CVE-2025-62033 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE created 2 weeks, 1 day ago WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. Affected products togo =<< 1.0.4 Matching in nixpkgs pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 ??? nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 ??? nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-62034 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 2 weeks, 1 day ago WordPress Togo theme < 1.0.4 - Privilege Escalation vulnerability Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. Affected products togo =<< 1.0.4 Matching in nixpkgs pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 ??? nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 ??? nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-60202 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 2 weeks, 1 day ago WordPress Favorites plugin <= 2.3.6 - Local File Inclusion vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kyle Phillips Favorites favorites allows PHP Local File Inclusion.This issue affects Favorites: from n/a through <= 2.3.6. Affected products favorites =<<= 2.3.6 Matching in nixpkgs pkgs.gnomeExtensions.favorites-menu Provide panel menu for favorites nixos-unstable 22 nixos-unstable-small 22 nixpkgs-unstable 22 pkgs.gnomeExtensions.panel-favorites Add launchers for Favorites to the panel nixos-25.05 ??? nixos-25.05-small 52 nixos-unstable 52 nixos-unstable-small 52 nixpkgs-unstable 52 pkgs.gnomeExtensions.favorites-to-applications-grid Keep your favorite applications in your applications grid. nixos-25.05 ??? nixos-25.05-small 1 nixos-unstable 1 nixos-unstable-small 1 nixpkgs-unstable 1 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.favorites-menu Provide panel menu for favorites nixos-unstable 22 nixos-unstable-small 22 nixpkgs-unstable 22
pkgs.gnomeExtensions.panel-favorites Add launchers for Favorites to the panel nixos-25.05 ??? nixos-25.05-small 52 nixos-unstable 52 nixos-unstable-small 52 nixpkgs-unstable 52
pkgs.gnomeExtensions.favorites-to-applications-grid Keep your favorite applications in your applications grid. nixos-25.05 ??? nixos-25.05-small 1 nixos-unstable 1 nixos-unstable-small 1 nixpkgs-unstable 1
CVE-2025-62036 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 2 weeks, 1 day ago WordPress Togo theme < 1.0.4 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. Affected products togo =<< 1.0.4 Matching in nixpkgs pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 ??? nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 ??? nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-62037 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE created 2 weeks, 1 day ago WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. Affected products togo =<< 1.0.4 Matching in nixpkgs pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 ??? nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 ??? nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-10622 8.0 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): HIGH User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 2 weeks, 1 day ago Foreman: os command injection via ct_location and fcct_location parameters A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting. Affected products foreman * satellite:el8/foreman Matching in nixpkgs pkgs.foreman Process manager for applications with multiple components nixos-25.05 ??? nixos-25.05-small 0.87.2 nixos-unstable 0.87.2 nixos-unstable-small 0.87.2 nixpkgs-unstable 0.87.2 pkgs.emacsPackages.foreman-mode nixos-unstable 20170725.1422 nixos-unstable-small 20170725.1422 nixpkgs-unstable 20170725.1422 Package maintainers: 1 @zimbatm zimbatm <zimbatm@zimbatm.com>
pkgs.foreman Process manager for applications with multiple components nixos-25.05 ??? nixos-25.05-small 0.87.2 nixos-unstable 0.87.2 nixos-unstable-small 0.87.2 nixpkgs-unstable 0.87.2
pkgs.emacsPackages.foreman-mode nixos-unstable 20170725.1422 nixos-unstable-small 20170725.1422 nixpkgs-unstable 20170725.1422
CVE-2023-4232 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 2 weeks, 1 day ago Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_status_report() function A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_status_report(). Affected products ofono Matching in nixpkgs pkgs.ofono Infrastructure for building mobile telephony (GSM/UMTS) applications nixos-25.05 ??? nixos-25.05-small 2.14 nixos-unstable 2.17 nixos-unstable-small 2.17 nixpkgs-unstable 2.17 pkgs.ofono-phonesim Phone Simulator for modem testing nixos-25.05 ??? nixos-25.05-small 2019-11-18 nixos-unstable 2019-11-18 nixos-unstable-small 2019-11-18 nixpkgs-unstable 2019-11-18 pkgs.libsForQt5.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124 pkgs.plasma5Packages.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124 pkgs.libsForQt5.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123 pkgs.libsForQt5.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123 pkgs.plasma5Packages.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123 pkgs.plasma5Packages.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123
pkgs.ofono Infrastructure for building mobile telephony (GSM/UMTS) applications nixos-25.05 ??? nixos-25.05-small 2.14 nixos-unstable 2.17 nixos-unstable-small 2.17 nixpkgs-unstable 2.17
pkgs.ofono-phonesim Phone Simulator for modem testing nixos-25.05 ??? nixos-25.05-small 2019-11-18 nixos-unstable 2019-11-18 nixos-unstable-small 2019-11-18 nixpkgs-unstable 2019-11-18
pkgs.libsForQt5.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124
pkgs.plasma5Packages.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124
pkgs.libsForQt5.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123
pkgs.libsForQt5.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123
pkgs.plasma5Packages.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123
pkgs.plasma5Packages.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123
CVE-2023-4235 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 2 weeks, 1 day ago Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_deliver_report() function A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver_report(). Affected products ofono Matching in nixpkgs pkgs.ofono Infrastructure for building mobile telephony (GSM/UMTS) applications nixos-25.05 ??? nixos-25.05-small 2.14 nixos-unstable 2.17 nixos-unstable-small 2.17 nixpkgs-unstable 2.17 pkgs.ofono-phonesim Phone Simulator for modem testing nixos-25.05 ??? nixos-25.05-small 2019-11-18 nixos-unstable 2019-11-18 nixos-unstable-small 2019-11-18 nixpkgs-unstable 2019-11-18 pkgs.libsForQt5.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124 pkgs.plasma5Packages.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124 pkgs.libsForQt5.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123 pkgs.libsForQt5.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123 pkgs.plasma5Packages.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123 pkgs.plasma5Packages.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123
pkgs.ofono Infrastructure for building mobile telephony (GSM/UMTS) applications nixos-25.05 ??? nixos-25.05-small 2.14 nixos-unstable 2.17 nixos-unstable-small 2.17 nixpkgs-unstable 2.17
pkgs.ofono-phonesim Phone Simulator for modem testing nixos-25.05 ??? nixos-25.05-small 2019-11-18 nixos-unstable 2019-11-18 nixos-unstable-small 2019-11-18 nixpkgs-unstable 2019-11-18
pkgs.libsForQt5.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124
pkgs.plasma5Packages.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124
pkgs.libsForQt5.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123
pkgs.libsForQt5.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123
pkgs.plasma5Packages.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123
pkgs.plasma5Packages.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123
CVE-2023-43787 7.8 HIGH CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 2 weeks, 1 day ago Libx11: integer overflow in xcreateimage() leading to a heap overflow A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges. Affected products libX11 * <1.8.7 Matching in nixpkgs pkgs.xorg.libX11 nixos-25.05 ??? nixos-25.05-small 1.8.12 nixos-unstable 1.8.12 nixos-unstable-small 1.8.10 nixpkgs-unstable 1.8.12 pkgs.tests.pkg-config.defaultPkgConfigPackages.x11 Test whether libX11-1.8.12 exposes pkg-config modules x11 nixos-25.05 ??? nixos-25.05-small libX11 nixos-unstable libX11 nixos-unstable-small libX11 nixpkgs-unstable libX11
pkgs.xorg.libX11 nixos-25.05 ??? nixos-25.05-small 1.8.12 nixos-unstable 1.8.12 nixos-unstable-small 1.8.10 nixpkgs-unstable 1.8.12
pkgs.tests.pkg-config.defaultPkgConfigPackages.x11 Test whether libX11-1.8.12 exposes pkg-config modules x11 nixos-25.05 ??? nixos-25.05-small libX11 nixos-unstable libX11 nixos-unstable-small libX11 nixpkgs-unstable libX11
CVE-2023-4233 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 2 weeks, 1 day ago Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the sms_decode_address_field() function A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. Affected products ofono Matching in nixpkgs pkgs.ofono Infrastructure for building mobile telephony (GSM/UMTS) applications nixos-25.05 ??? nixos-25.05-small 2.14 nixos-unstable 2.17 nixos-unstable-small 2.17 nixpkgs-unstable 2.17 pkgs.ofono-phonesim Phone Simulator for modem testing nixos-25.05 ??? nixos-25.05-small 2019-11-18 nixos-unstable 2019-11-18 nixos-unstable-small 2019-11-18 nixpkgs-unstable 2019-11-18 pkgs.libsForQt5.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124 pkgs.plasma5Packages.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124 pkgs.libsForQt5.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123 pkgs.libsForQt5.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123 pkgs.plasma5Packages.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123 pkgs.plasma5Packages.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123
pkgs.ofono Infrastructure for building mobile telephony (GSM/UMTS) applications nixos-25.05 ??? nixos-25.05-small 2.14 nixos-unstable 2.17 nixos-unstable-small 2.17 nixpkgs-unstable 2.17
pkgs.ofono-phonesim Phone Simulator for modem testing nixos-25.05 ??? nixos-25.05-small 2019-11-18 nixos-unstable 2019-11-18 nixos-unstable-small 2019-11-18 nixpkgs-unstable 2019-11-18
pkgs.libsForQt5.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124
pkgs.plasma5Packages.libqofono Library for accessing the ofono daemon, and declarative plugin for it nixos-25.05 ??? nixos-25.05-small 0.124 nixos-unstable 0.124 nixos-unstable-small 0.124 nixpkgs-unstable 0.124
pkgs.libsForQt5.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123
pkgs.libsForQt5.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixos-unstable-small 0.123
pkgs.plasma5Packages.libqofono.x86_64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123
pkgs.plasma5Packages.libqofono.aarch64-linux Library for accessing the ofono daemon, and declarative plugin for it nixos-unstable ??? nixpkgs-unstable 0.123