Nixpkgs Security Tracker

Permalink CVE-2012-0828

created 1 month, 1 week ago

Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 …

Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP).

References

https://security-tracker.debian.org/tracker/CVE-2012-0828 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0828 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0828 x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/02/01/9 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-0828 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0828 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0828 x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/02/01/9 x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-0828 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0828 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0828 x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/02/01/9 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-0828 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0828 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0828 x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/02/01/9 x_transferred x_refsource_MISC

Affected products

xchat

==2.8.6 on Maemo architecture

Xchat-WDK

==before 1499-4 (2012-01-18)

Matching in nixpkgs

pkgs.hexchat

Popular and easy to use graphical IRC (chat) client

nixos-unstable 2.16.2
- nixpkgs-unstable 2.16.2
- nixos-unstable-small 2.16.2
nixos-25.11 2.16.2
- nixos-25.11-small 2.16.2
- nixpkgs-25.11-darwin 2.16.2

Package maintainers

@romildo José Romildo Malaquias <malaquias@gmail.com>

Permalink CVE-2012-5640

created 1 month, 1 week ago

thttpd has a local DoS vulnerability via specially-crafted .htpasswd files

References

http://www.openwall.com/lists/oss-security/2012/12/15/1 x_refsource_MISC
Red Hat vendor-advisory x_refsource_REDHAT
https://security-tracker.debian.org/tracker/CVE-2012-5640 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5640 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-5640 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5640 x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/12/15/1 x_transferred x_refsource_MISC
Red Hat vendor-advisory x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2012/12/15/1 x_refsource_MISC
Red Hat vendor-advisory x_refsource_REDHAT
https://security-tracker.debian.org/tracker/CVE-2012-5640 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5640 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-5640 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5640 x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/12/15/1 x_transferred x_refsource_MISC
Red Hat vendor-advisory x_refsource_REDHAT x_transferred

Affected products

thttpd

==2012-12-15

Matching in nixpkgs

pkgs.thttpd

Tiny/turbo/throttling HTTP server

nixos-unstable 2.29
- nixpkgs-unstable 2.29
- nixos-unstable-small 2.29
nixos-25.11 2.29
- nixos-25.11-small 2.29
- nixpkgs-25.11-darwin 2.29

pkgs.althttpd

Althttpd webserver

nixos-unstable 0-unstable-2025-08-22
- nixpkgs-unstable 0-unstable-2025-08-22
- nixos-unstable-small 0-unstable-2025-08-22
nixos-25.11 0-unstable-2023-08-12
- nixos-25.11-small 0-unstable-2023-08-12
- nixpkgs-25.11-darwin 0-unstable-2023-08-12

Package maintainers

@siraben Siraphob Phipathananunth <bensiraphob@gmail.com>

Permalink CVE-2012-1170

created 1 month, 1 week ago

Moodle before 2.2.2 has an external enrolment plugin context check …

Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough

References

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1170 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1170 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-1170 x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html x_refsource_MISC
https://moodle.org/mod/forum/discuss.php?d=198632 x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html x_transferred x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html x_transferred x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1170 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1170 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-1170 x_transferred x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html x_transferred x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html x_transferred x_refsource_MISC
https://moodle.org/mod/forum/discuss.php?d=198632 x_transferred x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1170 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1170 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-1170 x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html x_refsource_MISC
https://moodle.org/mod/forum/discuss.php?d=198632 x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html x_transferred x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html x_transferred x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1170 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1170 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-1170 x_transferred x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html x_transferred x_refsource_MISC
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html x_transferred x_refsource_MISC
https://moodle.org/mod/forum/discuss.php?d=198632 x_transferred x_refsource_CONFIRM

Affected products

Moodle

==2.2 to 2.2.1+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2009-3721

created 1 month, 1 week ago

Multiple directory traversal and buffer overflow vulnerabilities were discovered in …

Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments.

References

https://bugzilla.redhat.com/show_bug.cgi?id=521662 x_refsource_MISC
http://www.ocert.org/advisories/ocert-2009-013.html x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=521662 x_transferred x_refsource_MISC
http://www.ocert.org/advisories/ocert-2009-013.html x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=521662 x_refsource_MISC
http://www.ocert.org/advisories/ocert-2009-013.html x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=521662 x_transferred x_refsource_MISC
http://www.ocert.org/advisories/ocert-2009-013.html x_transferred x_refsource_MISC

Affected products

ytnef

==ytnef 2.8

Matching in nixpkgs

pkgs.libytnef

Yeraze's TNEF Stream Reader - for winmail.dat files

nixos-unstable 2.1.2
- nixpkgs-unstable 2.1.2
- nixos-unstable-small 2.1.2
nixos-25.11 2.1.2
- nixos-25.11-small 2.1.2
- nixpkgs-25.11-darwin 2.1.2

Package maintainers

@fpletz Franz Pletz <fpletz@fnordicwalking.de>

Permalink CVE-2008-5083

created 1 month, 1 week ago

In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized …

In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-5083 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2008-5083 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-5083 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2008-5083 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-5083 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2008-5083 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-5083 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2008-5083 x_transferred x_refsource_MISC

Affected products

JON

==2.1.x before 2.1.2 SP1

Matching in nixpkgs

pkgs.jonquil

JSON parser on top of TOML implementation

nixos-unstable 0.3.0
- nixpkgs-unstable 0.3.0
- nixos-unstable-small 0.3.0
nixos-25.11 0.3.0
- nixos-25.11-small 0.3.0
- nixpkgs-25.11-darwin 0.3.0

pkgs.gnome-mahjongg

Disassemble a pile of tiles by removing matching pairs

nixos-unstable 49.1.1
- nixpkgs-unstable 49.1.1
- nixos-unstable-small 49.1.1
nixos-25.11 49.0.1
- nixos-25.11-small 49.0.1
- nixpkgs-25.11-darwin 49.0.1

pkgs.libsForQt5.kmahjongg

Mahjongg solitaire

pkgs.kdePackages.kmahjongg

KMahjongg is a tile matching game for one or two players

nixos-unstable 25.12.2
- nixpkgs-unstable 25.12.2
- nixos-unstable-small 25.12.2
nixos-25.11 25.08.3
- nixos-25.11-small 25.08.3
- nixpkgs-25.11-darwin 25.08.3

pkgs.sbclPackages.jonathan

None

nixos-unstable 20200925-git
- nixpkgs-unstable 20200925-git
- nixos-unstable-small 20200925-git
nixos-25.11 20200925-git
- nixos-25.11-small 20200925-git
- nixpkgs-25.11-darwin 20200925-git

pkgs.libsForQt5.libkmahjongg

None

pkgs.kdePackages.libkmahjongg

Common code, backgrounds and tile sets for games using Mahjongg tiles

nixos-unstable 25.12.2
- nixpkgs-unstable 25.12.2
- nixos-unstable-small 25.12.2
nixos-25.11 25.08.3
- nixos-25.11-small 25.08.3
- nixpkgs-25.11-darwin 25.08.3

pkgs.plasma5Packages.kmahjongg

Mahjongg solitaire

pkgs.plasma5Packages.libkmahjongg

None

pkgs.vscode-extensions.kddejong.vscode-cfn-lint

CloudFormation Linter IDE integration, autocompletion, and documentation

nixos-unstable 0.26.6
- nixpkgs-unstable 0.26.6
- nixos-unstable-small 0.26.6
nixos-25.11 0.26.6
- nixos-25.11-small 0.26.6
- nixpkgs-25.11-darwin 0.26.6

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@bobby285271 Bobby Rong <rjl931189261@126.com>
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@K900 Ilya K. <me@0upti.me>
@nyanloutre Paul Trehiou <paul@nyanlout.re>
@SCOTT-HAMILTON Scott Hamilton <sgn.hamilton@protonmail.com>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@peterhoeg Peter Hoeg <peter@hoeg.com>
@bkchr Bastian Köcher <nixos@kchr.de>
@NickCao Nick Cao <nickcao@nichi.co>
@FRidh Frederik Rietdijk <fridh@fridh.nl>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@hraban Hraban Luyat <hraban@0brg.net>
@Uthar Kasper Gałkowski <galkowskikasper@gmail.com>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
@nagy Daniel Nagy <danielnagy@posteo.de>
@lukego Luke Gorrie <luke@snabb.co>
@sheepforce Phillip Seeber <phillip.seeber@googlemail.com>

Permalink CVE-2012-0785

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month, 1 week ago
@LeSuisse removed
10 packages
- jenkins-job-builder
- python312Packages.jenkinsapi
- python313Packages.jenkinsapi
- python314Packages.jenkinsapi
- python312Packages.python-jenkins
- python313Packages.python-jenkins
- python314Packages.python-jenkins
- python312Packages.jenkins-job-builder
- python313Packages.jenkins-job-builder
- python314Packages.jenkins-job-builder
1 month ago

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS …

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."

References

[oss-security] 20120119 Re: CVE request: Jenkins x_refsource_MLIST mailing-list
https://security-tracker.debian.org/tracker/CVE-2012-0785 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0785 x_refsource_MISC
https://jenkins.io/security/advisory/2012-01-12/ x_refsource_CONFIRM
https://www.cloudbees.com/jenkins-security-advisory-2012-01-12 x_refsource_CONFIRM
[oss-security] 20120119 Re: CVE request: Jenkins x_refsource_MLIST mailing-list x_transferred
https://security-tracker.debian.org/tracker/CVE-2012-0785 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0785 x_transferred x_refsource_MISC
https://jenkins.io/security/advisory/2012-01-12/ x_transferred x_refsource_CONFIRM
https://www.cloudbees.com/jenkins-security-advisory-2012-01-12 x_transferred x_refsource_CONFIRM
[oss-security] 20120119 Re: CVE request: Jenkins x_refsource_MLIST mailing-list
https://security-tracker.debian.org/tracker/CVE-2012-0785 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0785 x_refsource_MISC
https://jenkins.io/security/advisory/2012-01-12/ x_refsource_CONFIRM
https://www.cloudbees.com/jenkins-security-advisory-2012-01-12 x_refsource_CONFIRM
[oss-security] 20120119 Re: CVE request: Jenkins x_refsource_MLIST mailing-list x_transferred
https://security-tracker.debian.org/tracker/CVE-2012-0785 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0785 x_transferred x_refsource_MISC
https://jenkins.io/security/advisory/2012-01-12/ x_transferred x_refsource_CONFIRM
https://www.cloudbees.com/jenkins-security-advisory-2012-01-12 x_transferred x_refsource_CONFIRM

Affected products

Jenkins

==before 1.447

Jenkins LTS

==before 1.424.2

Jenkins Enterprise by CloudBees

==1.400.x before 1.400.0.11
==1.424.x before 1.424.2.1

Matching in nixpkgs

pkgs.jenkins

Extendable open source continuous integration server

nixos-unstable 2.541.1
- nixpkgs-unstable 2.541.1
- nixos-unstable-small 2.541.1
nixos-25.11 2.541.1
- nixos-25.11-small 2.541.1
- nixpkgs-25.11-darwin 2.541.1

Ignored packages (10)

pkgs.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python312Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python313Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15
nixos-25.11 0.3.15
- nixos-25.11-small 0.3.15
- nixpkgs-25.11-darwin 0.3.15

pkgs.python314Packages.jenkinsapi

Python API for accessing resources on a Jenkins continuous-integration server

nixos-unstable 0.3.15
- nixpkgs-unstable 0.3.15
- nixos-unstable-small 0.3.15

pkgs.python312Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python313Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3
nixos-25.11 1.8.3
- nixos-25.11-small 1.8.3
- nixpkgs-25.11-darwin 1.8.3

pkgs.python314Packages.python-jenkins

Python bindings for the remote Jenkins API

nixos-unstable 1.8.3
- nixpkgs-unstable 1.8.3
- nixos-unstable-small 1.8.3

pkgs.python312Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python313Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2
nixos-25.11 6.4.2
- nixos-25.11-small 6.4.2
- nixpkgs-25.11-darwin 6.4.2

pkgs.python314Packages.jenkins-job-builder

Jenkins Job Builder is a system for configuring Jenkins jobs using simple YAML files stored in Git

nixos-unstable 6.4.2
- nixpkgs-unstable 6.4.2
- nixos-unstable-small 6.4.2

Package maintainers

@coreyoconnor Corey O'Connor <coreyoconnor@gmail.com>
@earldouglas James Earl Douglas <james@earldouglas.com>
@NeQuissimus Tim Steinbach <tim@nequissimus.com>

Permalink CVE-2010-4817

created 1 month, 1 week ago

pithos before 0.3.5 allows overwrite of arbitrary files via symlinks.

References

https://security-tracker.debian.org/tracker/CVE-2010-4817 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2010-4817 x_refsource_MISC
https://people.canonical.com/~ubuntu-security/cve/2010/CVE-2010-4817.html x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/08/19/10 x_refsource_MISC
https://bugs.launchpad.net/pithos/%2Bbug/667896 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2010-4817 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2010-4817 x_transferred x_refsource_MISC
https://people.canonical.com/~ubuntu-security/cve/2010/CVE-2010-4817.html x_transferred x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/08/19/10 x_transferred x_refsource_MISC
https://bugs.launchpad.net/pithos/%2Bbug/667896 x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2010-4817 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2010-4817 x_refsource_MISC
https://people.canonical.com/~ubuntu-security/cve/2010/CVE-2010-4817.html x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/08/19/10 x_refsource_MISC
https://bugs.launchpad.net/pithos/%2Bbug/667896 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2010-4817 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2010-4817 x_transferred x_refsource_MISC
https://people.canonical.com/~ubuntu-security/cve/2010/CVE-2010-4817.html x_transferred x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/08/19/10 x_transferred x_refsource_MISC
https://bugs.launchpad.net/pithos/%2Bbug/667896 x_transferred x_refsource_MISC

Affected products

pithos

==before 0.3.5

Matching in nixpkgs

pkgs.pithos

Pandora Internet Radio player for GNOME

nixos-unstable 1.6.2
- nixpkgs-unstable 1.6.2
- nixos-unstable-small 1.6.2
nixos-25.11 1.6.2
- nixos-25.11-small 1.6.2
- nixpkgs-25.11-darwin 1.6.2

Package maintainers

@obadz obadz <obadz-nixos@obadz.com>

Permalink CVE-2011-0469

created 1 month, 1 week ago

Code injection in openSUSE when running some source services used …

Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011.

References

https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6c… x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e0… x_refsource_MISC
https://bugzilla.suse.com/show_bug.cgi?id=679325 x_refsource_MISC
https://bugzilla.suse.com/show_bug.cgi?id=679325 x_transferred x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6c… x_transferred x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e0… x_transferred x_refsource_MISC
https://bugzilla.suse.com/show_bug.cgi?id=679325 x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6c… x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e0… x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e0… x_transferred x_refsource_MISC
https://bugzilla.suse.com/show_bug.cgi?id=679325 x_transferred x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6c… x_transferred x_refsource_MISC
https://bugzilla.suse.com/show_bug.cgi?id=679325 x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6c… x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e0… x_refsource_MISC
https://bugzilla.suse.com/show_bug.cgi?id=679325 x_transferred x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6c… x_transferred x_refsource_MISC
https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e0… x_transferred x_refsource_MISC

Affected products

openSUSE

==open build service 2.1 before March 11 2011

Matching in nixpkgs

pkgs.haskellPackages.distribution-opensuse

Types, functions, and tools to manipulate the openSUSE distribution

nixos-unstable 1.1.4
- nixpkgs-unstable 1.1.4
- nixos-unstable-small 1.1.4
nixos-25.11 1.1.4
- nixos-25.11-small 1.1.4
- nixpkgs-25.11-darwin 1.1.4

Permalink CVE-2012-1187

created 1 month, 1 week ago

Bitlbee does not drop extra group privileges correctly in unix.c

References

https://security-tracker.debian.org/tracker/CVE-2012-1187 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-1187 x_refsource_MISC
https://bugs.bitlbee.org/ticket/852 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1187 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-1187 x_transferred x_refsource_MISC
https://bugs.bitlbee.org/ticket/852 x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1187 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-1187 x_refsource_MISC
https://bugs.bitlbee.org/ticket/852 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-1187 x_transferred x_refsource_MISC
https://bugs.bitlbee.org/ticket/852 x_transferred x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-1187 x_transferred x_refsource_MISC

Affected products

Bitlbee

==3.0.4

Matching in nixpkgs

pkgs.bitlbee

IRC instant messaging gateway

nixos-unstable 3.6
- nixpkgs-unstable 3.6
- nixos-unstable-small 3.6
nixos-25.11 3.6
- nixos-25.11-small 3.6
- nixpkgs-25.11-darwin 3.6

pkgs.bitlbee-steam

Steam protocol plugin for BitlBee

nixos-unstable 1.4.2
- nixpkgs-unstable 1.4.2
- nixos-unstable-small 1.4.2
nixos-25.11 1.4.2
- nixos-25.11-small 1.4.2
- nixpkgs-25.11-darwin 1.4.2

pkgs.bitlbee-discord

Bitlbee plugin for Discord

nixos-unstable 0.4.3
- nixpkgs-unstable 0.4.3
- nixos-unstable-small 0.4.3
nixos-25.11 0.4.3
- nixos-25.11-small 0.4.3
- nixpkgs-25.11-darwin 0.4.3

pkgs.bitlbee-facebook

Facebook protocol plugin for bitlbee

nixos-unstable 1.2.2
- nixpkgs-unstable 1.2.2
- nixos-unstable-small 1.2.2
nixos-25.11 1.2.2
- nixos-25.11-small 1.2.2
- nixpkgs-25.11-darwin 1.2.2

pkgs.bitlbee-mastodon

Bitlbee plugin for Mastodon

nixos-unstable 1.4.5
- nixpkgs-unstable 1.4.5
- nixos-unstable-small 1.4.5
nixos-25.11 1.4.5
- nixos-25.11-small 1.4.5
- nixpkgs-25.11-darwin 1.4.5

Package maintainers

@Lassulus Lassulus <lassulus@gmail.com>
@pSub Pascal Wittmann <mail@pascal-wittmann.de>
@toonn Toon Nolten <nixpkgs@toonn.io>
@jpotier Martin Potier <jpo.contributes.to.nixos@marvid.fr>

Permalink CVE-2012-2736

created 1 month, 1 week ago

In NetworkManager 0.9.2.0, when a new wireless network was created …

In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.

References

http://www.openwall.com/lists/oss-security/2012/06/15/2 x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/06/15/4 x_refsource_MISC
http://www.ubuntu.com/usn/USN-1483-1 x_refsource_MISC
http://www.ubuntu.com/usn/USN-1483-2 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-2736 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2736 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-2736 x_refsource_MISC
http://lists.opensuse.org/opensuse-updates/2012-09/msg00049.html x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-2736 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2736 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-2736 x_transferred x_refsource_MISC
http://lists.opensuse.org/opensuse-updates/2012-09/msg00049.html x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/06/15/2 x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/06/15/4 x_transferred x_refsource_MISC
http://www.ubuntu.com/usn/USN-1483-1 x_transferred x_refsource_MISC
http://www.ubuntu.com/usn/USN-1483-2 x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/06/15/4 x_refsource_MISC
http://www.ubuntu.com/usn/USN-1483-1 x_refsource_MISC
http://www.ubuntu.com/usn/USN-1483-2 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-2736 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2736 x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-2736 x_refsource_MISC
http://lists.opensuse.org/opensuse-updates/2012-09/msg00049.html x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/06/15/2 x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2012-2736 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2736 x_transferred x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-2736 x_transferred x_refsource_MISC
http://lists.opensuse.org/opensuse-updates/2012-09/msg00049.html x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/06/15/2 x_transferred x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/06/15/4 x_transferred x_refsource_MISC
http://www.ubuntu.com/usn/USN-1483-1 x_transferred x_refsource_MISC
http://www.ubuntu.com/usn/USN-1483-2 x_transferred x_refsource_MISC

Affected products

network-manager

==0.9.2.0

Matching in nixpkgs

pkgs.networkmanagerapplet

NetworkManager control applet for GNOME

nixos-unstable 1.36.0
- nixpkgs-unstable 1.36.0
- nixos-unstable-small 1.36.0
nixos-25.11 1.36.0
- nixos-25.11-small 1.36.0
- nixpkgs-25.11-darwin 1.36.0

pkgs.rofi-network-manager

Manage wifi and ethernet with rofi

nixos-unstable 0-unstable-2024-09-03
- nixpkgs-unstable 0-unstable-2024-09-03
- nixos-unstable-small 0-unstable-2024-09-03
nixos-25.11 0-unstable-2024-09-03
- nixos-25.11-small 0-unstable-2024-09-03
- nixpkgs-25.11-darwin 0-unstable-2024-09-03

pkgs.azure-cli-extensions.virtual-network-manager

Microsoft Azure Command-Line Tools NetworkManagementClient Extension

nixos-unstable 3.0.1
- nixpkgs-unstable 3.0.1
- nixos-unstable-small 3.0.1
nixos-25.11 3.0.1
- nixos-25.11-small 3.0.1
- nixpkgs-25.11-darwin 3.0.1

pkgs.python312Packages.proton-vpn-network-manager

Provides the necessary functionality for other ProtonVPN components to interact with NetworkManager

nixos-25.11 0.13.4
- nixos-25.11-small 0.13.4
- nixpkgs-25.11-darwin 0.13.4

pkgs.python313Packages.proton-vpn-network-manager

Provides the necessary functionality for other ProtonVPN components to interact with NetworkManager

nixos-25.11 0.13.4
- nixos-25.11-small 0.13.4
- nixpkgs-25.11-darwin 0.13.4

Package maintainers

@katexochen Paul Meyer <katexochen0@gmail.com>
@ulrikstrid Ulrik Strid <ulrik.strid@outlook.com>
@SebTM Sebastian Sellmeier <mail@sebastian-sellmeier.de>
@Steinhagen Viorel-Cătălin Răpițeanu <rapiteanu.catalin@gmail.com>
@wenjinnn wenjin <hewenjin94@outlook.com>

Automatically generated suggestions

References

Affected products

Matching in nixpkgs

pkgs.hexchat

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.thttpd

pkgs.althttpd

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.libytnef

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.jonquil

pkgs.gnome-mahjongg

pkgs.libsForQt5.kmahjongg

pkgs.kdePackages.kmahjongg

pkgs.sbclPackages.jonathan

pkgs.libsForQt5.libkmahjongg

pkgs.kdePackages.libkmahjongg

pkgs.plasma5Packages.kmahjongg

pkgs.plasma5Packages.libkmahjongg

pkgs.vscode-extensions.kddejong.vscode-cfn-lint

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.jenkins

pkgs.jenkins-job-builder

pkgs.python312Packages.jenkinsapi

pkgs.python313Packages.jenkinsapi

pkgs.python314Packages.jenkinsapi

pkgs.python312Packages.python-jenkins

pkgs.python313Packages.python-jenkins

pkgs.python314Packages.python-jenkins

pkgs.python312Packages.jenkins-job-builder

pkgs.python313Packages.jenkins-job-builder

pkgs.python314Packages.jenkins-job-builder

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.pithos

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.distribution-opensuse

References

Affected products

Matching in nixpkgs

pkgs.bitlbee

pkgs.bitlbee-steam

pkgs.bitlbee-discord

pkgs.bitlbee-facebook

pkgs.bitlbee-mastodon

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.networkmanagerapplet

pkgs.rofi-network-manager

pkgs.azure-cli-extensions.virtual-network-manager

pkgs.python312Packages.proton-vpn-network-manager

pkgs.python313Packages.proton-vpn-network-manager

Package maintainers