Nixpkgs Security Tracker

Permalink CVE-2022-46848

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.1 versions.

References

https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-t… vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-t… x_transferred vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-t… vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-t… x_transferred vdb-entry

Affected products

visualizer

=<3.9.1

Matching in nixpkgs

pkgs.dbvisualizer

Universal database tool

nixos-unstable -
- nixpkgs-unstable 25.1.5

pkgs.MIDIVisualizer

Small MIDI visualizer tool, using OpenGL

nixos-unstable -
- nixpkgs-unstable 7.0

pkgs.midivisualizer

Small MIDI visualizer tool, using OpenGL

nixos-unstable -
- nixpkgs-unstable 7.0

pkgs.massif-visualizer

Tool that visualizes massif data generated by valgrind

nixos-unstable -
- nixpkgs-unstable 0.7.0

pkgs.mpvScripts.visualizer

Various audio visualization

nixos-unstable -
- nixpkgs-unstable 0-unstable-2025-04-12

pkgs.precice-config-visualizer

Small python tool for visualizing the preCICE xml configuration

nixos-unstable -
- nixpkgs-unstable 2022-02-23

pkgs.kdePackages.massif-visualizer

Visualizer for Valgrind Massif data files

nixos-unstable -
- nixpkgs-unstable 25.08.1

pkgs.gnomeExtensions.sound-visualizer

A Real Time Sound Visualizer Based On Gstreamer

nixos-unstable -
- nixpkgs-unstable 8

Package maintainers

@ericdallo Eric Dallo <ercdll1337@gmail.com>
@boldikoller Boldi Koller <boldi.koller@wtss.eu>
@honnip Jung seungwoo <me@honnip.page>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@NickCao Nick Cao <nickcao@nichi.co>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@K900 Ilya K. <me@0upti.me>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@zraexy David Mell <zraexy@gmail.com>
@kmein Kierán Meinhardt <kmein@posteo.de>
@Scriptkiddi Fritz Otlinghaus <nixos@scriptkiddi.de>

Permalink CVE-2023-23708

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

WordPress Visualizer Plugin <= 3.9.4 is vulnerable to Cross Site Scripting (XSS)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.4 versions.

References

https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-t… vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-t… x_transferred vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-t… vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-t… x_transferred vdb-entry

Affected products

visualizer

=<3.9.4

Matching in nixpkgs

pkgs.dbvisualizer

Universal database tool

nixos-unstable -
- nixpkgs-unstable 25.1.5

pkgs.MIDIVisualizer

Small MIDI visualizer tool, using OpenGL

nixos-unstable -
- nixpkgs-unstable 7.0

pkgs.midivisualizer

Small MIDI visualizer tool, using OpenGL

nixos-unstable -
- nixpkgs-unstable 7.0

pkgs.massif-visualizer

Tool that visualizes massif data generated by valgrind

nixos-unstable -
- nixpkgs-unstable 0.7.0

pkgs.mpvScripts.visualizer

Various audio visualization

nixos-unstable -
- nixpkgs-unstable 0-unstable-2025-04-12

pkgs.precice-config-visualizer

Small python tool for visualizing the preCICE xml configuration

nixos-unstable -
- nixpkgs-unstable 2022-02-23

pkgs.kdePackages.massif-visualizer

Visualizer for Valgrind Massif data files

nixos-unstable -
- nixpkgs-unstable 25.08.1

pkgs.gnomeExtensions.sound-visualizer

A Real Time Sound Visualizer Based On Gstreamer

nixos-unstable -
- nixpkgs-unstable 8

Package maintainers

@ericdallo Eric Dallo <ercdll1337@gmail.com>
@boldikoller Boldi Koller <boldi.koller@wtss.eu>
@honnip Jung seungwoo <me@honnip.page>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@NickCao Nick Cao <nickcao@nichi.co>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@K900 Ilya K. <me@0upti.me>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@zraexy David Mell <zraexy@gmail.com>
@kmein Kierán Meinhardt <kmein@posteo.de>
@Scriptkiddi Fritz Otlinghaus <nixos@scriptkiddi.de>

Permalink CVE-2024-35736

8.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): LOW

created 6 months ago

WordPress Visualizer plugin <= 3.11.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1.

References

https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-p… vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-p… vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-p… vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-p… x_transferred vdb-entry

Affected products

visualizer

=<3.11.1

Matching in nixpkgs

pkgs.dbvisualizer

Universal database tool

nixos-unstable -
- nixpkgs-unstable 25.1.5

pkgs.MIDIVisualizer

Small MIDI visualizer tool, using OpenGL

nixos-unstable -
- nixpkgs-unstable 7.0

pkgs.midivisualizer

Small MIDI visualizer tool, using OpenGL

nixos-unstable -
- nixpkgs-unstable 7.0

pkgs.massif-visualizer

Tool that visualizes massif data generated by valgrind

nixos-unstable -
- nixpkgs-unstable 0.7.0

pkgs.mpvScripts.visualizer

Various audio visualization

nixos-unstable -
- nixpkgs-unstable 0-unstable-2025-04-12

pkgs.precice-config-visualizer

Small python tool for visualizing the preCICE xml configuration

nixos-unstable -
- nixpkgs-unstable 2022-02-23

pkgs.kdePackages.massif-visualizer

Visualizer for Valgrind Massif data files

nixos-unstable -
- nixpkgs-unstable 25.08.1

pkgs.gnomeExtensions.sound-visualizer

A Real Time Sound Visualizer Based On Gstreamer

nixos-unstable -
- nixpkgs-unstable 8

Package maintainers

@ericdallo Eric Dallo <ercdll1337@gmail.com>
@boldikoller Boldi Koller <boldi.koller@wtss.eu>
@honnip Jung seungwoo <me@honnip.page>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@NickCao Nick Cao <nickcao@nichi.co>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@K900 Ilya K. <me@0upti.me>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@zraexy David Mell <zraexy@gmail.com>
@kmein Kierán Meinhardt <kmein@posteo.de>
@Scriptkiddi Fritz Otlinghaus <nixos@scriptkiddi.de>

Permalink CVE-2024-27958

7.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

WordPress Visualizer plugin <= 3.10.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Visualizer allows Reflected XSS.This issue affects Visualizer: from n/a through 3.10.5.

References

https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-p… vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-p… vdb-entry
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-p… x_transferred vdb-entry

Affected products

visualizer

=<3.10.5

Matching in nixpkgs

pkgs.dbvisualizer

Universal database tool

nixos-unstable -
- nixpkgs-unstable 25.1.5

pkgs.MIDIVisualizer

Small MIDI visualizer tool, using OpenGL

nixos-unstable -
- nixpkgs-unstable 7.0

pkgs.midivisualizer

Small MIDI visualizer tool, using OpenGL

nixos-unstable -
- nixpkgs-unstable 7.0

pkgs.massif-visualizer

Tool that visualizes massif data generated by valgrind

nixos-unstable -
- nixpkgs-unstable 0.7.0

pkgs.mpvScripts.visualizer

Various audio visualization

nixos-unstable -
- nixpkgs-unstable 0-unstable-2025-04-12

pkgs.precice-config-visualizer

Small python tool for visualizing the preCICE xml configuration

nixos-unstable -
- nixpkgs-unstable 2022-02-23

pkgs.kdePackages.massif-visualizer

Visualizer for Valgrind Massif data files

nixos-unstable -
- nixpkgs-unstable 25.08.1

pkgs.gnomeExtensions.sound-visualizer

A Real Time Sound Visualizer Based On Gstreamer

nixos-unstable -
- nixpkgs-unstable 8

Package maintainers

@ericdallo Eric Dallo <ercdll1337@gmail.com>
@boldikoller Boldi Koller <boldi.koller@wtss.eu>
@honnip Jung seungwoo <me@honnip.page>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@NickCao Nick Cao <nickcao@nichi.co>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@K900 Ilya K. <me@0upti.me>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@zraexy David Mell <zraexy@gmail.com>
@kmein Kierán Meinhardt <kmein@posteo.de>
@Scriptkiddi Fritz Otlinghaus <nixos@scriptkiddi.de>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.dbvisualizer

pkgs.MIDIVisualizer

pkgs.midivisualizer

pkgs.massif-visualizer

pkgs.mpvScripts.visualizer

pkgs.precice-config-visualizer

pkgs.kdePackages.massif-visualizer

pkgs.gnomeExtensions.sound-visualizer

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.dbvisualizer

pkgs.MIDIVisualizer

pkgs.midivisualizer

pkgs.massif-visualizer

pkgs.mpvScripts.visualizer

pkgs.precice-config-visualizer

pkgs.kdePackages.massif-visualizer

pkgs.gnomeExtensions.sound-visualizer

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.dbvisualizer

pkgs.MIDIVisualizer

pkgs.midivisualizer

pkgs.massif-visualizer

pkgs.mpvScripts.visualizer

pkgs.precice-config-visualizer

pkgs.kdePackages.massif-visualizer

pkgs.gnomeExtensions.sound-visualizer

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.dbvisualizer

pkgs.MIDIVisualizer

pkgs.midivisualizer

pkgs.massif-visualizer

pkgs.mpvScripts.visualizer

pkgs.precice-config-visualizer

pkgs.kdePackages.massif-visualizer

pkgs.gnomeExtensions.sound-visualizer

Package maintainers