Published issues
Permalink
CVE-2023-39329
6.5 MEDIUM
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): Required (R)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): None (N)
-
Integrity (I): None (N)
-
Availability (A): High (H)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): Required (R)
-
Modified Confidentiality (MC): None (N)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): None (N)
-
Modified Availability (MA): High (H)
updated
9 months, 2 weeks ago
by @Erethon
Activity log
-
Created suggestion
11 months, 1 week ago
-
@Erethon
accepted
9 months, 2 weeks ago
-
@Erethon
published on GitHub
9 months, 2 weeks ago
Openjpeg: resource exhaustion will occur in the opj_t1_decode_cblks function in the tcd.c
openjpeg
openjpeg2
gimp:flatpak/openjpeg2
inkscape:flatpak/openjpeg2
libreoffice:flatpak/openjpeg2
Permalink
CVE-2023-39328
5.5 MEDIUM
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Local (L)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): Required (R)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): None (N)
-
Integrity (I): None (N)
-
Availability (A): High (H)
-
Modified Attack Vector (MAV): Local (L)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): Required (R)
-
Modified Confidentiality (MC): None (N)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): None (N)
-
Modified Availability (MA): High (H)
updated
9 months, 2 weeks ago
by @Erethon
Activity log
-
Created suggestion
11 months, 1 week ago
-
@Erethon
accepted
9 months, 2 weeks ago
-
@Erethon
published on GitHub
9 months, 2 weeks ago
Openjpeg: denail of service via crafted image file
openjpeg
openjpeg2
gimp:flatpak/openjpeg2
inkscape:flatpak/openjpeg2
libreoffice:flatpak/openjpeg2
Permalink
CVE-2023-5824
7.5 HIGH
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): None (N)
-
Integrity (I): None (N)
-
Availability (A): High (H)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): None (N)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): None (N)
-
Modified Availability (MA): High (H)
updated
9 months, 2 weeks ago
by @Erethon
Activity log
-
Created suggestion
11 months, 1 week ago
-
@Erethon
accepted
9 months, 2 weeks ago
-
@Erethon
published on GitHub
9 months, 2 weeks ago
Squid: dos against http and https
Permalink
CVE-2023-4727
7.5 HIGH
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Adjacent (A)
-
Attack Complexity (AC): High (H)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): High (H)
-
Integrity (I): High (H)
-
Availability (A): High (H)
-
Modified Attack Vector (MAV): Adjacent (A)
-
Modified Attack Complexity (MAC): High (H)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): High (H)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): High (H)
-
Modified Availability (MA): High (H)
updated
9 months, 2 weeks ago
by @Erethon
Activity log
-
Created suggestion
11 months, 1 week ago
-
@Erethon
accepted
9 months, 2 weeks ago
-
@Erethon
published on GitHub
9 months, 2 weeks ago
Ca: token authentication bypass vulnerability
keycloak
pki-core
pki-core:10.6
redhat-pki:10
pki-core:10.6/pki-core
redhat-pki:10/pki-core
Permalink
CVE-2025-1828
8.8 HIGH
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): Required (R)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): High (H)
-
Integrity (I): High (H)
-
Availability (A): High (H)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): Required (R)
-
Modified Confidentiality (MC): High (H)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): High (H)
-
Modified Availability (MA): High (H)
updated
9 months, 2 weeks ago
by @Erethon
Activity log
-
Created suggestion
1 year, 4 months ago
-
@LeSuisse
accepted
1 year, 4 months ago
-
@Erethon
published on GitHub
9 months, 2 weeks ago
Perl's Crypt::Random module after 1.05 and before 1.56 may use rand() function for cryptographic functions
Permalink
CVE-2025-31162
6.6 MEDIUM
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Local (L)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): Low (L)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): Low (L)
-
Integrity (I): Low (L)
-
Availability (A): High (H)
-
Modified Attack Vector (MAV): Local (L)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): Low (L)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): Low (L)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): Low (L)
-
Modified Availability (MA): High (H)
updated
9 months, 2 weeks ago
by @Erethon
Activity log
-
Created suggestion
1 year, 3 months ago
-
@LeSuisse
accepted
1 year, 3 months ago
-
@mweinelt
dismissed
1 year, 2 months ago
-
@mweinelt
accepted
1 year, 2 months ago
-
@Erethon
published on GitHub
9 months, 2 weeks ago
fig2dev float point exception
Permalink
CVE-2025-1399
3.1 LOW
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): High (H)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): Required (R)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): Low (L)
-
Integrity (I): None (N)
-
Availability (A): None (N)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): High (H)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): Required (R)
-
Modified Confidentiality (MC): Low (L)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): None (N)
-
Modified Availability (MA): None (N)
updated
9 months, 2 weeks ago
by @Erethon
Activity log
-
Created suggestion
1 year, 2 months ago
-
@LeSuisse
accepted
1 year, 1 month ago
-
@Erethon
published on GitHub
9 months, 2 weeks ago
Out-of-bounds Read in libplctag library
Permalink
CVE-2025-30673
6.5 MEDIUM
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): Low (L)
-
Integrity (I): Low (L)
-
Availability (A): None (N)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): Low (L)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): Low (L)
-
Modified Availability (MA): None (N)
updated
9 months, 2 weeks ago
by @Erethon
Activity log
-
Created suggestion
1 year, 3 months ago
-
@LeSuisse
accepted
1 year, 3 months ago
-
@Erethon
published on GitHub
9 months, 2 weeks ago
Sub::HandlesVia for Perl allows untrusted code to be included from the current working directory
Permalink
CVE-2024-2947
7.3 HIGH
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Local (L)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): Low (L)
-
User Interaction (UI): Required (R)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): High (H)
-
Integrity (I): High (H)
-
Availability (A): High (H)
-
Modified Attack Vector (MAV): Local (L)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): Low (L)
-
Modified User Interaction (MUI): Required (R)
-
Modified Confidentiality (MC): High (H)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): High (H)
-
Modified Availability (MA): High (H)
updated
9 months, 2 weeks ago
by @Erethon
Activity log
-
Created suggestion
1 year ago
-
@Erethon
dismissed
1 year ago
-
@Erethon
accepted
1 year ago
-
@Erethon
published on GitHub
9 months, 2 weeks ago
Cockpit: command injection when deleting a sosreport with a crafted name
Permalink
CVE-2025-31384
7.1 HIGH
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): Required (R)
-
Scope (S): Changed (C)
-
Confidentiality (C): Low (L)
-
Integrity (I): Low (L)
-
Availability (A): Low (L)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): Required (R)
-
Modified Confidentiality (MC): Low (L)
-
Modified Scope (MS): Changed (C)
-
Modified Integrity (MI): Low (L)
-
Modified Availability (MA): Low (L)
updated
9 months, 3 weeks ago
by @Erethon
Activity log
-
Created suggestion
1 year, 3 months ago
-
@LeSuisse
dismissed
1 year, 3 months ago
-
@Erethon
accepted
1 year ago
-
@Erethon
added
maintainer @Erethon
9 months, 3 weeks ago
maintainer.add
-
@Erethon
deleted
maintainer @Erethon
9 months, 3 weeks ago
maintainer.delete
-
@Erethon
published on GitHub
9 months, 3 weeks ago
WordPress Videos plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability