⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

Create Draft to queue a suggestion for refinement.

Dismiss to remove a suggestion from the queue.

CVE-2024-11584
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 1 week, 6 days ago
cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with …

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.

cloud-init
<25.1.3

pkgs.cloud-init

Provides configuration and customization of cloud instance

pkgs.cloud-init.x86_64-linux

Provides configuration and customization of cloud instance

pkgs.cloud-init.aarch64-linux

Provides configuration and customization of cloud instance
Package maintainers: 2
CVE-2024-6126
3.2 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 1 week, 6 days ago
Cockpit: authenticated user can kill any process when enabling pam_env's user_readenv option

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.

cockpit
*

pkgs.cockpit

Web-based graphical interface for servers

pkgs.cockpit.x86_64-linux

Web-based graphical interface for servers

pkgs.cockpit.aarch64-linux

Web-based graphical interface for servers

pkgs.texlivePackages.tlcockpit

A GUI frontend to TeX Live Manager (tlmgr)

pkgs.texlivePackages.tlcockpit.x86_64-linux

A GUI frontend to TeX Live Manager (tlmgr)
Package maintainers: 1
CVE-2025-5416
2.7 LOW
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 2 weeks, 3 days ago
Keycloak-core: keycloak environment information

A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information.

keycloak

pkgs.keycloak.x86_64-linux

Identity and access management for modern applications and services

pkgs.keycloak.aarch64-linux

Identity and access management for modern applications and services

pkgs.python313Packages.python-keycloak

Provides access to the Keycloak API

pkgs.python311Packages.python-keycloak.x86_64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-linux

Provides access to the Keycloak API

pkgs.python311Packages.python-keycloak.aarch64-linux

Provides access to the Keycloak API

pkgs.python311Packages.python-keycloak.x86_64-darwin

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-linux

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.x86_64-darwin

Provides access to the Keycloak API

pkgs.python311Packages.python-keycloak.aarch64-darwin

Provides access to the Keycloak API

pkgs.python312Packages.python-keycloak.aarch64-darwin

Provides access to the Keycloak API
Package maintainers: 3
CVE-2025-6019
7.0 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 2 weeks, 6 days ago
Libblockdev: lpe from allow_active to root in libblockdev via udisks

A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.

libblockdev

pkgs.libblockdev.x86_64-linux

Library for manipulating block devices

pkgs.libblockdev.aarch64-linux

Library for manipulating block devices
Package maintainers: 1
CVE-2025-49178
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 3 weeks, 1 day ago
Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service.

tigervnc
xorg-x11-server
xorg-x11-server-Xwayland
Package maintainers: 1
CVE-2023-6258
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 weeks, 1 day ago
Pkcs11-provider: side-channel proofing pkcs#1 1.5 paths

A security vulnerability has been identified in the pkcs11-provider, which is associated with Public-Key Cryptography Standards (PKCS#11). If exploited successfully, this vulnerability could result in a Bleichenbacher-like security flaw, potentially enabling a side-channel attack on PKCS#1 1.5 decryption.

pkcs11-provider

pkgs.pkcs11-provider

OpenSSL 3.x provider to access hardware or software tokens using the PKCS#11 Cryptographic Token Interface

pkgs.pkcs11-provider.x86_64-linux

OpenSSL 3.x provider to access hardware or software tokens using the PKCS#11 Cryptographic Token Interface

pkgs.pkcs11-provider.aarch64-linux

An OpenSSL 3.x provider to access hardware or software tokens using the PKCS#11 Cryptographic Token Interface

pkgs.pkcs11-provider.x86_64-darwin

An OpenSSL 3.x provider to access hardware or software tokens using the PKCS#11 Cryptographic Token Interface

pkgs.pkcs11-provider.aarch64-darwin

An OpenSSL 3.x provider to access hardware or software tokens using the PKCS#11 Cryptographic Token Interface
Package maintainers: 1
CVE-2023-6476
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 3 weeks, 1 day ago
Cri-o: pods are able to break out of resource confinement on cgroupv2

A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.

cri-o
*
cri-o:1.21/cri-o

pkgs.cri-o.x86_64-linux

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

pkgs.cri-o.aarch64-linux

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

pkgs.cri-o-unwrapped.x86_64-linux

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

pkgs.cri-o-unwrapped.aarch64-linux

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface
Package maintainers: 2
CVE-2025-6196
5.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 3 weeks, 1 day ago
Libgepub: integer overflow in libgepub's epub archive handling

A flaw was found in libgepub, a library used to read EPUB files. The software mishandles file size calculations when opening specially crafted EPUB files, leading to incorrect memory allocations. This issue causes the application to crash. Known affected usage includes desktop services like Tumbler, which may process malicious files automatically when browsing directories. While no direct remote attack vectors are confirmed, any application using libgepub to parse user-supplied EPUB content could be vulnerable to a denial of service.

libgepub

pkgs.libgepub.x86_64-linux

GObject based library for handling and rendering epub documents

pkgs.libgepub.aarch64-linux

GObject based library for handling and rendering epub documents
Package maintainers: 4
CVE-2025-49258
8.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 weeks, 1 day ago
WordPress Maia <= 1.1.15 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Maia allows PHP Local File Inclusion. This issue affects Maia: from n/a through 1.1.15.

maia
=<1.1.15
Package maintainers: 2
CVE-2024-0409
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 3 weeks, 1 day ago
Xorg-x11-server: selinux context corruption

A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.

tigervnc
xorg-server
<21.1.11
xorg-x11-server
*
xorg-x11-server-Xwayland
*
Package maintainers: 1