This issue affects Butcher: from n/a through 2.40.

butcher
=<2.40

pkgs.haskellPackages.butcher

Chops a command or program invocation into digestable pieces
CVE-2018-25110 created 2 months, 2 weeks ago
Regular Expression Denial of Service (ReDoS) in markedjs/marked

Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used for parsing HTML tags and markdown links. An attacker can exploit this vulnerability by providing specially crafted markdown input, such as deeply nested or repetitively structured brackets or tag attributes, which cause the parser to hang and lead to a Denial of Service.

marked
<0.3.17

pkgs.marked-man

Markdown to roff wrapper around marked

pkgs.haskellPackages.yaml-marked

Support for parsing and rendering YAML documents with marks
Package maintainers: 1
CVE-2025-46448
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 2 months, 2 weeks ago
WordPress Document Management System <= 1.24 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reifsnyderb Document Management System allows Reflected XSS. This issue affects Document Management System: from n/a through 1.24.

dms
=<1.24

pkgs.dms

UPnP DLNA Digital Media Server with basic video transcoding

pkgs.adms

Automatic device model synthesizer

pkgs.dmsdos

Linux utilities to handle dos/win95 doublespace/drivespace/stacker

pkgs.python312Packages.dmsuite

Scientific library providing a collection of spectral collocation differentiation matrices

pkgs.python313Packages.dmsuite

Scientific library providing a collection of spectral collocation differentiation matrices

pkgs.haskellPackages.amazonka-dms

Amazon Database Migration Service SDK

pkgs.python312Packages.ndms2-client

Keenetic NDMS 2.x and 3.x client

pkgs.python313Packages.ndms2-client

Keenetic NDMS 2.x and 3.x client

pkgs.azure-cli-extensions.dms-preview

Support for new Database Migration Service scenarios

pkgs.python312Packages.mypy-boto3-dms

Type annotations for boto3 dms

pkgs.python313Packages.mypy-boto3-dms

Type annotations for boto3 dms

pkgs.home-assistant-component-tests.dlna_dms

Open source home automation that puts local control and privacy first

pkgs.python312Packages.types-aiobotocore-dms

Type annotations for aiobotocore dms

pkgs.python313Packages.types-aiobotocore-dms

Type annotations for aiobotocore dms

pkgs.home-assistant-component-tests.keenetic_ndms2

Open source home automation that puts local control and privacy first
Package maintainers: 10
CVE-2025-5024
7.4 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 2 months, 2 weeks ago
Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.

gnome-remote-desktop
*

pkgs.gnome-remote-desktop

GNOME Remote Desktop server
Package maintainers: 4
CVE-2025-2241
8.2 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 2 months, 2 weeks ago
Hive: exposure of vcenter credentials via clusterprovision in hive / mce / acm

A flaw was found in Hive, a component of Multicluster Engine (MCE) and Advanced Cluster Management (ACM). This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract sensitive credentials even if they do not have direct access to Kubernetes Secrets. This issue can lead to unauthorized VCenter access, cluster management, and privilege escalation.

hive
=<1.1.16
rhacm2/cluster-backup-rhel8-operator
rhacm2/cluster-backup-rhel9-operator
multicluster-engine/multicloud-manager-rhel8

pkgs.hivex

Windows registry hive extraction library

pkgs.enchive

Encrypted personal archives

pkgs.archiver

Easily create & extract archives, and compress & decompress files of various formats

pkgs.hivemind

Process manager for Procfile-based applications

pkgs.zarchive

File archive format supporting random-access reads

pkgs.xarchiver

GTK frontend to 7z,zip,rar,tar,bzip2, gzip,arj, lha, rpm and deb (open and extract only)

pkgs.ytarchive

Garbage Youtube livestream downloader

pkgs.disarchive

Disassemble software into data and metadata

pkgs.fsarchiver

File system archiver for linux

pkgs.libarchive

Multi-format archive and compression library

pkgs.tg-archive

Tool for exporting Telegram group chats into static websites like mailing list archives

pkgs.archivemount

Gateway between FUSE and libarchive: allows mounting of cpio, .tar.gz, .tar.bz2 archives

pkgs.fuse-archive

Serve an archive or a compressed file as a read-only FUSE file system

pkgs.jpeg-archive

Utilities for archiving photos for saving to long term storage or serving over the web

pkgs.web-archives

Web archives reader offering the ability to browse offline millions of articles

pkgs.hivelytracker

Chip music tracker based upon the AHX format

pkgs.libarchive-qt

Qt based archiving solution with libarchive backend

pkgs.lparchive2epub

Transform any LP from lparchive into an epub document

pkgs.the-unarchiver

Unpacks archive files

pkgs.git-archive-all

Archive a repository with all its submodules

pkgs.internetarchive

Python and Command-Line Interface to Archive.org

pkgs.autoconf-archive

Archive of autoconf m4 macros

pkgs.guile-disarchive

Disassemble software into data and metadata

pkgs.mastodon-archive

Utility for backing up your Mastodon content

pkgs.mlarchive2maildir

Imports mail from (pipermail) archives into a maildir

pkgs.lxqt.lxqt-archiver

Archive tool for the LXQt desktop environment

pkgs.libsForQt5.karchive

pkgs.php81Packages.phive

Phar Installation and Verification Environment (PHIVE)

pkgs.php82Packages.phive

Phar Installation and Verification Environment (PHIVE)

pkgs.php83Packages.phive

Phar Installation and Verification Environment (PHIVE)

pkgs.php84Packages.phive

Phar Installation and Verification Environment (PHIVE)

pkgs.kdePackages.karchive

Qt addon providing access to numerous types of archives

pkgs.CuboCore.corearchiver

Archiver from the C Suite to create and extract archives

pkgs.stripJavaArchivesHook

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.canonicalize-jars-hook

  • nixos-unstable ???
    • nixpkgs-unstable

pkgs.perlPackages.ArchiveTar

Manipulates TAR archives

pkgs.perlPackages.ArchiveCpio

Module for manipulations of cpio archives

pkgs.plasma5Packages.karchive

pkgs.wayback-machine-archiver

Python script to submit web pages to the Wayback Machine for archiving

pkgs.kodiPackages.archive_tool

Set of common python functions to work with the Kodi archive virtual file system (vfs) binary addons

pkgs.haskellPackages.libarchive

Haskell interface to libarchive

pkgs.perl538Packages.ArchiveTar

Manipulates TAR archives

pkgs.perl540Packages.ArchiveTar

Manipulates TAR archives

pkgs.xfce.thunar-archive-plugin

Thunar plugin providing file context menus for archives

pkgs.haskellPackages.archive-sig

Backpack signature for archive libraries

pkgs.haskellPackages.archive-tar

Common interface using the tar package

pkgs.haskellPackages.zip-archive

Library for creating and modifying zip archives

pkgs.kodiPackages.vfs-libarchive

LibArchive Virtual Filesystem add-on for Kodi

pkgs.perl538Packages.ArchiveCpio

Module for manipulations of cpio archives

pkgs.perl540Packages.ArchiveCpio

Module for manipulations of cpio archives

pkgs.perlPackages.ArchiveAnyLite

Simple CPAN package extractor

pkgs.perlPackages.ArchiveExtract

Generic archive extracting mechanism

pkgs.terraform-providers.archive

pkgs.perlPackages.ArchiveZip_1_53

Provide an interface to ZIP archive files

pkgs.rubyPackages.jekyll-archives

pkgs.perl538Packages.ArchiveAnyLite

Simple CPAN package extractor

pkgs.perl538Packages.ArchiveExtract

Generic archive extracting mechanism

pkgs.perl540Packages.ArchiveAnyLite

Simple CPAN package extractor

pkgs.perl540Packages.ArchiveExtract

Generic archive extracting mechanism

pkgs.perlPackages.ArchiveLibarchive

Modern Perl bindings to libarchive

pkgs.perlPackages.ArchiveTarWrapper

API wrapper around the 'tar' utility

pkgs.python312Packages.libarchive-c

Python interface to libarchive

pkgs.python313Packages.libarchive-c

Python interface to libarchive

pkgs.perl538Packages.ArchiveZip_1_53

Provide an interface to ZIP archive files

pkgs.perl540Packages.ArchiveZip_1_53

Provide an interface to ZIP archive files

pkgs.perlPackages.NetCoverArtArchive

Query the coverartarchive.org

pkgs.python312Packages.craft-archives

Library for handling archives/repositories in Canonical craft applications

pkgs.python312Packages.handy-archives

Some handy archive helpers for Python

pkgs.python313Packages.craft-archives

Library for handling archives/repositories in Canonical craft applications

pkgs.python313Packages.handy-archives

Some handy archive helpers for Python

pkgs.rubyPackages_3_1.jekyll-archives

pkgs.rubyPackages_3_2.jekyll-archives

pkgs.rubyPackages_3_3.jekyll-archives

pkgs.rubyPackages_3_4.jekyll-archives

pkgs.perl538Packages.ArchiveLibarchive

Modern Perl bindings to libarchive

pkgs.perl538Packages.ArchiveTarWrapper

API wrapper around the 'tar' utility

pkgs.perl540Packages.ArchiveLibarchive

Modern Perl bindings to libarchive

pkgs.perl540Packages.ArchiveTarWrapper

API wrapper around the 'tar' utility

pkgs.python312Packages.dissect-archive

Dissect module implementing parsers for various archive and backup formats

pkgs.python312Packages.internetarchive

Python and Command-Line Interface to Archive.org

pkgs.python313Packages.dissect-archive

Dissect module implementing parsers for various archive and backup formats

pkgs.python313Packages.internetarchive

Python and Command-Line Interface to Archive.org

pkgs.haskellPackages.archive-libarchive

Common interface using libarchive

pkgs.haskellPackages.libarchive-conduit

Read many archive formats with libarchive and conduit

pkgs.perl538Packages.NetCoverArtArchive

Query the coverartarchive.org

pkgs.perl540Packages.NetCoverArtArchive

Query the coverartarchive.org

pkgs.perlPackages.ArchiveLibarchivePeek

Peek into archives without extracting them

pkgs.perlPackages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

pkgs.home-assistant-component-tests.hive

Open source home automation that puts local control and privacy first

pkgs.python312Packages.nskeyedunarchiver

Unserializes plist data into a usable Python dict

pkgs.python313Packages.nskeyedunarchiver

Unserializes plist data into a usable Python dict

pkgs.python312Packages.pyhive-integration

Python library to interface with the Hive API

pkgs.python313Packages.pyhive-integration

Python library to interface with the Hive API

pkgs.perl538Packages.ArchiveLibarchivePeek

Peek into archives without extracting them

pkgs.perl538Packages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

pkgs.perl540Packages.ArchiveLibarchivePeek

Peek into archives without extracting them

pkgs.perl540Packages.TestArchiveLibarchive

Testing tools for Archive::Libarchive

pkgs.perlPackages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

pkgs.perl538Packages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

pkgs.perl540Packages.ArchiveLibarchiveExtract

Archive extracting mechanism (using libarchive)

pkgs.python312Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

pkgs.python313Packages.extractcode-libarchive

ScanCode Toolkit plugin to provide pre-built binary libraries and utilities and their locations

pkgs.haskellPackages.amazonka-kinesis-video-archived-media

Amazon Kinesis Video Streams Archived Media SDK

pkgs.python312Packages.types-aiobotocore-kinesis-video-archived-media

Type annotations for aiobotocore kinesis-video-archived-media

pkgs.python313Packages.types-aiobotocore-kinesis-video-archived-media

Type annotations for aiobotocore kinesis-video-archived-media
Package maintainers: 49