Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2015-2098Multiple stack-based buffer overflows in WebGate eDVR Manager allow re ...check
CVE-2015-2099Multiple buffer overflows in WebGate Control Center allow remote attac ...check
CVE-2015-2100Multiple stack-based buffer overflows in WebGate eDVR Manager and Cont ...check
CVE-2017-2910An exploitable Out-of-bounds Write vulnerability exists in the xls_add ...check
CVE-2019-18351An issue was discovered in channels/chan_sip.c in Sangoma Asterisk thr ...check with MITRE if CVE-2019-18351 simply should be dropped
CVE-2019-20467An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...check
CVE-2020-0478In extend_frame_lowbd of restoration.c, there is a possible out of bou ...check if ebba9c769be2c99d5396d0018901e9a4af5e2d2c is the needed commit
CVE-2020-3702u'Specifically timed and handcrafted traffic can cause internal errors ...check, it might affect src:linux as pointed out in https://lore.kernel.org/linux-wireless/CABvG-CVvPF++0vuGzCrBj8+s=Bcx1GwWfiW1_Somu_GVncTAcQ@mail.gmail.com/
CVE-2020-7387Sage X3 Installation Pathname Disclosure. A specially crafted packet c ...check
CVE-2020-7388Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in Ad ...check
CVE-2020-7389Sage X3 System CHAINE Variable Script Command Injection. An authentica ...check
CVE-2020-7390Sage X3 Stored XSS Vulnerability on ‘Edit’ Page of User Pr ...check
CVE-2020-12681Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices ...check
CVE-2020-15660Missing checks on Content-Type headers in geckodriver before 0.27.0 co ...check
CVE-2020-17952A remote code execution (RCE) vulnerability in /library/think/App.php ...check
CVE-2020-18169A vulnerability in the Windows installer XML (WiX) toolset of TechSmit ...check
CVE-2020-18170An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager ...check
CVE-2020-18171TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) w ...check
CVE-2020-18172A code injection vulnerability in the SeDebugPrivilege component of Tr ...check
CVE-2020-18173A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 al ...check
CVE-2020-18174A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 ...check
CVE-2020-18428tinyexr commit 0.9.5 was discovered to contain an array index error in ...check
CVE-2020-18430tinyexr 0.9.5 was discovered to contain an array index error in the ti ...check
CVE-2020-19463An issue has been found in function vfprintf in PDF2JSON 0.70 that all ...check
CVE-2020-19464An issue has been found in function XRef::fetch in PDF2JSON 0.70 that ...check
CVE-2020-19465An issue has been found in function ObjectStream::getObject in PDF2JSO ...check
CVE-2020-19466An issue has been found in function DCTStream::transformDataUnit in PD ...check
CVE-2020-19467An issue has been found in function DCTStream::transformDataUnit in PD ...check
CVE-2020-19468An issue has been found in function EmbedStream::getChar in PDF2JSON 0 ...check
CVE-2020-19469An issue has been found in function DCTStream::reset in PDF2JSON 0.70 ...check
CVE-2020-19470An issue has been found in function DCTStream::getChar in PDF2JSON 0.7 ...check
CVE-2020-19471An issue has been found in function DCTStream::decodeImage in PDF2JSON ...check
CVE-2020-19472An issue has been found in function DCTStream::readHuffSym in PDF2JSON ...check
CVE-2020-19473An issue has been found in function DCTStream::decodeImage in PDF2JSON ...check
CVE-2020-19474An issue has been found in function Gfx::doShowText in PDF2JSON 0.70 t ...check
CVE-2020-19475An issue has been found in function CCITTFaxStream::lookChar in PDF2JS ...check
CVE-2020-19481An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Bo ...check
CVE-2020-19488An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, ...check
CVE-2020-19716A buffer overflow vulnerability in the Databuf function in types.cpp o ...check, unclear if fixed or not, upstream cannot reproduce as well in 0.27.1 as reported
CVE-2020-20178Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest ve ...wait for cleanup, CVE is wrongly associated
CVE-2020-22148A stored cross site scripting (XSS) vulnerability in /admin.php?page=t ...check
CVE-2020-22150A cross site scripting (XSS) vulnerability in /admin.php?page=permalin ...check
CVE-2020-22283A buffer overflow vulnerability in the icmp6_send_response_with_addrs_ ...check
CVE-2020-22284A buffer overflow vulnerability in the zepif_linkoutput() function of ...check
CVE-2020-22741An issue was discovered in Xuperchain 3.6.0 that allows for attackers ...check
CVE-2020-23914An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-23915An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-25467A null pointer dereference was discovered lzo_decompress_buf in stream ...check fixing commit
CVE-2020-25646A flaw was found in Ansible Collection community.crypto. openssl_priva ...check
CVE-2020-27511An issue was discovered in the stripTags and unescapeHTML components i ...check
CVE-2020-28600An out-of-bounds write vulnerability exists in the import_stl.cc:impor ...cheick, maybe fixed already in 2021.01-1
CVE-2020-35875An issue was discovered in the tokio-rustls crate before 0.13.1 for Ru ...check
CVE-2020-35922An issue was discovered in the mio crate before 0.7.6 for Rust. It has ...check
CVE-2021-20291A deadlock vulnerability was found in 'github.com/containers/storage' ...check golang-github-containers-buildah, docker.io
CVE-2021-21440Generated Support Bundles contains private S/MIME and PGP keys if cont ...check
CVE-2021-21442In the project create screen it's possible to inject malicious JS code ...check
CVE-2021-21443Agents are able to list customer user emails without required permissi ...check
CVE-2021-23408This affects the package com.graphhopper:graphhopper-web-bundle before ...check
CVE-2021-23410All versions of package msgpack are vulnerable to Deserialization of U ...check
CVE-2021-23411All versions of package anchorme are vulnerable to Cross-site Scriptin ...check
CVE-2021-23412All versions of package gitlogplus are vulnerable to Command Injection ...check
CVE-2021-26314Potential floating point value injection in all supported CPU products ...check
CVE-2021-31291A heap-based buffer overflow vulnerability in jp2image.cpp of Exiv2 0. ...check
CVE-2021-31292An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows att ...check
CVE-2021-31878An issue was discovered in PJSIP in Asterisk before 16.19.1 and before ...check
CVE-2021-32558An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x ...check
CVE-2021-32631Common is a package of common modules that can be accessed by NIMBLE s ...check
CVE-2021-32686PJSIP is a free and open source multimedia communication library writt ...check, might affect in impact src:ring
CVE-2021-32751Gradle is a build tool with a focus on build automation. In versions p ...check
CVE-2021-33194golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows atta ...check completeness
CVE-2021-34555OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial ...check, seems introduced by the fix for CVE-2019-16378, cf. https://github.com/trusteddomainproject/OpenDMARC/issues/179#issuecomment-856798477
CVE-2021-36091Agents are able to list appointments in the calendars without required ...check
CVE-2021-36092It's possible to create an email which contains specially crafted link ...check
TEMP-0000000-DD73A0Unexpected database bindings via requests (follow-up)check php-illuminate-database and CVE assignment

Search for package or bug name: Reporting problems