Dismissed suggestions Untriaged suggestions Draft issues Published issues Automatically generated suggestions Create Draft to queue a suggestion for refinement. Dismiss to remove a suggestion from the queue. CVE-2025-49177 5.5 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 4 months, 1 week ago Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: data leak in xfixes extension's xfixessetclientdisconnectmode A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests. tigervnc xorg-x11-server xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 CVE-2023-6004 4.8 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 4 months, 1 week ago Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter. libssh * pkgs.libssh SSH client library nixos-25.05 0.11.1 nixpkgs-25.05-darwin 0.11.1 nixos-25.05-small 0.11.1 nixos-unstable 0.11.1 nixos-unstable-small 0.11.1 nixpkgs-unstable 0.11.1 pkgs.libssh2 Client-side C library implementing the SSH2 protocol nixos-25.05 1.11.1 nixpkgs-25.05-darwin 1.11.1 nixos-25.05-small 1.11.1 nixos-unstable 1.11.1 nixos-unstable-small 1.11.1 nixpkgs-unstable 1.11.1 pkgs.libssh.x86_64-linux SSH client library nixos-unstable ??? nixos-unstable-small 0.11.1 pkgs.libssh.aarch64-linux SSH client library nixos-unstable ??? nixos-unstable-small 0.11.1 pkgs.libssh.x86_64-darwin SSH client library nixos-unstable ??? nixos-unstable-small 0.11.1 pkgs.libssh2.x86_64-linux Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1 pkgs.libssh.aarch64-darwin SSH client library nixos-unstable ??? nixos-unstable-small 0.11.1 pkgs.libssh2.aarch64-linux Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1 pkgs.libssh2.x86_64-darwin Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1 pkgs.haskellPackages.libssh libssh bindings nixos-25.05 0.1.0.0 nixpkgs-25.05-darwin 0.1.0.0 nixos-25.05-small 0.1.0.0 nixos-unstable 0.1.0.0 nixos-unstable-small 0.1.0.0 nixpkgs-unstable 0.1.0.0 pkgs.libssh2.aarch64-darwin Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1 pkgs.haskellPackages.libssh2 FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable 0.2.0.9 nixos-unstable-small 0.2.0.9 nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh2-conduit Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1 pkgs.python311Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-unstable 1.2.2 nixos-unstable-small 1.2.2 nixpkgs-unstable 1.2.2 pkgs.python312Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-25.05 1.2.2 nixpkgs-25.05-darwin 1.2.2 nixos-25.05-small 1.2.2 nixos-unstable 1.2.2 nixos-unstable-small 1.2.2 nixpkgs-unstable 1.2.2 pkgs.python313Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-25.05 1.2.2 nixpkgs-25.05-darwin 1.2.2 nixos-25.05-small 1.2.2 nixos-unstable 1.2.2 nixos-unstable-small 1.2.2 nixpkgs-unstable 1.2.2 pkgs.haskellPackages.libssh.x86_64-linux libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0 pkgs.haskellPackages.libssh.aarch64-linux libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0 pkgs.haskellPackages.libssh.x86_64-darwin libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0 pkgs.haskellPackages.libssh2.x86_64-linux FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh.aarch64-darwin libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0 pkgs.haskellPackages.libssh2.aarch64-linux FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh2.x86_64-darwin FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh2.aarch64-darwin FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh2-conduit.x86_64-linux Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1 pkgs.haskellPackages.libssh2-conduit.aarch64-linux Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1 pkgs.haskellPackages.libssh2-conduit.x86_64-darwin Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1 pkgs.haskellPackages.libssh2-conduit.aarch64-darwin Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1 pkgs.tests.pkg-config.defaultPkgConfigPackages.libssh2 Test whether libssh2-1.11.1 exposes pkg-config modules libssh2 nixos-25.05 libssh2 nixpkgs-25.05-darwin libssh2 nixos-25.05-small libssh2 nixos-unstable libssh2 nixos-unstable-small libssh2 nixpkgs-unstable libssh2 Package maintainers: 3 @geluk Johan Geluk <johan+nix@geluk.io> @svanderburg Sander van der Burg <s.vanderburg@tudelft.nl> @SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com> CVE-2025-24761 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 1 week ago WordPress DSK <= 2.2 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme DSK allows PHP Local File Inclusion. This issue affects DSK: from n/a through 2.2. dsk =<2.2 pkgs.idsk Manipulating CPC dsk images and files nixos-25.05 0.20 nixpkgs-25.05-darwin 0.20 nixos-25.05-small 0.20 nixos-unstable 0.20 nixos-unstable-small 0.20 nixpkgs-unstable 0.20 pkgs.libdsk Library for accessing discs and disc image files nixos-25.05 1.5.21 nixpkgs-25.05-darwin 1.5.21 nixos-25.05-small 1.5.21 nixos-unstable 1.5.21 nixos-unstable-small 1.5.21 nixpkgs-unstable 1.5.21 pkgs.robotfindskitten Yet another zen simulation; A simple find-the-kitten game nixos-25.05 2.8284271.702 nixpkgs-25.05-darwin 2.8284271.702 nixos-25.05-small 2.8284271.702 nixos-unstable 2.8284271.702 nixos-unstable-small 2.8284271.702 nixpkgs-unstable 2.8284271.702 pkgs.emacsPackages.ddskk nixos-unstable 20230701.2340 nixos-unstable-small 20230701.2340 nixpkgs-unstable 20230701.2340 pkgs.emacsPackages.ddskk-posframe nixos-unstable 20200812.917 nixos-unstable-small 20200812.917 nixpkgs-unstable 20200812.917 pkgs.robotfindskitten.x86_64-linux Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702 pkgs.robotfindskitten.aarch64-linux Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702 pkgs.robotfindskitten.x86_64-darwin Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702 pkgs.robotfindskitten.aarch64-darwin Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702 pkgs.python311Packages.pmdsky-debug-py Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 nixos-unstable-small 10.0.21 nixpkgs-unstable 10.0.21 pkgs.python312Packages.pmdsky-debug-py Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-25.05 10.0.21 nixpkgs-25.05-darwin 10.0.21 nixos-25.05-small 10.0.21 nixos-unstable 10.0.48 nixos-unstable-small 10.0.48 nixpkgs-unstable 10.0.48 pkgs.python313Packages.pmdsky-debug-py Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-25.05 10.0.21 nixpkgs-25.05-darwin 10.0.21 nixos-25.05-small 10.0.21 nixos-unstable 10.0.48 nixos-unstable-small 10.0.48 nixpkgs-unstable 10.0.48 pkgs.python312Packages.pmdsky-debug-py.x86_64-linux Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 pkgs.python312Packages.pmdsky-debug-py.aarch64-linux Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 pkgs.python312Packages.pmdsky-debug-py.x86_64-darwin Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 pkgs.python312Packages.pmdsky-debug-py.aarch64-darwin Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 Package maintainers: 3 @marius851000 Marius David <mariusdavid@laposte.net> @wegank Weijia Wang <contact@weijia.wang> @AndersonTorres Anderson Torres <torres.anderson.85@protonmail.com> CVE-2022-45083 6.6 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 4 months, 1 week ago WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress: from n/a through 4.3.2. wp-user-avatar =<4.3.2 pkgs.wordpressPackages.plugins.wp-user-avatars nixos-25.05 1.4.1 nixpkgs-25.05-darwin 1.4.1 nixos-25.05-small 1.4.1 nixos-unstable 1.4.1 nixos-unstable-small 1.4.1 nixpkgs-unstable 1.4.1 CVE-2025-49254 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 1 week ago WordPress Nika <= 1.2.8 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika allows PHP Local File Inclusion. This issue affects Nika: from n/a through 1.2.8. nika =<1.2.8 pkgs.nika-fonts Persian/Arabic Open Source Font nixos-25.05 1.0.0 nixpkgs-25.05-darwin 1.0.0 nixos-25.05-small 1.0.0 nixos-unstable 1.0.0 nixos-unstable-small 1.0.0 nixpkgs-unstable 1.0.0 pkgs.python311Packages.minikanren Relational programming in Python nixos-unstable 1.0.3 nixos-unstable-small 1.0.3 nixpkgs-unstable 1.0.3 pkgs.python312Packages.minikanren Relational programming in Python nixos-25.05 1.0.3 nixpkgs-25.05-darwin 1.0.3 nixos-25.05-small 1.0.3 nixos-unstable 1.0.3 nixos-unstable-small 1.0.3 nixpkgs-unstable 1.0.3 pkgs.python313Packages.minikanren Relational programming in Python nixos-25.05 1.0.3 nixpkgs-25.05-darwin 1.0.3 nixos-25.05-small 1.0.3 nixos-unstable 1.0.3 nixos-unstable-small 1.0.3 nixpkgs-unstable 1.0.3 pkgs.python312Packages.minikanren.x86_64-linux Relational programming in Python nixos-unstable 1.0.3 pkgs.python312Packages.minikanren.aarch64-linux Relational programming in Python nixos-unstable 1.0.3 pkgs.python312Packages.minikanren.x86_64-darwin Relational programming in Python nixos-unstable 1.0.3 pkgs.python312Packages.minikanren.aarch64-darwin Relational programming in Python nixos-unstable 1.0.3 Package maintainers: 1 @Etjean Etienne Jean <et.jean@outlook.fr> CVE-2025-49180 6.1 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 1 week ago Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 CVE-2025-49253 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 1 week ago WordPress Lasa <= 1.1 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Lasa allows PHP Local File Inclusion. This issue affects Lasa: from n/a through 1.1. lasa =<1.1 pkgs.gnomeExtensions.glasa This extension puts adds an indicator to the top panel whose icon continuously renders two comic-like eyes that follow the mouse cursor. nixos-unstable 14 nixos-unstable-small 14 nixpkgs-unstable 14 pkgs.typstPackages.lasagna_0_1_0 Add layers, toggle them using tags easily nixos-25.05 0.1.0 nixpkgs-25.05-darwin 0.1.0 nixos-25.05-small 0.1.0 nixos-unstable 0.1.0 nixos-unstable-small 0.1.0 nixpkgs-unstable 0.1.0 pkgs.typstPackages.lasaveur_0_1_3 Porting vim-latex's math shorthands to Typst. An accommendating vim syntax file is provided in the repo nixos-25.05 0.1.3 nixpkgs-25.05-darwin 0.1.3 nixos-25.05-small 0.1.3 nixos-unstable 0.1.3 nixos-unstable-small 0.1.3 nixpkgs-unstable 0.1.3 pkgs.typstPackages.lasaveur_0_1_4 Porting vim-latex's math shorthands to Typst. An accommendating vim syntax file is provided in the repo nixos-25.05 0.1.4 nixpkgs-25.05-darwin 0.1.4 nixos-25.05-small 0.1.4 nixos-unstable 0.1.4 nixos-unstable-small 0.1.4 nixpkgs-unstable 0.1.4 Package maintainers: 2 @cherrypiejam Gongqi Huang @honnip Jung seungwoo <me@honnip.page> CVE-2025-31919 9.8 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 1 week ago WordPress Spare <= 1.7 - PHP Object Injection Vulnerability Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7. spare =<1.7 pkgs.asciiquarium-transparent Aquarium/sea animation in ASCII art (with option of transparent background) nixos-25.05 1.3 nixpkgs-25.05-darwin 1.3 nixos-25.05-small 1.3 nixos-unstable 1.3 nixos-unstable-small 1.3 nixpkgs-unstable 1.3 pkgs.materia-theme-transparent Transparent Material Design theme for GNOME/GTK based desktop environments nixos-25.05 0-unstable-2021-03-22 nixpkgs-25.05-darwin 0-unstable-2021-03-22 nixos-25.05-small 0-unstable-2021-03-22 nixos-unstable 0-unstable-2021-03-22 nixos-unstable-small 0-unstable-2021-03-22 nixpkgs-unstable 0-unstable-2021-03-22 pkgs.vimPlugins.transparent-nvim nixos-unstable 2024-08-25 nixos-unstable-small 2024-08-25 nixpkgs-unstable 2024-08-25 pkgs.gnomeExtensions.transparent-top-bar Bring back the transparent top bar when free-floating in GNOME Shell 3.32. nixos-25.05 24 nixpkgs-25.05-darwin 24 nixos-25.05-small 24 nixos-unstable 23 nixos-unstable-small 23 nixpkgs-unstable 24 pkgs.vimPlugins.transparent-nvim.x86_64-linux nixos-unstable ??? nixos-unstable-small 2024-08-25 pkgs.gnomeExtensions.transparent-window-moving Makes the window semi-transparent when moving or resizing nixos-25.05 19 nixpkgs-25.05-darwin 19 nixos-25.05-small 19 nixos-unstable 18 nixos-unstable-small 18 nixpkgs-unstable 18 pkgs.vimPlugins.transparent-nvim.aarch64-linux nixos-unstable ??? nixos-unstable-small 2024-08-25 pkgs.vimPlugins.transparent-nvim.x86_64-darwin nixos-unstable ??? nixos-unstable-small 2024-08-25 pkgs.sway-contrib.inactive-windows-transparency It makes inactive sway windows transparent nixos-25.05 0-unstable-2024-03-19 nixpkgs-25.05-darwin 0-unstable-2024-03-19 nixos-25.05-small 0-unstable-2024-03-19 nixos-unstable 0-unstable-2024-03-19 nixos-unstable-small 0-unstable-2024-03-19 nixpkgs-unstable 0-unstable-2024-03-19 pkgs.vimPlugins.transparent-nvim.aarch64-darwin nixos-unstable ??? nixos-unstable-small 2024-08-25 pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar nixos-25.05 24 nixpkgs-25.05-darwin 24 nixos-25.05-small 24 nixos-unstable 21 nixos-unstable-small 21 nixpkgs-unstable 24 Package maintainers: 4 @evils Evils <evils.devils@protonmail.com> @honnip Jung seungwoo <me@honnip.page> @quantenzitrone quantenzitrone <nix@dev.quantenzitrone.eu> @CorbinWunderlich Corbin Wunderlich <corbin@wcopy.net> CVE-2024-0408 5.5 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 1 week ago Xorg-x11-server: selinux unlabeled glx pbuffer A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL. tigervnc xorg-server <21.1.11 xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.xorg.xvfb nixos-25.05 21.1.16 nixpkgs-25.05-darwin 21.1.16 nixos-25.05-small 21.1.16 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.xorg.xorgserver nixos-25.05 21.1.16 nixpkgs-25.05-darwin 21.1.16 nixos-25.05-small 21.1.16 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 CVE-2025-49175 5.5 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 1 week ago Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
CVE-2025-49177 5.5 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE created 4 months, 1 week ago Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: data leak in xfixes extension's xfixessetclientdisconnectmode A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests. tigervnc xorg-x11-server xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
CVE-2023-6004 4.8 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 4 months, 1 week ago Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter. libssh * pkgs.libssh SSH client library nixos-25.05 0.11.1 nixpkgs-25.05-darwin 0.11.1 nixos-25.05-small 0.11.1 nixos-unstable 0.11.1 nixos-unstable-small 0.11.1 nixpkgs-unstable 0.11.1 pkgs.libssh2 Client-side C library implementing the SSH2 protocol nixos-25.05 1.11.1 nixpkgs-25.05-darwin 1.11.1 nixos-25.05-small 1.11.1 nixos-unstable 1.11.1 nixos-unstable-small 1.11.1 nixpkgs-unstable 1.11.1 pkgs.libssh.x86_64-linux SSH client library nixos-unstable ??? nixos-unstable-small 0.11.1 pkgs.libssh.aarch64-linux SSH client library nixos-unstable ??? nixos-unstable-small 0.11.1 pkgs.libssh.x86_64-darwin SSH client library nixos-unstable ??? nixos-unstable-small 0.11.1 pkgs.libssh2.x86_64-linux Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1 pkgs.libssh.aarch64-darwin SSH client library nixos-unstable ??? nixos-unstable-small 0.11.1 pkgs.libssh2.aarch64-linux Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1 pkgs.libssh2.x86_64-darwin Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1 pkgs.haskellPackages.libssh libssh bindings nixos-25.05 0.1.0.0 nixpkgs-25.05-darwin 0.1.0.0 nixos-25.05-small 0.1.0.0 nixos-unstable 0.1.0.0 nixos-unstable-small 0.1.0.0 nixpkgs-unstable 0.1.0.0 pkgs.libssh2.aarch64-darwin Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1 pkgs.haskellPackages.libssh2 FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable 0.2.0.9 nixos-unstable-small 0.2.0.9 nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh2-conduit Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1 pkgs.python311Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-unstable 1.2.2 nixos-unstable-small 1.2.2 nixpkgs-unstable 1.2.2 pkgs.python312Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-25.05 1.2.2 nixpkgs-25.05-darwin 1.2.2 nixos-25.05-small 1.2.2 nixos-unstable 1.2.2 nixos-unstable-small 1.2.2 nixpkgs-unstable 1.2.2 pkgs.python313Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-25.05 1.2.2 nixpkgs-25.05-darwin 1.2.2 nixos-25.05-small 1.2.2 nixos-unstable 1.2.2 nixos-unstable-small 1.2.2 nixpkgs-unstable 1.2.2 pkgs.haskellPackages.libssh.x86_64-linux libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0 pkgs.haskellPackages.libssh.aarch64-linux libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0 pkgs.haskellPackages.libssh.x86_64-darwin libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0 pkgs.haskellPackages.libssh2.x86_64-linux FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh.aarch64-darwin libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0 pkgs.haskellPackages.libssh2.aarch64-linux FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh2.x86_64-darwin FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh2.aarch64-darwin FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9 pkgs.haskellPackages.libssh2-conduit.x86_64-linux Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1 pkgs.haskellPackages.libssh2-conduit.aarch64-linux Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1 pkgs.haskellPackages.libssh2-conduit.x86_64-darwin Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1 pkgs.haskellPackages.libssh2-conduit.aarch64-darwin Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1 pkgs.tests.pkg-config.defaultPkgConfigPackages.libssh2 Test whether libssh2-1.11.1 exposes pkg-config modules libssh2 nixos-25.05 libssh2 nixpkgs-25.05-darwin libssh2 nixos-25.05-small libssh2 nixos-unstable libssh2 nixos-unstable-small libssh2 nixpkgs-unstable libssh2 Package maintainers: 3 @geluk Johan Geluk <johan+nix@geluk.io> @svanderburg Sander van der Burg <s.vanderburg@tudelft.nl> @SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
pkgs.libssh SSH client library nixos-25.05 0.11.1 nixpkgs-25.05-darwin 0.11.1 nixos-25.05-small 0.11.1 nixos-unstable 0.11.1 nixos-unstable-small 0.11.1 nixpkgs-unstable 0.11.1
pkgs.libssh2 Client-side C library implementing the SSH2 protocol nixos-25.05 1.11.1 nixpkgs-25.05-darwin 1.11.1 nixos-25.05-small 1.11.1 nixos-unstable 1.11.1 nixos-unstable-small 1.11.1 nixpkgs-unstable 1.11.1
pkgs.libssh2.x86_64-linux Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1
pkgs.libssh2.aarch64-linux Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1
pkgs.libssh2.x86_64-darwin Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1
pkgs.haskellPackages.libssh libssh bindings nixos-25.05 0.1.0.0 nixpkgs-25.05-darwin 0.1.0.0 nixos-25.05-small 0.1.0.0 nixos-unstable 0.1.0.0 nixos-unstable-small 0.1.0.0 nixpkgs-unstable 0.1.0.0
pkgs.libssh2.aarch64-darwin Client-side C library implementing the SSH2 protocol nixos-unstable ??? nixos-unstable-small 1.11.1
pkgs.haskellPackages.libssh2 FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable 0.2.0.9 nixos-unstable-small 0.2.0.9 nixpkgs-unstable 0.2.0.9
pkgs.haskellPackages.libssh2-conduit Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1
pkgs.python311Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-unstable 1.2.2 nixos-unstable-small 1.2.2 nixpkgs-unstable 1.2.2
pkgs.python312Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-25.05 1.2.2 nixpkgs-25.05-darwin 1.2.2 nixos-25.05-small 1.2.2 nixos-unstable 1.2.2 nixos-unstable-small 1.2.2 nixpkgs-unstable 1.2.2
pkgs.python313Packages.ansible-pylibssh Python bindings to client functionality of libssh specific to Ansible use case nixos-25.05 1.2.2 nixpkgs-25.05-darwin 1.2.2 nixos-25.05-small 1.2.2 nixos-unstable 1.2.2 nixos-unstable-small 1.2.2 nixpkgs-unstable 1.2.2
pkgs.haskellPackages.libssh.aarch64-linux libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0
pkgs.haskellPackages.libssh.x86_64-darwin libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0
pkgs.haskellPackages.libssh2.x86_64-linux FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9
pkgs.haskellPackages.libssh.aarch64-darwin libssh bindings nixos-unstable ??? nixpkgs-unstable 0.1.0.0
pkgs.haskellPackages.libssh2.aarch64-linux FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9
pkgs.haskellPackages.libssh2.x86_64-darwin FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9
pkgs.haskellPackages.libssh2.aarch64-darwin FFI bindings to libssh2 SSH2 client library (http://libssh2.org/) nixos-unstable ??? nixpkgs-unstable 0.2.0.9
pkgs.haskellPackages.libssh2-conduit.x86_64-linux Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1
pkgs.haskellPackages.libssh2-conduit.aarch64-linux Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1
pkgs.haskellPackages.libssh2-conduit.x86_64-darwin Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1
pkgs.haskellPackages.libssh2-conduit.aarch64-darwin Conduit wrappers for libssh2 FFI bindings (see libssh2 package) nixos-unstable ??? nixpkgs-unstable 0.2.1
pkgs.tests.pkg-config.defaultPkgConfigPackages.libssh2 Test whether libssh2-1.11.1 exposes pkg-config modules libssh2 nixos-25.05 libssh2 nixpkgs-25.05-darwin libssh2 nixos-25.05-small libssh2 nixos-unstable libssh2 nixos-unstable-small libssh2 nixpkgs-unstable libssh2
CVE-2025-24761 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 1 week ago WordPress DSK <= 2.2 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme DSK allows PHP Local File Inclusion. This issue affects DSK: from n/a through 2.2. dsk =<2.2 pkgs.idsk Manipulating CPC dsk images and files nixos-25.05 0.20 nixpkgs-25.05-darwin 0.20 nixos-25.05-small 0.20 nixos-unstable 0.20 nixos-unstable-small 0.20 nixpkgs-unstable 0.20 pkgs.libdsk Library for accessing discs and disc image files nixos-25.05 1.5.21 nixpkgs-25.05-darwin 1.5.21 nixos-25.05-small 1.5.21 nixos-unstable 1.5.21 nixos-unstable-small 1.5.21 nixpkgs-unstable 1.5.21 pkgs.robotfindskitten Yet another zen simulation; A simple find-the-kitten game nixos-25.05 2.8284271.702 nixpkgs-25.05-darwin 2.8284271.702 nixos-25.05-small 2.8284271.702 nixos-unstable 2.8284271.702 nixos-unstable-small 2.8284271.702 nixpkgs-unstable 2.8284271.702 pkgs.emacsPackages.ddskk nixos-unstable 20230701.2340 nixos-unstable-small 20230701.2340 nixpkgs-unstable 20230701.2340 pkgs.emacsPackages.ddskk-posframe nixos-unstable 20200812.917 nixos-unstable-small 20200812.917 nixpkgs-unstable 20200812.917 pkgs.robotfindskitten.x86_64-linux Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702 pkgs.robotfindskitten.aarch64-linux Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702 pkgs.robotfindskitten.x86_64-darwin Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702 pkgs.robotfindskitten.aarch64-darwin Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702 pkgs.python311Packages.pmdsky-debug-py Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 nixos-unstable-small 10.0.21 nixpkgs-unstable 10.0.21 pkgs.python312Packages.pmdsky-debug-py Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-25.05 10.0.21 nixpkgs-25.05-darwin 10.0.21 nixos-25.05-small 10.0.21 nixos-unstable 10.0.48 nixos-unstable-small 10.0.48 nixpkgs-unstable 10.0.48 pkgs.python313Packages.pmdsky-debug-py Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-25.05 10.0.21 nixpkgs-25.05-darwin 10.0.21 nixos-25.05-small 10.0.21 nixos-unstable 10.0.48 nixos-unstable-small 10.0.48 nixpkgs-unstable 10.0.48 pkgs.python312Packages.pmdsky-debug-py.x86_64-linux Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 pkgs.python312Packages.pmdsky-debug-py.aarch64-linux Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 pkgs.python312Packages.pmdsky-debug-py.x86_64-darwin Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 pkgs.python312Packages.pmdsky-debug-py.aarch64-darwin Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 Package maintainers: 3 @marius851000 Marius David <mariusdavid@laposte.net> @wegank Weijia Wang <contact@weijia.wang> @AndersonTorres Anderson Torres <torres.anderson.85@protonmail.com>
pkgs.idsk Manipulating CPC dsk images and files nixos-25.05 0.20 nixpkgs-25.05-darwin 0.20 nixos-25.05-small 0.20 nixos-unstable 0.20 nixos-unstable-small 0.20 nixpkgs-unstable 0.20
pkgs.libdsk Library for accessing discs and disc image files nixos-25.05 1.5.21 nixpkgs-25.05-darwin 1.5.21 nixos-25.05-small 1.5.21 nixos-unstable 1.5.21 nixos-unstable-small 1.5.21 nixpkgs-unstable 1.5.21
pkgs.robotfindskitten Yet another zen simulation; A simple find-the-kitten game nixos-25.05 2.8284271.702 nixpkgs-25.05-darwin 2.8284271.702 nixos-25.05-small 2.8284271.702 nixos-unstable 2.8284271.702 nixos-unstable-small 2.8284271.702 nixpkgs-unstable 2.8284271.702
pkgs.emacsPackages.ddskk nixos-unstable 20230701.2340 nixos-unstable-small 20230701.2340 nixpkgs-unstable 20230701.2340
pkgs.emacsPackages.ddskk-posframe nixos-unstable 20200812.917 nixos-unstable-small 20200812.917 nixpkgs-unstable 20200812.917
pkgs.robotfindskitten.x86_64-linux Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702
pkgs.robotfindskitten.aarch64-linux Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702
pkgs.robotfindskitten.x86_64-darwin Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702
pkgs.robotfindskitten.aarch64-darwin Yet another zen simulation; A simple find-the-kitten game nixos-unstable 2.8284271.702
pkgs.python311Packages.pmdsky-debug-py Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21 nixos-unstable-small 10.0.21 nixpkgs-unstable 10.0.21
pkgs.python312Packages.pmdsky-debug-py Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-25.05 10.0.21 nixpkgs-25.05-darwin 10.0.21 nixos-25.05-small 10.0.21 nixos-unstable 10.0.48 nixos-unstable-small 10.0.48 nixpkgs-unstable 10.0.48
pkgs.python313Packages.pmdsky-debug-py Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-25.05 10.0.21 nixpkgs-25.05-darwin 10.0.21 nixos-25.05-small 10.0.21 nixos-unstable 10.0.48 nixos-unstable-small 10.0.48 nixpkgs-unstable 10.0.48
pkgs.python312Packages.pmdsky-debug-py.x86_64-linux Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21
pkgs.python312Packages.pmdsky-debug-py.aarch64-linux Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21
pkgs.python312Packages.pmdsky-debug-py.x86_64-darwin Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21
pkgs.python312Packages.pmdsky-debug-py.aarch64-darwin Autogenerated and statically check-able pmdsky-debug symbol definitions for Python nixos-unstable 10.0.21
CVE-2022-45083 6.6 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): HIGH User interaction (UI): NONE Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW created 4 months, 1 week ago WordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object Injection Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress: from n/a through 4.3.2. wp-user-avatar =<4.3.2 pkgs.wordpressPackages.plugins.wp-user-avatars nixos-25.05 1.4.1 nixpkgs-25.05-darwin 1.4.1 nixos-25.05-small 1.4.1 nixos-unstable 1.4.1 nixos-unstable-small 1.4.1 nixpkgs-unstable 1.4.1
pkgs.wordpressPackages.plugins.wp-user-avatars nixos-25.05 1.4.1 nixpkgs-25.05-darwin 1.4.1 nixos-25.05-small 1.4.1 nixos-unstable 1.4.1 nixos-unstable-small 1.4.1 nixpkgs-unstable 1.4.1
CVE-2025-49254 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 1 week ago WordPress Nika <= 1.2.8 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Nika allows PHP Local File Inclusion. This issue affects Nika: from n/a through 1.2.8. nika =<1.2.8 pkgs.nika-fonts Persian/Arabic Open Source Font nixos-25.05 1.0.0 nixpkgs-25.05-darwin 1.0.0 nixos-25.05-small 1.0.0 nixos-unstable 1.0.0 nixos-unstable-small 1.0.0 nixpkgs-unstable 1.0.0 pkgs.python311Packages.minikanren Relational programming in Python nixos-unstable 1.0.3 nixos-unstable-small 1.0.3 nixpkgs-unstable 1.0.3 pkgs.python312Packages.minikanren Relational programming in Python nixos-25.05 1.0.3 nixpkgs-25.05-darwin 1.0.3 nixos-25.05-small 1.0.3 nixos-unstable 1.0.3 nixos-unstable-small 1.0.3 nixpkgs-unstable 1.0.3 pkgs.python313Packages.minikanren Relational programming in Python nixos-25.05 1.0.3 nixpkgs-25.05-darwin 1.0.3 nixos-25.05-small 1.0.3 nixos-unstable 1.0.3 nixos-unstable-small 1.0.3 nixpkgs-unstable 1.0.3 pkgs.python312Packages.minikanren.x86_64-linux Relational programming in Python nixos-unstable 1.0.3 pkgs.python312Packages.minikanren.aarch64-linux Relational programming in Python nixos-unstable 1.0.3 pkgs.python312Packages.minikanren.x86_64-darwin Relational programming in Python nixos-unstable 1.0.3 pkgs.python312Packages.minikanren.aarch64-darwin Relational programming in Python nixos-unstable 1.0.3 Package maintainers: 1 @Etjean Etienne Jean <et.jean@outlook.fr>
pkgs.nika-fonts Persian/Arabic Open Source Font nixos-25.05 1.0.0 nixpkgs-25.05-darwin 1.0.0 nixos-25.05-small 1.0.0 nixos-unstable 1.0.0 nixos-unstable-small 1.0.0 nixpkgs-unstable 1.0.0
pkgs.python311Packages.minikanren Relational programming in Python nixos-unstable 1.0.3 nixos-unstable-small 1.0.3 nixpkgs-unstable 1.0.3
pkgs.python312Packages.minikanren Relational programming in Python nixos-25.05 1.0.3 nixpkgs-25.05-darwin 1.0.3 nixos-25.05-small 1.0.3 nixos-unstable 1.0.3 nixos-unstable-small 1.0.3 nixpkgs-unstable 1.0.3
pkgs.python313Packages.minikanren Relational programming in Python nixos-25.05 1.0.3 nixpkgs-25.05-darwin 1.0.3 nixos-25.05-small 1.0.3 nixos-unstable 1.0.3 nixos-unstable-small 1.0.3 nixpkgs-unstable 1.0.3
pkgs.python312Packages.minikanren.aarch64-linux Relational programming in Python nixos-unstable 1.0.3
pkgs.python312Packages.minikanren.x86_64-darwin Relational programming in Python nixos-unstable 1.0.3
pkgs.python312Packages.minikanren.aarch64-darwin Relational programming in Python nixos-unstable 1.0.3
CVE-2025-49180 6.1 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 1 week ago Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
CVE-2025-49253 8.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): HIGH Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 1 week ago WordPress Lasa <= 1.1 - Local File Inclusion Vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Lasa allows PHP Local File Inclusion. This issue affects Lasa: from n/a through 1.1. lasa =<1.1 pkgs.gnomeExtensions.glasa This extension puts adds an indicator to the top panel whose icon continuously renders two comic-like eyes that follow the mouse cursor. nixos-unstable 14 nixos-unstable-small 14 nixpkgs-unstable 14 pkgs.typstPackages.lasagna_0_1_0 Add layers, toggle them using tags easily nixos-25.05 0.1.0 nixpkgs-25.05-darwin 0.1.0 nixos-25.05-small 0.1.0 nixos-unstable 0.1.0 nixos-unstable-small 0.1.0 nixpkgs-unstable 0.1.0 pkgs.typstPackages.lasaveur_0_1_3 Porting vim-latex's math shorthands to Typst. An accommendating vim syntax file is provided in the repo nixos-25.05 0.1.3 nixpkgs-25.05-darwin 0.1.3 nixos-25.05-small 0.1.3 nixos-unstable 0.1.3 nixos-unstable-small 0.1.3 nixpkgs-unstable 0.1.3 pkgs.typstPackages.lasaveur_0_1_4 Porting vim-latex's math shorthands to Typst. An accommendating vim syntax file is provided in the repo nixos-25.05 0.1.4 nixpkgs-25.05-darwin 0.1.4 nixos-25.05-small 0.1.4 nixos-unstable 0.1.4 nixos-unstable-small 0.1.4 nixpkgs-unstable 0.1.4 Package maintainers: 2 @cherrypiejam Gongqi Huang @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.glasa This extension puts adds an indicator to the top panel whose icon continuously renders two comic-like eyes that follow the mouse cursor. nixos-unstable 14 nixos-unstable-small 14 nixpkgs-unstable 14
pkgs.typstPackages.lasagna_0_1_0 Add layers, toggle them using tags easily nixos-25.05 0.1.0 nixpkgs-25.05-darwin 0.1.0 nixos-25.05-small 0.1.0 nixos-unstable 0.1.0 nixos-unstable-small 0.1.0 nixpkgs-unstable 0.1.0
pkgs.typstPackages.lasaveur_0_1_3 Porting vim-latex's math shorthands to Typst. An accommendating vim syntax file is provided in the repo nixos-25.05 0.1.3 nixpkgs-25.05-darwin 0.1.3 nixos-25.05-small 0.1.3 nixos-unstable 0.1.3 nixos-unstable-small 0.1.3 nixpkgs-unstable 0.1.3
pkgs.typstPackages.lasaveur_0_1_4 Porting vim-latex's math shorthands to Typst. An accommendating vim syntax file is provided in the repo nixos-25.05 0.1.4 nixpkgs-25.05-darwin 0.1.4 nixos-25.05-small 0.1.4 nixos-unstable 0.1.4 nixos-unstable-small 0.1.4 nixpkgs-unstable 0.1.4
CVE-2025-31919 9.8 CRITICAL CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH created 4 months, 1 week ago WordPress Spare <= 1.7 - PHP Object Injection Vulnerability Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7. spare =<1.7 pkgs.asciiquarium-transparent Aquarium/sea animation in ASCII art (with option of transparent background) nixos-25.05 1.3 nixpkgs-25.05-darwin 1.3 nixos-25.05-small 1.3 nixos-unstable 1.3 nixos-unstable-small 1.3 nixpkgs-unstable 1.3 pkgs.materia-theme-transparent Transparent Material Design theme for GNOME/GTK based desktop environments nixos-25.05 0-unstable-2021-03-22 nixpkgs-25.05-darwin 0-unstable-2021-03-22 nixos-25.05-small 0-unstable-2021-03-22 nixos-unstable 0-unstable-2021-03-22 nixos-unstable-small 0-unstable-2021-03-22 nixpkgs-unstable 0-unstable-2021-03-22 pkgs.vimPlugins.transparent-nvim nixos-unstable 2024-08-25 nixos-unstable-small 2024-08-25 nixpkgs-unstable 2024-08-25 pkgs.gnomeExtensions.transparent-top-bar Bring back the transparent top bar when free-floating in GNOME Shell 3.32. nixos-25.05 24 nixpkgs-25.05-darwin 24 nixos-25.05-small 24 nixos-unstable 23 nixos-unstable-small 23 nixpkgs-unstable 24 pkgs.vimPlugins.transparent-nvim.x86_64-linux nixos-unstable ??? nixos-unstable-small 2024-08-25 pkgs.gnomeExtensions.transparent-window-moving Makes the window semi-transparent when moving or resizing nixos-25.05 19 nixpkgs-25.05-darwin 19 nixos-25.05-small 19 nixos-unstable 18 nixos-unstable-small 18 nixpkgs-unstable 18 pkgs.vimPlugins.transparent-nvim.aarch64-linux nixos-unstable ??? nixos-unstable-small 2024-08-25 pkgs.vimPlugins.transparent-nvim.x86_64-darwin nixos-unstable ??? nixos-unstable-small 2024-08-25 pkgs.sway-contrib.inactive-windows-transparency It makes inactive sway windows transparent nixos-25.05 0-unstable-2024-03-19 nixpkgs-25.05-darwin 0-unstable-2024-03-19 nixos-25.05-small 0-unstable-2024-03-19 nixos-unstable 0-unstable-2024-03-19 nixos-unstable-small 0-unstable-2024-03-19 nixpkgs-unstable 0-unstable-2024-03-19 pkgs.vimPlugins.transparent-nvim.aarch64-darwin nixos-unstable ??? nixos-unstable-small 2024-08-25 pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar nixos-25.05 24 nixpkgs-25.05-darwin 24 nixos-25.05-small 24 nixos-unstable 21 nixos-unstable-small 21 nixpkgs-unstable 24 Package maintainers: 4 @evils Evils <evils.devils@protonmail.com> @honnip Jung seungwoo <me@honnip.page> @quantenzitrone quantenzitrone <nix@dev.quantenzitrone.eu> @CorbinWunderlich Corbin Wunderlich <corbin@wcopy.net>
pkgs.asciiquarium-transparent Aquarium/sea animation in ASCII art (with option of transparent background) nixos-25.05 1.3 nixpkgs-25.05-darwin 1.3 nixos-25.05-small 1.3 nixos-unstable 1.3 nixos-unstable-small 1.3 nixpkgs-unstable 1.3
pkgs.materia-theme-transparent Transparent Material Design theme for GNOME/GTK based desktop environments nixos-25.05 0-unstable-2021-03-22 nixpkgs-25.05-darwin 0-unstable-2021-03-22 nixos-25.05-small 0-unstable-2021-03-22 nixos-unstable 0-unstable-2021-03-22 nixos-unstable-small 0-unstable-2021-03-22 nixpkgs-unstable 0-unstable-2021-03-22
pkgs.vimPlugins.transparent-nvim nixos-unstable 2024-08-25 nixos-unstable-small 2024-08-25 nixpkgs-unstable 2024-08-25
pkgs.gnomeExtensions.transparent-top-bar Bring back the transparent top bar when free-floating in GNOME Shell 3.32. nixos-25.05 24 nixpkgs-25.05-darwin 24 nixos-25.05-small 24 nixos-unstable 23 nixos-unstable-small 23 nixpkgs-unstable 24
pkgs.gnomeExtensions.transparent-window-moving Makes the window semi-transparent when moving or resizing nixos-25.05 19 nixpkgs-25.05-darwin 19 nixos-25.05-small 19 nixos-unstable 18 nixos-unstable-small 18 nixpkgs-unstable 18
pkgs.sway-contrib.inactive-windows-transparency It makes inactive sway windows transparent nixos-25.05 0-unstable-2024-03-19 nixpkgs-25.05-darwin 0-unstable-2024-03-19 nixos-25.05-small 0-unstable-2024-03-19 nixos-unstable 0-unstable-2024-03-19 nixos-unstable-small 0-unstable-2024-03-19 nixpkgs-unstable 0-unstable-2024-03-19
pkgs.gnomeExtensions.transparent-top-bar-adjustable-transparency Fork of: https://github.com/zhanghai/gnome-shell-extension-transparent-top-bar nixos-25.05 24 nixpkgs-25.05-darwin 24 nixos-25.05-small 24 nixos-unstable 21 nixos-unstable-small 21 nixpkgs-unstable 24
CVE-2024-0408 5.5 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 1 week ago Xorg-x11-server: selinux unlabeled glx pbuffer A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL. tigervnc xorg-server <21.1.11 xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0 pkgs.xorg.xvfb nixos-25.05 21.1.16 nixpkgs-25.05-darwin 21.1.16 nixos-25.05-small 21.1.16 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16 pkgs.xorg.xorgserver nixos-25.05 21.1.16 nixpkgs-25.05-darwin 21.1.16 nixos-25.05-small 21.1.16 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.xorg.xvfb nixos-25.05 21.1.16 nixpkgs-25.05-darwin 21.1.16 nixos-25.05-small 21.1.16 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16
pkgs.xorg.xorgserver nixos-25.05 21.1.16 nixpkgs-25.05-darwin 21.1.16 nixos-25.05-small 21.1.16 nixos-unstable 21.1.14 nixos-unstable-small 21.1.16 nixpkgs-unstable 21.1.16
CVE-2025-49175 5.5 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 4 months, 1 week ago Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. tigervnc * xorg-x11-server * xorg-x11-server-Xwayland * pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0
pkgs.tigervnc Fork of tightVNC, made in cooperation with VirtualGL nixos-25.05 1.14.0 nixpkgs-25.05-darwin 1.14.0 nixos-25.05-small 1.14.0 nixos-unstable 1.15.0 nixos-unstable-small 1.15.0 nixpkgs-unstable 1.14.0