Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2020-5200Minerbabe through V4.16 ships with SSH host keys baked into the instal ...check
CVE-2021-34947NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulner ...check
CVE-2021-34948Foxit PDF Reader Square Annotation Use-After-Free Remote Code Executio ...check
CVE-2021-34949Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure ...check
CVE-2021-34950Foxit PDF Reader Annotation Out-Of-Bounds Read Remote Code Execution V ...check
CVE-2021-34951Foxit PDF Reader Annotation Use of Uninitialized Variable Information ...check
CVE-2021-34952Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulne ...check
CVE-2021-34953Foxit PDF Reader Annotation Use of Uninitialized Variable Remote Code ...check
CVE-2021-34954Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execu ...check
CVE-2021-34955Foxit PDF Editor Stamp Annotation Use-After-Free Remote Code Execution ...check
CVE-2021-34956Foxit PDF Editor Underline Annotation Use-After-Free Remote Code Execu ...check
CVE-2021-34957Foxit PDF Editor Highlight Annotation Use-After-Free Remote Code Execu ...check
CVE-2021-34958Foxit PDF Editor Text Annotation Use-After-Free Remote Code Execution ...check
CVE-2021-34959Foxit PDF Editor Square Annotation Use-After-Free Remote Code Executio ...check
CVE-2021-34960Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Executio ...check
CVE-2021-34961Foxit PDF Editor Ink Annotation Use-After-Free Remote Code Execution V ...check
CVE-2021-34962Foxit PDF Editor Caret Annotation Use-After-Free Remote Code Execution ...check
CVE-2021-34963Foxit PDF Editor PolyLine Annotation Use-After-Free Remote Code Execut ...check
CVE-2021-34964Foxit PDF Editor Polygon Annotation Use-After-Free Remote Code Executi ...check
CVE-2021-34965Foxit PDF Editor Squiggly Annotation Use-After-Free Remote Code Execut ...check
CVE-2021-34966Foxit PDF Editor FileAttachment Annotation Use-After-Free Remote Code ...check
CVE-2021-34967Foxit PDF Editor Line Annotation Use-After-Free Remote Code Execution ...check
CVE-2021-34968Foxit PDF Editor transitionToState Use-After-Free Remote Code Executio ...check
CVE-2021-34969Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vuln ...check
CVE-2021-34970Foxit PDF Reader print Method Use of Externally-Controlled Format Stri ...check
CVE-2021-34971Foxit PDF Reader JPG2000 File Parsing Heap-based Buffer Overflow Remot ...check
CVE-2021-34972Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulner ...check
CVE-2021-34973Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosur ...check
CVE-2021-34974Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulne ...check
CVE-2021-34975Foxit PDF Reader transitionToState Use-After-Free Remote Code Executio ...check
CVE-2021-34976Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosur ...check
CVE-2021-34982NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code ...check
CVE-2021-34983NETGEAR Multiple Routers httpd Missing Authentication for Critical Fun ...check
CVE-2021-34999OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disc ...check
CVE-2021-35000OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disc ...check
CVE-2021-35001BMC Track-It! GetData Missing Authorization Information Disclosure Vul ...check
CVE-2021-35002BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerabi ...check
CVE-2022-0369Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Tra ...check
CVE-2022-23538github.com/sylabs/scs-library-client is the Go client for the Singular ...check details, might as well affect golang-github-apptainer-container-library-client
CVE-2022-43651Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vul ...check
CVE-2022-43652Bentley View SKP File Parsing Use-After-Free Information Disclosure Vu ...check
CVE-2022-43653Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Executio ...check
CVE-2022-43654NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerabili ...check
CVE-2022-43655Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code E ...check
CVE-2022-43656Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosur ...check
CVE-2023-1000A vulnerability was found in cyanomiko dcnnt-py up to 0.9.0. It has be ...check
CVE-2023-6725An access-control flaw was found in the OpenStack Designate component ...check, details unclear
CVE-2023-6810The ClickCease Click Fraud Protection plugin for WordPress is vulnerab ...check
CVE-2023-6854The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site ...check
CVE-2023-7240An improper authorization level has been detected in the login panel. ...check
CVE-2023-26044react/http is an event-driven, streaming HTTP client and server implem ...check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected
CVE-2023-27321OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion D ...check
CVE-2023-31234Missing Authorization vulnerability in Tilda Publishing.This issue aff ...check
CVE-2023-32871In DA, there is a possible permission bypass due to an incorrect statu ...check
CVE-2023-32873In keyInstall, there is a possible out of bounds write due to a missin ...check
CVE-2023-33119Memory corruption while loading a VM from a signed VM image that is no ...check
CVE-2023-42120Control Web Panel dns_zone_editor Command Injection Remote Code Execut ...check
CVE-2023-42121Control Web Panel Missing Authentication Remote Code Execution Vulnera ...check
CVE-2023-42122Control Web Panel wloggui Command Injection Local Privilege Escalation ...check
CVE-2023-42123Control Web Panel mysql_manager Command Injection Remote Code Executio ...check
CVE-2023-42757Process Explorer before 17.04 allows attackers to make it functionally ...check
CVE-2023-43521Memory corruption when multiple listeners are being registered with th ...check
CVE-2023-43524Memory corruption when the bandpass filter order received from AHAL is ...check
CVE-2023-43525Memory corruption while copying the sound model data from user to kern ...check
CVE-2023-43526Memory corruption while querying module parameters from Listen Sound m ...check
CVE-2023-43527Information disclosure while parsing dts header atom in Video.check
CVE-2023-43528Information disclosure when the ADSP payload size received in HLOS in ...check
CVE-2023-43529Transient DOS while processing IKEv2 Informational request messages, w ...check
CVE-2023-43530Memory corruption in HLOS while checking for the storage type.check
CVE-2023-43531Memory corruption while verifying the serialized header when the key p ...check
CVE-2023-44428MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Exec ...check
CVE-2023-46012Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a rem ...check
CVE-2023-49316In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ...check if affecting ldap-account-manager or unused path
CVE-2023-49675An unauthenticated local attacker may trick a user to open corrupted p ...check
CVE-2023-49676An unauthenticated local attacker may trick a user to open corrupted p ...check
CVE-2023-50251php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50252php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50262Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ...check sources embedding php-dompdf if affected
CVE-2024-0904The Fancy Product Designer WordPress plugin before 6.1.81 does not san ...check
CVE-2024-3209A vulnerability was found in UPX up to 4.2.2. It has been rated as cri ...check upstream report status, seems not filled as issue
CVE-2024-3661By design, the DHCP protocol does not authenticate messages, including ...check
CVE-2024-4536In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, in the ED ...check
CVE-2024-4568In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources lea ...check
CVE-2024-20021In atf spm, there is a possible way to remap physical memory to virtua ...check
CVE-2024-20056In preloader, there is a possible escalation of privilege due to an in ...check
CVE-2024-20057In keyInstall, there is a possible out of bounds write due to a missin ...check
CVE-2024-20058In keyInstall, there is a possible out of bounds read due to a missing ...check
CVE-2024-20059In da, there is a possible escalation of privilege due to an incorrect ...check
CVE-2024-20060In da, there is a possible escalation of privilege due to an incorrect ...check
CVE-2024-20064In wlan service, there is a possible out of bounds write due to improp ...check
CVE-2024-21002Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...check
CVE-2024-21003Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...check
CVE-2024-21004Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...check
CVE-2024-21005Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...check
CVE-2024-21471Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.check
CVE-2024-21474Memory corruption when size of buffer from previous call is used witho ...check
CVE-2024-21475Memory corruption when the payload received from firmware is not as pe ...check
CVE-2024-21476Memory corruption when the channel ID passed by user is not validated ...check
CVE-2024-21477Transient DOS while parsing a protected 802.11az Fine Time Measurement ...check
CVE-2024-21480Memory corruption while playing audio file having large-sized input bu ...check
CVE-2024-22420JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-22421JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-23186E-Mail containing malicious display-name information could trigger cli ...check
CVE-2024-23187Content-ID based embedding of resources in E-Mails could be abused to ...check
CVE-2024-23188Maliciously crafted E-Mail attachment names could be used to temporari ...check
CVE-2024-23193E-Mails exported as PDF were stored in a cache that did not consider s ...check
CVE-2024-23351Memory corruption as GPU registers beyond the last protected range can ...check
CVE-2024-23354Memory corruption when the IOCTL call is interrupted by a signal.check
CVE-2024-24856The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee ...check
CVE-2024-24862In function pci1xxxx_spi_probe, there is a potential null pointer that ...check
CVE-2024-24863In malidp_mw_connector_reset, new memory is allocated with kzalloc, bu ...check
CVE-2024-25507RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ...check
CVE-2024-25508RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ...check
CVE-2024-25509RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ...check
CVE-2024-25510RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ...check
CVE-2024-25511RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ...check
CVE-2024-25512RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ...check
CVE-2024-25513RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ...check
CVE-2024-25514RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ...check
CVE-2024-26256libarchive Remote Code Execution Vulnerabilitycheck
CVE-2024-28148An authenticated user could potentially access metadata for a datasour ...check
CVE-2024-28180Package jose aims to provide an implementation of the Javascript Objec ...check completeness
CVE-2024-28836An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiati ...check, missing details
CVE-2024-29149An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 8 ...check
CVE-2024-29150An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 8 ...check
CVE-2024-29206An Improper Access Control could allow a malicious actor authenticated ...check
CVE-2024-29207An Improper Certificate Validation could allow a malicious actor with ...check
CVE-2024-29208An Unverified Password Change could allow a malicious actor with API a ...check
CVE-2024-29209A medium severity vulnerability has been identified in the update mech ...check
CVE-2024-29210A local privilege escalation (LPE) vulnerability has been identified i ...check
CVE-2024-29291An issue in Laravel Framework 8 through 11 might allow a remote attack ...check
CVE-2024-29889GLPI is a Free Asset and IT Management Software package. Prior to 10.0 ...check
CVE-2024-30166In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ...check, missing details
CVE-2024-31456GLPI is a Free Asset and IT Management Software package. Prior to 10.0 ...check
CVE-2024-32369SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2. ...check
CVE-2024-32370An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 ...check
CVE-2024-32371An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 ...check
CVE-2024-32473Moby is an open source container framework that is a key component of ...check, said to be specific to the 26.0.0 and 26.0.1 versions but needs double-checking
CVE-2024-32663Suricata is a network Intrusion Detection System, Intrusion Prevention ...check
CVE-2024-32664Suricata is a network Intrusion Detection System, Intrusion Prevention ...check
CVE-2024-32867Suricata is a network Intrusion Detection System, Intrusion Prevention ...check
CVE-2024-32972go-ethereum (geth) is a golang execution layer implementation of the E ...check
CVE-2024-32982Litestar and Starlite is an Asynchronous Server Gateway Interface (ASG ...check
CVE-2024-33117crmeb_java v1.3.4 was discovered to contain a Server-Side Request Forg ...check
CVE-2024-33120Roothub v2.5 was discovered to contain an arbitrary file upload vulner ...check
CVE-2024-33122Roothub v2.6 was discovered to contain a SQL injection vulnerability v ...check
CVE-2024-33124Roothub v2.6 was discovered to contain a SQL injection vulnerability v ...check
CVE-2024-33139J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33144J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33146J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33147J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33148J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33149J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33153J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33155J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33161J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33164J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ...check
CVE-2024-33434An issue in tiagorlampert CHAOS before 1b451cf62582295b7225caf5a7b506f ...check
CVE-2024-33748Cross-site scripting (XSS) vulnerability in the search function in Mvn ...check
CVE-2024-33780MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via ...check
CVE-2024-33781MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the func ...check
CVE-2024-33782MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the func ...check
CVE-2024-33783MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via ...check
CVE-2024-33856An issue was discovered in Logpoint before 7.4.0. An attacker can enum ...check
CVE-2024-33857An issue was discovered in Logpoint before 7.4.0. Due to a lack of inp ...check
CVE-2024-33858An issue was discovered in Logpoint before 7.4.0. A path injection vul ...check
CVE-2024-33859An issue was discovered in Logpoint before 7.4.0. HTML code sent throu ...check
CVE-2024-33860An issue was discovered in Logpoint before 7.4.0. It allows Local File ...check
CVE-2024-33899RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attacke ...check
CVE-2024-34084Minder's `HandleGithubWebhook` is susceptible to a denial of service a ...check
CVE-2024-34250A heap buffer overflow vulnerability was discovered in Bytecode Allian ...check
CVE-2024-34251An out-of-bound memory read vulnerability was discovered in Bytecode A ...check
CVE-2024-34341Trix is a rich text editor. The Trix editor, versions prior to 2.1.1, ...check
CVE-2024-34342react-pdf displays PDFs in React apps. If PDF.js is used to load a mal ...check
CVE-2024-34515image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the ph ...check
CVE-2024-34517The Cypher component in Neo4j before 5.19.0 mishandles IMMUTABLE privi ...check
CVE-2024-34523AChecker 1.5 allows remote attackers to read the contents of arbitrary ...check
Search for package or bug name: Reporting problems