⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

Create Draft to queue a suggestion for refinement.

Dismiss to remove a suggestion from the queue.

CVE-2025-22523
9.3 CRITICAL
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 5 months, 2 weeks ago
WordPress Schedule Plugin <= 1.0.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Schedule allows Blind SQL Injection. This issue affects Schedule: from n/a through 1.0.0.

schedule
=<1.0.0

pkgs.system76-scheduler

System76 Scheduler

pkgs.haskellPackages.schedule

Pure deterministic scheduled computations

pkgs.python311Packages.schedule

Python job scheduling for humans

pkgs.python312Packages.schedule

Python job scheduling for humans

pkgs.python311Packages.pyschedule

Formulate and solve resource-constrained scheduling problems

pkgs.python312Packages.pyschedule

Formulate and solve resource-constrained scheduling problems

pkgs.python311Packages.apscheduler

Library that lets you schedule your Python code to be executed

pkgs.python312Packages.apscheduler

Library that lets you schedule your Python code to be executed

pkgs.haskellPackages.monad-schedule

A new, simple, composable concurrency abstraction

pkgs.haskellPackages.amazonka-scheduler

Amazon EventBridge Scheduler SDK

pkgs.python311Packages.django-scheduler

Calendar app for Django

pkgs.python312Packages.django-scheduler

Calendar app for Django

pkgs.azure-cli-extensions.scheduled-query

Microsoft Azure Command-Line Tools Scheduled_query Extension

pkgs.linuxPackages_zen.system76-scheduler

System76 Scheduler

pkgs.python311Packages.django-apscheduler

APScheduler for Django

pkgs.python312Packages.django-apscheduler

APScheduler for Django

pkgs.python311Packages.azure-mgmt-scheduler

This is the Microsoft Azure Scheduler Management Client Library

pkgs.python311Packages.finetuning-scheduler

PyTorch Lightning extension for foundation model experimentation with flexible fine-tuning schedules

pkgs.python312Packages.azure-mgmt-scheduler

This is the Microsoft Azure Scheduler Management Client Library

pkgs.python312Packages.finetuning-scheduler

PyTorch Lightning extension for foundation model experimentation with flexible fine-tuning schedules

pkgs.home-assistant-component-tests.schedule

Open source home automation that puts local control and privacy first

pkgs.python312Packages.schedule.x86_64-linux

Python job scheduling for humans

pkgs.python312Packages.schedule.aarch64-linux

Python job scheduling for humans

pkgs.python312Packages.schedule.x86_64-darwin

Python job scheduling for humans

pkgs.python312Packages.pyschedule.x86_64-linux

Formulate and solve resource-constrained scheduling problems

pkgs.python312Packages.schedule.aarch64-darwin

Python job scheduling for humans

pkgs.python312Packages.pyschedule.aarch64-linux

Formulate and solve resource-constrained scheduling problems

pkgs.python312Packages.pyschedule.x86_64-darwin

Formulate and solve resource-constrained scheduling problems

pkgs.haskellPackages.monad-schedule.x86_64-linux

A new, simple, composable concurrency abstraction

pkgs.python312Packages.pyschedule.aarch64-darwin

Formulate and solve resource-constrained scheduling problems

pkgs.haskellPackages.monad-schedule.aarch64-linux

A new, simple, composable concurrency abstraction

pkgs.haskellPackages.monad-schedule.x86_64-darwin

A new, simple, composable concurrency abstraction

pkgs.haskellPackages.monad-schedule.aarch64-darwin

A new, simple, composable concurrency abstraction

pkgs.python311Packages.types-aiobotocore-scheduler

Type annotations for aiobotocore scheduler

pkgs.python312Packages.types-aiobotocore-scheduler

Type annotations for aiobotocore scheduler

pkgs.linuxPackages_zen.system76-scheduler.x86_64-linux

System76 Scheduler

pkgs.linuxKernel.packages.linux_5_10.system76-scheduler

System76 Scheduler

pkgs.linuxPackages_zen.system76-scheduler.aarch64-linux

System76 Scheduler

pkgs.python312Packages.mypy-boto3-scheduler.x86_64-linux

Type annotations for boto3 scheduler

pkgs.python312Packages.mypy-boto3-scheduler.aarch64-linux

Type annotations for boto3 scheduler

pkgs.python312Packages.mypy-boto3-scheduler.x86_64-darwin

Type annotations for boto3 scheduler

pkgs.python312Packages.mypy-boto3-scheduler.aarch64-darwin

Type annotations for boto3 scheduler

pkgs.home-assistant-custom-components.waste_collection_schedule

Home Assistant integration framework for (garbage collection) schedules

pkgs.linuxKernel.packages.linux_5_4_hardened.system76-scheduler

System76 Scheduler

pkgs.linuxKernel.packages.linux_latest_libre.system76-scheduler

System76 Scheduler

pkgs.python312Packages.types-aiobotocore-scheduler.x86_64-linux

Type annotations for aiobotocore scheduler

pkgs.python312Packages.types-aiobotocore-scheduler.aarch64-linux

Type annotations for aiobotocore scheduler

pkgs.python312Packages.types-aiobotocore-scheduler.x86_64-darwin

Type annotations for aiobotocore scheduler

pkgs.python312Packages.types-aiobotocore-scheduler.aarch64-darwin

Type annotations for aiobotocore scheduler

pkgs.linuxKernel.packages.linux_latest_libre.system76-scheduler.x86_64-linux

System76 Scheduler

pkgs.linuxKernel.packages.linux_latest_libre.system76-scheduler.aarch64-linux

System76 Scheduler
Package maintainers: 13
CVE-2024-13939
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 5 months, 2 weeks ago
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string may be leaked (but not its contents)." This is similar to CVE-2020-36829

String-Compare-ConstantTime
=<0.321

pkgs.perl538Packages.StringCompareConstantTime

Timing side-channel protected string compare

pkgs.perl540Packages.StringCompareConstantTime

Timing side-channel protected string compare

pkgs.perl540Packages.StringCompareConstantTime.x86_64-linux

Timing side-channel protected string compare

pkgs.perl540Packages.StringCompareConstantTime.aarch64-linux

Timing side-channel protected string compare

pkgs.perl540Packages.StringCompareConstantTime.x86_64-darwin

Timing side-channel protected string compare

pkgs.perl540Packages.StringCompareConstantTime.aarch64-darwin

Timing side-channel protected string compare
CVE-2025-1860
7.7 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 5 months, 2 weeks ago
Data::Entropy for Perl uses insecure rand() function for cryptographic functions

Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.

Data-Entropy
<0.008

pkgs.perl538Packages.DataEntropy

Entropy (randomness) management

pkgs.perl540Packages.DataEntropy

Entropy (randomness) management
CVE-2025-31164
6.6 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): HIGH
created 5 months, 2 weeks ago
fig2dev heap-buffer overflow

heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via  create_line_with_spline.

fig2dev
==3.2.9a

pkgs.fig2dev

Tool to convert Xfig files to other formats
Package maintainers: 1
CVE-2025-31163
6.6 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): HIGH
created 5 months, 2 weeks ago
fig2dev segmentation fault

Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function.

fig2dev
==3.2.9a

pkgs.fig2dev

Tool to convert Xfig files to other formats
Package maintainers: 1
CVE-2025-31176
6.2 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 5 months, 3 weeks ago
Gnuplot: gnuplot segmentation fault on plot3d_points

A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash.

gnuplot
<6.0

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.x86_64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.x86_64-darwin

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-darwin

2D and 3D plots using gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

  • nixos-unstable ???
    • nixos-unstable-small
    • nixpkgs-unstable
Package maintainers: 3
CVE-2025-31180
6.2 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 5 months, 3 weeks ago
Gnuplot: gnuplot segmentation fault on canvas_text

A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash.

gnuplot
<6.0

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.x86_64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.x86_64-darwin

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-darwin

2D and 3D plots using gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

  • nixos-unstable ???
    • nixos-unstable-small
    • nixpkgs-unstable
Package maintainers: 3
CVE-2025-31179
6.2 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 5 months, 3 weeks ago
Gnuplot: gnuplot segmentation fault on xstrftime

A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash.

gnuplot
<6.0

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.x86_64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.x86_64-darwin

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-darwin

2D and 3D plots using gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

  • nixos-unstable ???
    • nixos-unstable-small
    • nixpkgs-unstable
Package maintainers: 3
CVE-2022-1242
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 5 months, 3 weeks ago
Apport can be tricked into connecting to arbitrary sockets as …

Apport can be tricked into connecting to arbitrary sockets as the root user

apport
<2.21.0

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum
Package maintainers: 1
CVE-2025-31178
6.2 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 5 months, 3 weeks ago
Gnuplot: gnuplot segmentation fault on getannotatestring

A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash.

gnuplot
<6.0

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.x86_64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-linux

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.x86_64-darwin

2D and 3D plots using gnuplot

pkgs.haskellPackages.gnuplot.aarch64-darwin

2D and 3D plots using gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

  • nixos-unstable ???
    • nixos-unstable-small
    • nixpkgs-unstable
Package maintainers: 3