Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 an ...check if patch simplifying patch applied in any suite
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownersh ...check
CVE-2018-16873In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...check other versions
CVE-2018-16874In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...check other versions
CVE-2018-16875The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 d ...check other versions
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ...further check, stb_image.h in older version is embedded in src:catimg
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2019-1010054Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The ...check
CVE-2019-1010065The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The ...check
CVE-2019-1010066Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: ...check
CVE-2019-1010069moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The ...check
CVE-2019-1010073BACnet Stack bacserv 0.9.1 and 0.8.5 is affected by: Buffer Overflow. ...check
CVE-2019-1010083The Pallets Project Flask before 1.0 is affected by: unexpected memory ...check fixing commit(s)
CVE-2019-1010084Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect ...check
CVE-2019-1010091tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization ...check
CVE-2019-1010094domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). T ...check
CVE-2019-1010095domainmod(https://domainmod.org/) domainmod v4.10.0 is affected by: Cr ...check
CVE-2019-1010096domainmod(https://domainmod.org/) domainmod v4.10.0 is affected by: Cr ...check
CVE-2019-1010104TechyTalk Quick Chat WordPress Plugin All up to the latest is affected ...check
CVE-2019-1010246MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affecte ...check
CVE-2019-1010259SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impac ...check
CVE-2019-1010261Gitea 1.7.0 and earlier is affected by: Cross Site Scripting (XSS). Th ...check
CVE-2019-1010262scapy 2.4.0 and earlier is affected by: Denial of Services. The impact ...check
CVE-2019-1010268Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is ...check
CVE-2019-1010275helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Valida ...check
CVE-2019-1010287Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Script ...check
CVE-2019-1075A spoofing vulnerability exists in ASP.NET Core that could lead to an ...check
CVE-2019-11771AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which ...check
CVE-2019-11772In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], ...check
CVE-2019-12107The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd ...check, might affect minidlna
CVE-2019-12175In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, ...check
CVE-2019-12527An issue was discovered in Squid 4.0.23 through 4.7. When checking Bas ...check why this owuld not affect 3.x versions of upstream Squid.
CVE-2019-13453Zipios before 0.1.7 does not properly handle certain malformed zip arc ...check
CVE-2019-13464An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2 ...check
CVE-2019-13509In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06. ...check
CVE-2019-13640In qBittorrent before 4.1.7, the function Application::runExternalProg ...check
CVE-2019-13915b3log Wide before 1.6.0 allows three types of attacks to access arbitr ...check
CVE-2019-13960** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be ...check
CVE-2019-13961A CSRF vulnerability was found in flatCore before 1.5, leading to the ...check
CVE-2019-13962lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC medi ...check
CVE-2019-13969Metinfo 6.x allows SQL Injection via the id parameter in an admin/inde ...check
CVE-2019-13970In antSword before 2.1.0, self-XSS in the database configuration leads ...check
CVE-2019-13971OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=aut ...check
CVE-2019-13972LayerBB 1.1.3 allows XSS via the application/commands/new.php pm_title ...check
CVE-2019-13973LayerBB 1.1.3 allows admin/general.php arbitrary file upload because t ...check
CVE-2019-13974LayerBB 1.1.3 allows conversations.php/cmd/new CSRF. ...check
CVE-2019-13977index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&id ...check
CVE-2019-13978Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php ...check
CVE-2019-3794Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME- ...check
CVE-2019-7843Adobe Campaign Classic version 18.10.5-8984 and earlier versions have ...check
CVE-2019-7846Adobe Campaign Classic version 18.10.5-8984 and earlier versions have ...check
CVE-2019-7847Adobe Campaign Classic version 18.10.5-8984 and earlier versions have ...check
CVE-2019-7848Adobe Campaign Classic version 18.10.5-8984 and earlier versions have ...check
CVE-2019-7850Adobe Campaign Classic version 18.10.5-8984 and earlier versions have ...check
CVE-2019-7941Adobe Campaign Classic version 18.10.5-8984 and earlier versions have ...check
CVE-2019-7953Adobe Experience Manager version 6.4 and ealier have a Cross-Site Requ ...check
CVE-2019-7954Adobe Experience Manager version 6.4 and ealier have a Stored Cross-si ...check
CVE-2019-7955Adobe Experience Manager version 6.4 and ealier have a Reflected Cross ...check
CVE-2019-7956Adobe Dreamweaver direct download installer versions 19.0 and below, 1 ...check
CVE-2019-7963Adobe Bridge CC version 9.0.2 and earlier versions have an out of boun ...check
CVE-2019-9946Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...singularity-container seems to embed as well a copy of cni

Search for package or bug name: Reporting problems