Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2011-2343The Bluetooth stack in Android before 2.3.6 allows a physically proxim ...check
CVE-2011-3336regcomp in the BSD implementation of libc is vulnerable to denial of s ...check
CVE-2012-0951A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29 ...check
CVE-2012-1500Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and Gre ...check
CVE-2012-1932A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlie ...check
CVE-2012-2452Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x be ...check
CVE-2012-6611An issue was discovered in Polycom Web Management Interface G3/HDX 800 ...check
CVE-2012-6614D-Link DSR-250N devices before 1.08B31 allow remote authenticated user ...check
CVE-2013-1634A denial of service vulnerability exists in some motherboard implement ...check
CVE-2013-1760The Bug Genie before 3.2.6 has Multiple XSS and HTML Injection Vulnera ...check
CVE-2013-1866OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerab ...check
CVE-2013-3494A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll ...check
CVE-2013-3628Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability ...check
CVE-2013-3722A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in ...check
CVE-2013-3738A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequat ...check
CVE-2013-5106A Code Execution vulnerability exists in select.py when using python-m ...check
CVE-2013-6022A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Gro ...check
CVE-2013-7324Webkit-GTK 2.x (any version with HTML5 audio/video support based on GS ...check
CVE-2013-7378scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node ...check
CVE-2014-2228The XStream extension in HP Fortify SCA before 2.2 RC3 allows remote a ...check
CVE-2014-2727The STARTTLS implementation in MailMarshal before 7.2 allows plaintext ...check
CVE-2014-3208A Denial of Service vulnerability exists in askpop3d 0.7.7 in free (ps ...check
CVE-2014-3879OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error ...check
CVE-2014-5083A Command Execution vulnerability exists in Sphider before 1.3.6 due t ...check
CVE-2014-5084A Command Execution vulnerability exists in Sphider Pro 3.2 due to ins ...check
CVE-2014-5085A Command Execution vulnerability exists in Sphider Plus 3.2 due to in ...check
CVE-2014-5086A Command Execution vulnerability exists in Sphider Pro, and Sphider P ...check
CVE-2014-5087A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to ...check
CVE-2014-5468A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a ...check
CVE-2014-6262Multiple format string vulnerabilities in the python module in RRDtool ...check
CVE-2014-6413A Cross-site Scripting (XSS) vulnerability exists in WatchGuard XTM 11 ...check
CVE-2014-8739Unrestricted file upload vulnerability in server/php/UploadHandler.php ...check
CVE-2014-9530A vulnerability exists in nw.js before 0.11.3 when calling nw methods ...check
CVE-2015-0749A vulnerability in Cisco Unified Communications Manager could allow an ...check
CVE-2015-7890Multiple buffer overflows in the esa_write function in /dev/seirenin t ...check
CVE-2016-2338An exploitable heap overflow vulnerability exists in the Psych::Emitte ...check
CVE-2018-1002104Versions < 1.5 of the Kubernetes ingress default backend, which han ...check
CVE-2018-12476Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE L ...check
CVE-2018-16994An issue was discovered on PHOENIX CONTACT AXL F BK PN <=1.0.4, AXL ...check
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2018-20105A Inclusion of Sensitive Information in Log Files vulnerability in yas ...check
CVE-2018-3987An exploitable information disclosure vulnerability exists in the 'Sec ...check
CVE-2019-0145Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Contro ...check
CVE-2019-0146Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ...check
CVE-2019-0147Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ...check
CVE-2019-0148Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ...check
CVE-2019-0149Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ...check
CVE-2019-1010091tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization ...check
CVE-2019-10770All versions of io.ratpack:ratpack-core from 0.9.10 inclusive and befo ...check
CVE-2019-10779All versions of stroom:stroom-app before 5.5.12 and all versions of th ...check
CVE-2019-10781In schema-inspector before 1.6.9, a maliciously crafted JavaScript obj ...check
CVE-2019-10783All versions including 0.0.4 of lsof npm module are vulnerable to Comm ...check
CVE-2019-10785dojox is vulnerable to Cross-site Scripting in all versions before ver ...check
CVE-2019-10787im-resize through 2.3.2 allows remote attackers to execute arbitrary c ...check
CVE-2019-10788im-metadata through 3.0.1 allows remote attackers to execute arbitrary ...check
CVE-2019-10790taffy through 2.6.2 allows attackers to forge adding additional proper ...check
CVE-2019-10791promise-probe before 0.10.0 allows remote attackers to perform a comma ...check
CVE-2019-10792bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler ...check
CVE-2019-10793dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set ...check
CVE-2019-10794All versions of component-flatten are vulnerable to Prototype Pollutio ...check
CVE-2019-10797Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Respo ...check
CVE-2019-11157Improper conditions check in voltage settings for some Intel(R) Proces ...check
CVE-2019-12107The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd ...check, might affect minidlna
CVE-2019-12825Unauthorized Access to the Container Registry of other groups was disc ...check
CVE-2019-13321This vulnerability allows network adjacent attackers to execute arbitr ...check
CVE-2019-13322This vulnerability allows remote attackers to execute arbitrary code o ...check
CVE-2019-13924A vulnerability has been identified in SCALANCE X-200 switch family (i ...check
CVE-2019-13925A vulnerability has been identified in SCALANCE S602 (All versions &gt ...check
CVE-2019-13926A vulnerability has been identified in SCALANCE S602 (All versions &gt ...check
CVE-2019-13940A vulnerability has been identified in SIMATIC S7-1200 CPU family (inc ...check
CVE-2019-13941A vulnerability has been identified in OZW672 (All versions < V10.0 ...check
CVE-2019-13946A vulnerability has been identified in Development/Evaluation Kits for ...check
CVE-2019-14493An issue was discovered in OpenCV before 4.1.1. There is a NULL pointe ...check if the old code though is really affected, might been introduced with the refactoring
CVE-2019-14514An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. ...check
CVE-2019-14598Improper Authentication in subsystem in Intel(R) CSME versions 12.0 th ...check
CVE-2019-14652explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explor ...check
CVE-2019-14871picolibc might be affected, not yet in the archive
CVE-2019-14872picolibc might be affected, not yet in the archive
CVE-2019-14873picolibc might be affected, not yet in the archive
CVE-2019-14874picolibc might be affected, not yet in the archive
CVE-2019-14875picolibc might be affected, not yet in the archive
CVE-2019-14876picolibc might be affected, not yet in the archive
CVE-2019-14877picolibc might be affected, not yet in the archive
CVE-2019-14878picolibc might be affected, not yet in the archive
CVE-2019-15486django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_ ...check, might actually only have been introduced in upstream v0.9.0 with commits around 9850b675e3d988341c05302df236a560f7985184
CVE-2019-15875In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEAS ...check
CVE-2019-16336The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE componen ...check
CVE-2019-17060The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z ( ...check
CVE-2019-17061The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 ...check
CVE-2019-17178HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-0 ...check
CVE-2019-17333The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a ...check
CVE-2019-17517The Bluetooth Low Energy implementation on Dialog Semiconductor SDK th ...check
CVE-2019-17518The Bluetooth Low Energy implementation on Dialog Semiconductor SDK th ...check
CVE-2019-17519The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for K ...check
CVE-2019-17520The Bluetooth Low Energy implementation on Texas Instruments SDK throu ...check
CVE-2019-17558Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ...check, whilst the advisory claims 5.0.0 upwards only the SolrParamResourceLoader might be of issue already earlier?
CVE-2019-18900: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS ...check
CVE-2019-19879HashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in certain ...check
CVE-2019-20478In ruamel.yaml through 0.16.7, the load method allows remote code exec ...check
CVE-2019-2200In updatePermissions of PermissionManagerService.java, it may be possi ...check
CVE-2019-3682The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7 ...check
CVE-2019-3683The keystone-json-assignment package in SUSE Openstack Cloud 8 before ...check
CVE-2019-3687The permission package in SUSE Linux Enterprise Server allowed all loc ...check
CVE-2019-3691A Symbolic Link (Symlink) Following vulnerability in the packaging of ...check
CVE-2019-3692The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Fact ...check
CVE-2019-3693A symlink following vulnerability in the packaging of mailman in SUSE ...check
CVE-2019-3694A Symbolic Link (Symlink) Following vulnerability in the packaging of ...check
CVE-2019-3697UNIX Symbolic Link (Symlink) Following vulnerability in the packaging ...check
CVE-2019-3700yast2-security didn't use secure defaults to protect passwords. This b ...check
CVE-2019-5613In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in th ...check
CVE-2019-6195An authorization bypass exists in Lenovo XClarity Controller (XCC) ver ...check
CVE-2019-6744This vulnerability allows local attackers to disclose sensitive inform ...check
CVE-2019-9501The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. B ...check
CVE-2019-9502The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. I ...check
CVE-2019-9946Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...singularity-container seems to embed as well a copy of cni
CVE-2020-0005In btm_read_remote_ext_features_complete of btm_acl.cc, there is a pos ...check
CVE-2020-0014It is possible for a malicious application to construct a TYPE_TOAST w ...check
CVE-2020-0015In onCreate of CertInstaller.java, there is a possible way to overlay ...check
CVE-2020-0017In multiple places, it was possible for the primary user’s dicti ...check
CVE-2020-0018In MotionEntry::appendDescription of InputDispatcher.cpp, there is a p ...check
CVE-2020-0020In getAttributeRange of ExifInterface.java, there is a possible failur ...check
CVE-2020-0021In removeUnusedPackagesLPw of PackageManagerService.java, there is a p ...check
CVE-2020-0022In reassemble_and_dispatch of packet_fragmenter.cc, there is possible ...check
CVE-2020-0023In setPhonebookAccessPermission of AdapterService.java, there is a pos ...check
CVE-2020-0026In Parcel::continueWrite of Parcel.cpp, there is possible memory corru ...check
CVE-2020-0027In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of ...check
CVE-2020-0028In notifyNetworkTested and related functions of NetworkMonitor.java, t ...check
CVE-2020-0560Improper permissions in the installer for the Intel(R) Renesas Electro ...check
CVE-2020-0561Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may ...check
CVE-2020-0562Improper permissions in the installer for Intel(R) RWC2, all versions, ...check
CVE-2020-0563Improper permissions in the installer for Intel(R) MPSS before version ...check
CVE-2020-0564Improper permissions in the installer for Intel(R) RWC3 for Windows be ...check
CVE-2020-1977Insufficient Cross-Site Request Forgery (XSRF) protection on Expeditio ...check
CVE-2020-5529HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. Html ...check details, might affect jenkins-htmlunit
CVE-2020-6061An exploitable heap overflow vulnerability exists in the way CoTURN 4. ...check
CVE-2020-6062An exploitable denial-of-service vulnerability exists in the way CoTUR ...check
CVE-2020-7217An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0. ...check
CVE-2020-7450In FreeBSD 12.1-STABLE before r357213, 12.1-RELEASE before 12.1-RELEAS ...check
CVE-2020-7919check older versions than golang-1.11
CVE-2020-8441JYaml through 1.3 allows remote code execution during deserialization ...check
CVE-2020-8953OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication by ...check

Search for package or bug name: Reporting problems