Published issues
Permalink
CVE-2025-53882
9.1 CRITICAL
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): High (H)
-
Integrity (I): High (H)
-
Availability (A): None (N)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): High (H)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): High (H)
-
Modified Availability (MA): None (N)
updated
9 months, 3 weeks ago
by @Erethon
Activity log
-
Created suggestion
11 months, 3 weeks ago
-
@Erethon
accepted
11 months, 2 weeks ago
-
@Erethon
published on GitHub
9 months, 3 weeks ago
python-mailmans logrotate configuration allows potential escalation from mailman to root
Permalink
CVE-2025-30192
7.5 HIGH
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): None (N)
-
Integrity (I): None (N)
-
Availability (A): High (H)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): None (N)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): None (N)
-
Modified Availability (MA): High (H)
updated
9 months, 3 weeks ago
by @Erethon
Activity log
-
Created suggestion
11 months, 3 weeks ago
-
@Erethon
accepted
11 months, 2 weeks ago
-
@Erethon
deleted
maintainer @rnhmjoj
9 months, 3 weeks ago
maintainer.delete
-
@Erethon
added
maintainer @Erethon
9 months, 3 weeks ago
maintainer.add
-
@Erethon
published on GitHub
9 months, 3 weeks ago
A Recursor configured to send out ECS enabled queries can be sensitive to spoofing attempts
Permalink
CVE-2025-47444
7.5 HIGH
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): High (H)
-
Integrity (I): None (N)
-
Availability (A): None (N)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): High (H)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): None (N)
-
Modified Availability (MA): None (N)
updated
9 months, 4 weeks ago
by @Erethon
Activity log
-
Created suggestion
11 months ago
-
@Erethon
accepted
9 months, 4 weeks ago
-
@Erethon
published on GitHub
9 months, 4 weeks ago
WordPress GiveWP Plugin < 4.6.1 is vulnerable to Sensitive Data (PII) Exposure
Permalink
CVE-2023-39327
4.3 MEDIUM
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): Required (R)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): None (N)
-
Integrity (I): None (N)
-
Availability (A): Low (L)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): Required (R)
-
Modified Confidentiality (MC): None (N)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): None (N)
-
Modified Availability (MA): Low (L)
updated
9 months, 4 weeks ago
by @Erethon
Activity log
-
Created suggestion
11 months, 1 week ago
-
@Erethon
accepted
9 months, 4 weeks ago
-
@Erethon
published on GitHub
9 months, 4 weeks ago
Openjpeg: malicious files can cause the program to enter a large loop
openjpeg
openjpeg2
gimp:flatpak/openjpeg2
inkscape:flatpak/openjpeg2
libreoffice:flatpak/openjpeg2
Permalink
CVE-2025-40920
8.6 HIGH
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): High (H)
-
Integrity (I): Low (L)
-
Availability (A): Low (L)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): High (H)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): Low (L)
-
Modified Availability (MA): Low (L)
updated
9 months, 4 weeks ago
by @Erethon
Activity log
-
Created suggestion
11 months ago
-
@Erethon
accepted
9 months, 4 weeks ago
-
@Erethon
published on GitHub
9 months, 4 weeks ago
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl use insecurely generated nonces
Catalyst-Authentication-Credential-HTTP
updated
1 year, 1 month ago
by @fricklerhandwerk
Activity log
-
Created suggestion
1 year, 1 month ago
-
@fricklerhandwerk
accepted
1 year, 1 month ago
-
@fricklerhandwerk
published on GitHub
1 year, 1 month ago
Regular Expression Denial of Service (ReDoS) in markedjs/marked
Permalink
CVE-2025-26466
5.9 MEDIUM
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Network (N)
-
Attack Complexity (AC): High (H)
-
Privileges Required (PR): None (N)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): None (N)
-
Integrity (I): None (N)
-
Availability (A): High (H)
-
Modified Attack Vector (MAV): Network (N)
-
Modified Attack Complexity (MAC): High (H)
-
Modified Privileges Required (MPR): None (N)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): None (N)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): None (N)
-
Modified Availability (MA): High (H)
updated
1 year, 2 months ago
by @mweinelt
Activity log
-
Created suggestion
1 year, 4 months ago
-
@fricklerhandwerk
accepted
1 year, 4 months ago
-
@mweinelt
published on GitHub
1 year, 2 months ago
Openssh: denial-of-service in openssh
Permalink
CVE-2024-9675
4.4 MEDIUM
-
CVSS version (CVSS): 3.1
-
Attack Vector (AV): Local (L)
-
Attack Complexity (AC): Low (L)
-
Privileges Required (PR): Low (L)
-
User Interaction (UI): None (N)
-
Scope (S): Unchanged (U)
-
Confidentiality (C): Low (L)
-
Integrity (I): Low (L)
-
Availability (A): None (N)
-
Modified Attack Vector (MAV): Local (L)
-
Modified Attack Complexity (MAC): Low (L)
-
Modified Privileges Required (MPR): Low (L)
-
Modified User Interaction (MUI): None (N)
-
Modified Confidentiality (MC): Low (L)
-
Modified Scope (MS): Unchanged (U)
-
Modified Integrity (MI): Low (L)
-
Modified Availability (MA): None (N)
updated
2 months, 3 weeks ago
by @ADMIN
Activity log
-
@ADMIN
published on GitHub
2 months, 3 weeks ago
Buildah: buildah allows arbitrary directory mount
cri-o
conmon
podman
skopeo
buildah
buildah-container
container-tools:rhel8
quay/quay-builder-rhel8
ocp-tools-4/jenkins-rhel8
container-tools:rhel8/conmon
container-tools:rhel8/podman
container-tools:rhel8/skopeo
container-tools:rhel8/buildah
openshift4/ose-docker-builder
openshift4/ose-docker-builder-rhel9
ocp-tools-4/jenkins-agent-base-rhel8
openshift-enterprise-builder-container