Lucene search
K

79 matches found

EUVD
EUVD
added 2026/01/19 6:14 p.m.7 views

EUVD-2026-3303

Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default MEDIAROOT, the full database file may be externally...

8.7CVSS5.6AI score0.004EPSS
Exploits0References4
CVE
CVE
added 2026/01/19 6:14 p.m.44 views

CVE-2026-23838

CVE-2026-23838 affects Tandoor Recipes when installed via Nix and using the default configuration with SQLite and default MEDIA_ROOT. Versions 23.05 through 26.04 (prior to 26.05) are vulnerable because the NixOS module sets the working directory and MEDIA_ROOT to /var/lib/tandoor-recipes, causin...

8.7CVSS5.6AI score0.004EPSS
Exploits0References4
OSV
OSV
added 2026/01/19 6:14 p.m.9 views

CVE-2026-23838 Tandoor Recipes module allows SQLite database to be externally accessible with the default settings

Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default MEDIAROOT, the full database file may be externally...

8.7CVSS5.6AI score0.004EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/19 12:0 a.m.9 views

PT-2026-3477

Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default MEDIA ROOT, the full database file may be externally...

8.7CVSS5.6AI score0.004EPSS
Exploits0References5
NVD
NVD
added 2025/11/17 10:15 p.m.6 views

CVE-2025-64766

NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...

5.3CVSS0.00246EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/17 9:38 p.m.6 views

EUVD-2025-197878

NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...

5.3CVSS6.2AI score0.00246EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/17 9:38 p.m.5 views

CVE-2025-64766 NixOS has hardcoded credentials in Onlyoffice module

NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...

5.3CVSS6.4AI score0.00246EPSS
Exploits0References5
OSV
OSV
added 2025/11/17 9:38 p.m.5 views

CVE-2025-64766 NixOS has hardcoded credentials in Onlyoffice module

NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...

5.3CVSS6.7AI score0.00246EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/11/17 9:38 p.m.12 views

CVE-2025-64766 NixOS has hardcoded credentials in Onlyoffice module

NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...

5.3CVSS0.00246EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.10 views

PT-2025-47210

Name of the Vulnerable Software and Affected Versions Onlyoffice versions 22.11 through 25.05 Onlyoffice versions prior to Unstable 25.11 Description Onlyoffice is a software suite providing tools for document editing, collaboration, and management. A hard-coded secret within the NixOS module for...

5.3CVSS6.6AI score0.00246EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-3119

Malware in sbrugna...

5.9CVSS5.9AI score0.00875EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-16436

Malware in sbrugna...

7.8CVSS7.6AI score0.00363EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-10983

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00162EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-40256

Malicious code in bioql PyPI...

7.8CVSS5.5AI score0.00131EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-40429

Malicious code in bioql PyPI...

7.9CVSS5.6AI score0.00263EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 2:30 a.m.8 views

CVE-2023-36476

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...

7.9CVSS6.8AI score0.00263EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/17 8:14 p.m.25 views

CVE-2025-32438

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...

8.8CVSS7.1AI score0.00162EPSS
Exploits0References1
NVD
NVD
added 2025/04/15 8:15 p.m.46 views

CVE-2025-32438

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...

8.8CVSS0.00162EPSS
Exploits0References3
OSV
OSV
added 2025/04/15 7:57 p.m.21 views

CVE-2025-32438 Local privilege escalation in make-initrd-ng

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...

8.8CVSS7.8AI score0.00162EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/15 7:57 p.m.39 views

CVE-2025-32438 Local privilege escalation in make-initrd-ng

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...

8.8CVSS0.00162EPSS
Exploits0References3
Rows per page
Query Builder