Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2016-20013sha256crypt and sha512crypt through 0.6 allow attackers to cause a den ...check, several sources (busybox, sssd, dietlibc, php*, ...) do embed an implentation of the code, but only track those with security impact
CVE-2020-0478In extend_frame_lowbd of restoration.c, there is a possible out of bou ...check if ebba9c769be2c99d5396d0018901e9a4af5e2d2c is the needed commit
CVE-2020-19716A buffer overflow vulnerability in the Databuf function in types.cpp o ...check, unclear if fixed or not, upstream cannot reproduce as well in 0.27.1 as reported
CVE-2020-22983A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStra ...check
CVE-2020-23914An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-23915An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-36123saitoha libsixel v1.8.6 was discovered to contain a double free via th ...check, unclear why reporter did close the issue again
CVE-2021-0066Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0072Improper input validation in firmware for some Intel(R) PROSet/Wireles ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0076Improper Validation of Specified Index, Position, or Offset in Input i ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0161Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0162Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0163Improper Validation of Consistency within input in software for Intel( ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0164Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0165Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0166Exposure of Sensitive Information to an Unauthorized Actor in firmware ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0167Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0168Improper input validation in firmware for some Intel(R) PROSet/Wireles ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0169Uncontrolled Search Path Element in software for Intel(R) PROSet/Wirel ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0170Exposure of Sensitive Information to an Unauthorized Actor in firmware ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0171Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0172Improper input validation in firmware for some Intel(R) PROSet/Wireles ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0173Improper Validation of Consistency within input in firmware for some I ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0174Improper Use of Validation Framework in firmware for some Intel(R) PRO ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0175Improper Validation of Specified Index, Position, or Offset in Input i ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0176Improper input validation in firmware for some Intel(R) PROSet/Wireles ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0177Improper Validation of Consistency within input in software for Intel( ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0178Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0179Improper Use of Validation Framework in software for Intel(R) PROSet/W ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0183Improper Validation of Specified Index, Position, or Offset in Input i ...check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-3681A flaw was found in Ansible Galaxy Collections. When collections are b ...check, needs verifying the affected ansible/ansible-base components
CVE-2021-3773A flaw in netfilter could allow a network-connected attacker to infer ...fill in tracking details
CVE-2021-3859check details
CVE-2021-20315A locking protection bypass flaw was found in some versions of gnome-s ...check, possibly Red Hat specific as issue introduced of backporting features to CentOS 8 Streams
CVE-2021-22275Buffer Overflow vulnerability in B&R Automation Runtime webserver ...check
CVE-2021-26317Failure to verify the protocol in SMM may allow an attacker to control ...check
CVE-2021-26318A timing and power-based side channel attack leveraging the x86 PREFET ...check details and if mitigation in microcode/kernel exists
CVE-2021-26324A bug with the SEV-ES TMR may lead to a potential loss of memory integ ...check
CVE-2021-26332Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could res ...check
CVE-2021-26339A bug in AMD CPU’s core logic may allow for an attacker, using s ...check
CVE-2021-26341Some AMD CPUs may transiently execute beyond unconditional direct bran ...check if we need to track mitigations in src:linux
CVE-2021-26342In SEV guest VMs, the CPU may fail to flush the Translation Lookaside ...check
CVE-2021-26347TOCTOU (time-of-check to time-of-use) issue in the System Management U ...check
CVE-2021-26348Failure to flush the Translation Lookaside Buffer (TLB) of the I/O mem ...check
CVE-2021-26349Failure to assign a new report ID to an imported guest may potentially ...check
CVE-2021-26350A TOCTOU race condition in SMU may allow for the caller to obtain and ...check
CVE-2021-26351Insufficient DRAM address validation in System Management Unit (SMU) m ...check
CVE-2021-26352Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plu ...check
CVE-2021-26353Due to a mishandled error, it is possible to leave the DRTM UApp in a ...check
CVE-2021-26361A malicious or compromised User Application (UApp) or AGESA Boot Loade ...check
CVE-2021-26362A malicious or compromised UApp or ABL may be used by an attacker to i ...check
CVE-2021-26363A malicious or compromised UApp or ABL could potentially change the va ...check
CVE-2021-26364Insufficient bounds checking in an SMU mailbox register could allow an ...check
CVE-2021-26366An attacker, who gained elevated privileges via some other vulnerabili ...check
CVE-2021-26368Insufficient check of the process type in Trusted OS (TOS) may allow a ...check
CVE-2021-26369A malicious or compromised UApp or ABL may be used by an attacker to s ...check
CVE-2021-26370Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INS ...check
CVE-2021-26372Insufficient bound checks related to PCIE in the System Management Uni ...check
CVE-2021-26373Insufficient bound checks in the System Management Unit (SMU) may resu ...check
CVE-2021-26375Insufficient General Purpose IO (GPIO) bounds check in System Manageme ...check
CVE-2021-26376Insufficient checks in System Management Unit (SMU) FeatureConfig may ...check
CVE-2021-26378Insufficient bound checks in the System Management Unit (SMU) may resu ...check
CVE-2021-26386A malicious or compromised UApp or ABL may be used by an attacker to i ...check
CVE-2021-26388Improper validation of the BIOS directory may allow for searches to re ...check
CVE-2021-26390A malicious or compromised UApp or ABL may coerce the bootloader into ...check
CVE-2021-26400AMD processors may speculatively re-order load instructions which can ...check
CVE-2021-26408Insufficient validation of elliptic curve points in SEV-legacy firmwar ...check
CVE-2021-27478A specifically crafted packet sent by an attacker to EIPStackGroup OpE ...check
CVE-2021-27482A specifically crafted packet sent by an attacker to EIPStackGroup OpE ...check
CVE-2021-27498A specifically crafted packet sent by an attacker to EIPStackGroup OpE ...check
CVE-2021-27500A specifically crafted packet sent by an attacker to EIPStackGroup OpE ...check
CVE-2021-27505mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized ...check
CVE-2021-28021Buffer overflow vulnerability in function stbi__extend_receive in stb_ ...check libstb itself, and various packages embedd a copy
CVE-2021-28276A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a ...check CVE reference, probably invalid report or old version.
CVE-2021-33005mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remot ...check
CVE-2021-33009mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remot ...check
CVE-2021-33013mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized ...check
CVE-2021-33135Uncontrolled resource consumption in the Linux kernel drivers for Inte ...check
CVE-2021-33139Improper conditions check in firmware for some Intel(R) Wireless Bluet ...check in which firmware versions fixed
CVE-2021-33149Observable behavioral discrepancy in some Intel(R) Processors may allo ...check
CVE-2021-33155Improper input validation in firmware for some Intel(R) Wireless Bluet ...check in which firmware versions fixed
CVE-2021-33178The Manage Backgrounds functionality within NagVis versions prior to 1 ...check, affects nagvis plugin used in Nagios XI and should be fixed in 2.0.9, https://www.synopsys.com/blogs/software-security/cyrc-advisory-nagios-xi/
CVE-2021-33194golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows atta ...check completeness
CVE-2021-34605A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to v ...check
CVE-2021-34606A vulnerability exists in XINJE XD/E Series PLC Program Tool in versio ...check
CVE-2021-36045XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-o ...check for fixing commit
CVE-2021-36046XMP Toolkit version 2020.1 (and earlier) is affected by a memory corru ...check for fixing commit
CVE-2021-36047XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Imprope ...check for fixing commit
CVE-2021-36048XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Imprope ...check for fixing commit
CVE-2021-36050XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ...check for fixing commit
CVE-2021-36051XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ...check for fixing commit
CVE-2021-36052XMP Toolkit version 2020.1 (and earlier) is affected by a memory corru ...check for fixing commit
CVE-2021-36053XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-o ...check for fixing commit
CVE-2021-36054XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ...check for fixing commit
CVE-2021-36055XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-af ...check for fixing commit
CVE-2021-36056XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ...check for fixing commit
CVE-2021-36057XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-wh ...check for fixing commit
CVE-2021-36058XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer ...check for fixing commit
CVE-2021-36064XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Under ...check for fixing commit
CVE-2021-36093It's possible to create an email which can be stuck while being proces ...try to pinpoint status for znuny, cf. https://github.com/znuny/Znuny/issues/128 for an attempt
CVE-2021-36094It's possible to craft a request for appointment edit screen, which co ...check, 6.1.2-1 claims to fix the issue through the znuny codebase, https://github.com/znuny/Znuny/issues/128
CVE-2021-36095Malicious attacker is able to find out valid user logins by using the ...try to pinpoint status for znuny, cf. https://github.com/znuny/Znuny/issues/128 for an attempt
CVE-2021-36096Generated Support Bundles contains private S/MIME and PGP keys if cont ...check, 6.1.2-1 claims to fix the issue through the znuny codebase, cf. https://github.com/znuny/Znuny/issues/128
CVE-2021-36100Specially crafted string in OTRS system configuration can allow the ex ...check
CVE-2021-37298Laravel v5.1 was discovered to contain a deserialization vulnerability ...check, unclear status of report to upstream
CVE-2021-38441Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-w ...check for upstream commit
CVE-2021-38443Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid s ...check for upstream commit
CVE-2021-39847XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-ba ...check for fixing commit
CVE-2021-39880A Denial Of Service vulnerability in the apollo_upload_server Ruby gem ...reach out for details for ruby-apollo-upload-server
CVE-2021-40716XMP Toolkit SDK versions 2021.07 (and earlier) are affected by an out- ...check for fixing commit
CVE-2021-40732XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer ...check for fixing commit
CVE-2021-41041In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw ...check
CVE-2021-41752Stack overflow vulnerability in Jerryscript before commit e1ce7dd72712 ...check - could be only a test artifact
CVE-2021-41867An information disclosure vulnerability in OnionShare 2.3 before 2.4 a ...check details, exact fixing commits unclear
CVE-2021-41868OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to u ...check details, exact fixing commits unclear
CVE-2021-41965A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4 ...check
CVE-2021-42529XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-b ...check for fixing commit
CVE-2021-42530XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-b ...check for fixing commit
CVE-2021-42531XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-b ...check for fixing commit
CVE-2021-42532XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-b ...check for fixing commit
CVE-2021-42967Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/com ...check
CVE-2021-42969Certain Anaconda3 2021.05 are affected by OS command injection. When a ...check
CVE-2021-43503A Remote Code Execution (RCE) vulnerability exists in h laravel 5.8.38 ...check, unclear status of report to upstream
CVE-2021-44481An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...check - unclear if affects only YottaDB
CVE-2021-44482An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...check - unclear if affects only YottaDB
CVE-2021-44483An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...check - unclear if affects only YottaDB
CVE-2021-44484An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...check - unclear if affects only YottaDB
CVE-2021-44485An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...check - unclear if affects only YottaDB
CVE-2021-44486An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...check - unclear if affects only YottaDB
CVE-2021-44487An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ...check - unclear if affects only YottaDB
CVE-2021-44488An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...check - unclear if affects only YottaDB
CVE-2021-44489An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...check - unclear if affects only YottaDB
CVE-2021-44490An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...check - unclear if affects only YottaDB
CVE-2021-44491An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ...check - unclear if affects only YottaDB
CVE-2021-44492An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ...check upstream to find out which changes affect which CVE
CVE-2021-44493An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ...check upstream to find out which changes affect which CVE
CVE-2021-44494An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ...check upstream to find out which changes affect which CVE
CVE-2021-44495An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ...check upstream to find out which changes affect which CVE
CVE-2021-44496An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44497An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44498An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44499An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44500An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44501An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44502An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44503An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44504An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44505An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44506An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44507An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44508An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44509An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44510An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ...check upstream to find out which changes affect which CVE
CVE-2021-44647Lua v5.4.3 and above are affected by SEGV by type confusion in funcnam ...check older versions if issue is present, reproducer do not crash, but needs inspection of the code yet
CVE-2021-44961A memory leakage flaw exists in the class PerimeterGenerator of Slic3r ...check upstream commit
CVE-2021-44962An out-of-bounds read vulnerability exists in the GCode::extrude() fun ...check upstream fix
CVE-2021-45926MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0 ...check, possibly fixed in 0.9.3, but unclear fixing commit, related to 9b6b52cc8c5838cffeee9388c04890fe1eb73b52?
CVE-2021-45927MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0 ...check, possibly fixed in 0.9.3, but unclear fixing commit, related to 9b6b52cc8c5838cffeee9388c04890fe1eb73b52?
CVE-2021-45940libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in _ ...check details on fixing commit upstream, furthermore intorducing commit is only when oss-fuzz started
CVE-2021-45941libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in _ ...check details on fixing commit upstream, furthermore intorducing commit is only when oss-fuzz started
CVE-2021-46744An attacker with access to a malicious hypervisor may be able to infer ...check
CVE-2021-46771Insufficient validation of addresses in AMD Secure Processor (ASP) fir ...check
CVE-2021-46787The AMS module has a vulnerability of improper permission control.Succ ...check
CVE-2022-0004Hardware debug modes and processor INIT setting that allow override of ...check
CVE-2022-0005Sensitive information accessible by physical probing of JTAG interface ...check
CVE-2022-0084check for details
CVE-2022-0427Missing sanitization of HTML attributes in Jupyter notebooks in all ve ...check
CVE-2022-0481NULL Pointer Dereference in Homebrew mruby prior to 3.2. ...check, possibly only introduced with dccd66f9efecd0a974b735c62836fe566015cf37 in 3.1.0-rc
CVE-2022-0529A flaw was found in Unzip. The vulnerability occurs during the convers ...check details
CVE-2022-0530A flaw was found in Unzip. The vulnerability occurs during the convers ...check details
CVE-2022-0918A vulnerability was discovered in the 389 Directory Server that allows ...check details
CVE-2022-1071User after free in mrb_vm_exec in GitHub repository mruby/mruby prior ...check where issue introduced and present before code refactoring
CVE-2022-1124An improper authorization issue has been discovered in GitLab CE/EE af ...check
CVE-2022-1352Due to an insecure direct object reference vulnerability in Gitlab EE/ ...check
CVE-2022-1379URL Restriction Bypass in GitHub repository plantuml/plantuml prior to ...check
CVE-2022-1406Improper input validation in GitLab CE/EE affecting all versions from ...check
CVE-2022-1417Improper access control in GitLab CE/EE affecting all versions startin ...check
CVE-2022-1426An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2022-1428An issue has been discovered in GitLab affecting all versions before 1 ...check
CVE-2022-1431An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2022-1433An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2022-1460An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2022-1510An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2022-1545It was possible to disclose details of confidential notes created via ...check
CVE-2022-21131Improper access control for some Intel(R) Xeon(R) Processors may allow ...check
CVE-2022-21136Improper input validation for some Intel(R) Xeon(R) Processors may all ...check
CVE-2022-21190This affects the package convict before 6.2.3. This is a bypass of [CV ...check
CVE-2022-22252The DFX module has a UAF vulnerability.Successful exploitation of this ...check
CVE-2022-22260The kernel module has a UAF vulnerability.Successful exploitation of t ...check
CVE-2022-22261The HiAIserver has a vulnerability in verifying the validity of the we ...check
CVE-2022-22281A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender W ...check
CVE-2022-22282SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier ver ...check
CVE-2022-22970In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ...check
CVE-2022-22971In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ...check
CVE-2022-22975An issue was discovered in the Pinniped Supervisor with either LADPIde ...check
CVE-2022-23131In the case of instances where the SAML SSO authentication is enabled ...check, possibly only affecting 5.4.0 onwards; similar code but no upstream fix in 5.0 LTS
CVE-2022-23639crossbeam-utils provides atomics, synchronization primitives, scoped t ...check, crossbeam-utils are vendored in various other sources, in particular rustc to be checked
CVE-2022-24830OpenClinica is an open source software for Electronic Data Capture (ED ...check
CVE-2022-24831OpenClinica is an open source software for Electronic Data Capture (ED ...check
CVE-2022-25349All versions of package materialize-css are vulnerable to Cross-site S ...check if affected, CVE reported against the upstream fork
CVE-2022-25591BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file de ...check
CVE-2022-25862This affects the package sds from 0.0.0. The library could be tricked ...check
CVE-2022-25865The package workspace-tools before 0.18.4 are vulnerable to Command In ...check
CVE-2022-27247onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an att ...check
CVE-2022-28366Certain Neko-related HTML parsers allow a denial of service via crafte ...check upstream for commits
CVE-2022-28890A vulnerability in the RDF/XML parser of Apache Jena allows an attacke ...check, possibly not affected as according to upstrema 4.2.x and 4.3.x doe not allow external entities, double check
CVE-2022-28919HTMLCreator release_stable_2020-07-29 was discovered to contain a cros ...check
CVE-2022-28920Tieba-Cloud-Sign v4.9 was discovered to contain a cross-site scripting ...check
CVE-2022-28929Hospital Management System v1.0 was discovered to contain a SQL inject ...check
CVE-2022-28930ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability ...check
CVE-2022-28936FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where ...check
CVE-2022-28937FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where ...check
CVE-2022-29176Rubygems is a package registry used to supply software for the Ruby la ...check
CVE-2022-29180A vulnerability in which attackers could forge HTTP requests to manipu ...check
CVE-2022-29218RubyGems is a package registry used to supply software for the Ruby la ...check
CVE-2022-29363Phpok v6.1 was discovered to contain a deserialization vulnerability v ...check
CVE-2022-29368Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was di ...check
CVE-2022-29538RESI Gemini-Net Web 4.2 is affected by Improper Access Control in auth ...check
CVE-2022-29539resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Inject ...check
CVE-2022-29970Sinatra before 2.2.0 does not validate that the expanded path matches ...check where issue is introduced
CVE-2022-30049A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attacker ...check
CVE-2022-30286pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 ...check
CVE-2022-30293In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based bu ...check, Alberto Garcia is checking with upstream
CVE-2022-30294In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-fre ...check, Alberto Garcia is checking with upstream
TEMP-0000000-DD73A0Unexpected database bindings via requests (follow-up)check php-illuminate-database and CVE assignment

Search for package or bug name: Reporting problems