| Bug | Description | Note |
|---|
| CVE-2017-11750 | The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ... | check if patch simplifying patch applied in any suite |
| CVE-2017-18240 | The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ... | check |
| CVE-2018-1000873 | Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper ... | check, could affect any of the src-jackson* packages |
| CVE-2018-12466 | openSUSE openbuildservice before 9.2.4 allowed authenticated users to ... | check if introducing commit is right and fix status |
| CVE-2018-12467 | Authorized users of the openbuildservice before 2.9.4 could delete ... | check if introducing commit is right and fix status |
| CVE-2018-15518 | QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption ... | check for completeness |
| CVE-2018-16329 | In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the ... | check if though missing null checks are present as well in 6.x series |
| CVE-2018-16856 | Private keys written to world-readable log files | check if Debian affected by the problem or Red Hat specific setup |
| CVE-2018-16873 | In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ... | check other versions |
| CVE-2018-16874 | In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ... | check other versions |
| CVE-2018-16875 | The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 ... | check other versions |
| CVE-2018-16981 | stb stb_image.h 2.19, as used in catimg, Emscripten, and other ... | further check, stb_image.h in older version is embedded in src:catimg |
| CVE-2018-18653 | The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI ... | check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way. |
| CVE-2018-19756 | There is a heap-based buffer over-read at stb_image.h (function: ... | check |
| CVE-2018-19759 | There is a heap-based buffer over-read at stb_image_write.h (function: ... | check |
| CVE-2018-19969 | phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a ... | check, upstream explicitly fixed only the 4.7/4.8 branch but not entirely clear if only introduced in 4.7.0, and older versions are EOLed, and only on best-effort mentioned in affected versions informations. |
| CVE-2018-20096 | There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf ... | check |
| CVE-2018-20097 | There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups ... | check |
| CVE-2018-20098 | There is a heap-based buffer over-read in ... | check |
| CVE-2018-20532 | There is a NULL pointer dereference at ext/testcase.c (function ... | further check on affected versions |
| CVE-2018-20533 | There is a NULL pointer dereference at ext/testcase.c (function ... | further check on affected versions |
| CVE-2018-20534 | There is an illegal address access at src/pool.h (function ... | further check on affected versions |
| CVE-2018-6443 | A vulnerability in Brocade Network Advisor Versions before 14.3.1 ... | check |
| CVE-2018-6444 | A Vulnerability in Brocade Network Advisor versions before 14.1.0 ... | check |
| CVE-2018-6445 | A Vulnerability in Brocade Network Advisor versions before 14.0.3 ... | check |
| CVE-2018-9246 | The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in ... | check if set of commits complete |
| CVE-2019-1003000 | A sandbox bypass vulnerability exists in Script Security Plugin 2.49 ... | check |
| CVE-2019-1003001 | A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 ... | check |
| CVE-2019-1003002 | A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin ... | check |
| CVE-2019-1003003 | An improper authorization vulnerability exists in Jenkins 2.158 and ... | check |
| CVE-2019-1003004 | An improper authorization vulnerability exists in Jenkins 2.158 and ... | check |
| CVE-2019-6503 | There is a deserialization vulnerability in Chatopera cosin v3.10.0. An ... | check |