Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2017-2910An exploitable Out-of-bounds Write vulnerability exists in the xls_add ...check
CVE-2018-16494In VOS and overly permissive "umask" may allow for authorized users of ...check
CVE-2018-16495In VOS user session identifier (authentication token) is issued to the ...check
CVE-2018-16499In VOS compromised, an attacker at network endpoints can possibly view ...check
CVE-2019-9475In /proc/net of the kernel filesystem, there is a possible information ...check
CVE-2019-18351An issue was discovered in channels/chan_sip.c in Sangoma Asterisk thr ...check with MITRE if CVE-2019-18351 simply should be dropped
CVE-2020-0478In extend_frame_lowbd of restoration.c, there is a possible out of bou ...check if ebba9c769be2c99d5396d0018901e9a4af5e2d2c is the needed commit
CVE-2020-3702u'Specifically timed and handcrafted traffic can cause internal errors ...check, it might affect src:linux as pointed out in https://lore.kernel.org/linux-wireless/CABvG-CVvPF++0vuGzCrBj8+s=Bcx1GwWfiW1_Somu_GVncTAcQ@mail.gmail.com/
CVE-2020-7860UnEGG v0.5 and eariler versions have a Integer overflow vulnerability, ...check
CVE-2020-8492Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 ...check, upload of pypy/7.3.5+dfsg-1 to experimental claims this affects src:pypy
CVE-2020-8670Race condition in the firmware for some Intel(R) Processors may allow ...check
CVE-2020-8700Improper input validation in the firmware for some Intel(R) Processors ...check
CVE-2020-8702Uncontrolled search path element in the Intel(R) Processor Diagnostic ...check
CVE-2020-8703Improper buffer restrictions in a subsystem in the Intel(R) CSME versi ...check
CVE-2020-8704Race condition in a subsystem in the Intel(R) LMS versions before 2039 ...check
CVE-2020-12288Protection mechanism failure in some Intel(R) Thunderbolt(TM) controll ...check
CVE-2020-12289Out-of-bounds write in some Intel(R) Thunderbolt(TM) controllers may a ...check
CVE-2020-12290Improper access control in some Intel(R) Thunderbolt(TM) controllers m ...check
CVE-2020-12291Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) con ...check
CVE-2020-12292Improper conditions check in some Intel(R) Thunderbolt(TM) controllers ...check
CVE-2020-12293Improper control of a resource through its lifetime in some Intel(R) T ...check
CVE-2020-12294Insufficient control flow management in some Intel(R) Thunderbolt(TM) ...check
CVE-2020-12295Improper input validation in some Intel(R) Thunderbolt(TM) controllers ...check
CVE-2020-12296Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) con ...check
CVE-2020-12357Improper initialization in the firmware for some Intel(R) Processors m ...check
CVE-2020-12358Out of bounds write in the firmware for some Intel(R) Processors may a ...check
CVE-2020-12359Insufficient control flow management in the firmware for some Intel(R) ...check
CVE-2020-12360Out of bounds read in the firmware for some Intel(R) Processors may al ...check
CVE-2020-13668RESERVEDcheck, instead in MITRE CVE-2020-13688 is for sa-core-2020-009, CNA contacted
CVE-2020-13688Cross-site scripting vulnerability in l Drupal Core allows an attacker ...check, drupal advisory references CVE-2020-13668 instead, CNA contacted
CVE-2020-13950Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be mad ...check why this only a problem starting in 2.4.41
CVE-2020-15377Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated ...check
CVE-2020-15378The OVA version of Brocade SANnav before version 2.1.1 installation wi ...check
CVE-2020-15379Brocade SANnav before v.2.1.0a could allow remote attackers cause a de ...check
CVE-2020-15380Brocade SANnav before version 2.1.1 logs account credentials at the &# ...check
CVE-2020-15381Brocade SANnav before version 2.1.1 contains an Improper Authenticatio ...check
CVE-2020-15382Brocade SANnav before version 2.1.1 uses a hard-coded administrator ac ...check
CVE-2020-15383Running security scans against the SAN switch can cause config and sec ...check
CVE-2020-15384Brocade SANNav before version 2.1.1 contains an information disclosure ...check
CVE-2020-15385Brocade SANnav before version 2.1.1 allows an authenticated attacker t ...check
CVE-2020-15386Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2 ...check
CVE-2020-15387The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7. ...check
CVE-2020-20178A flaw was found in OpenLDAP. This flaw allows an attacker who can sen ...wait for cleanup, CVE is wrongly associated
CVE-2020-23302There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_re ...check
CVE-2020-23303There is a heap-buffer-overflow at jmem-poolman.c:165 in jmem_pools_co ...check
CVE-2020-23306There is a stack-overflow at ecma-regexp-object.c:535 in ecma_regexp_m ...check
CVE-2020-23308There is an Assertion 'context_p->stack_top_uint8 == LEXER_EXPRESSI ...check
CVE-2020-23309There is an Assertion 'context_p->stack_depth == context_p->cont ...check
CVE-2020-23310There is an Assertion 'context_p->next_scanner_info_p->type == S ...check
CVE-2020-23311There is an Assertion 'context_p->token.type == LEXER_RIGHT_BRACE | ...check
CVE-2020-23312There is an Assertion 'context.status_flags & PARSER_SCANNING_SUCC ...check
CVE-2020-23313There is an Assertion 'scope_stack_p > context_p->scope_stack_p' ...check
CVE-2020-23314There is an Assertion 'block_found' failed at js-parser-statm.c:2003 p ...check
CVE-2020-23319There is an Assertion in '(flags >> CBC_STACK_ADJUST_SHIFT) > ...check
CVE-2020-23320There is an Assertion in 'context_p->next_scanner_info_p->type = ...check
CVE-2020-23321There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_ ...check
CVE-2020-23322There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRAC ...check
CVE-2020-23323There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape ...check
CVE-2020-23914An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-23915An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...retroarch and salmon embed peglib, check if it's actually a security issue
CVE-2020-24473Out of bounds write in the BMC firmware for some Intel(R) Server Board ...check
CVE-2020-24474Buffer overflow in the BMC firmware for some Intel(R) Server Boards, S ...check
CVE-2020-24475Improper initialization in the BMC firmware for some Intel(R) Server B ...check
CVE-2020-24486Improper input validation in the firmware for some Intel(R) Processors ...check
CVE-2020-24506Out of bound read in a subsystem in the Intel(R) CSME versions before ...check
CVE-2020-24507Improper initialization in a subsystem in the Intel(R) CSME versions b ...check
CVE-2020-24509Insufficient control flow management in subsystem in Intel(R) SPS vers ...check
CVE-2020-24662SmartStream Transaction Lifecycle Management (TLM) Reconciliation Prem ...check
CVE-2020-25467A null pointer dereference was discovered lzo_decompress_buf in stream ...check fixing commit
CVE-2020-25646A flaw was found in Ansible Collection community.crypto. openssl_priva ...check
CVE-2020-26515An insufficiently protected credentials issue was discovered in Intlan ...check
CVE-2020-26516A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10. ...check
CVE-2020-26517A cross-site scripting (XSS) issue was discovered in Intland codeBeame ...check
CVE-2020-27383Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of ...check
CVE-2020-28600An out-of-bounds write vulnerability exists in the import_stl.cc:impor ...cheick, maybe fixed already in 2021.01-1
CVE-2020-28713Incorrect access control in push notification service in Night Owl Sma ...check
CVE-2020-35875An issue was discovered in the tokio-rustls crate before 0.13.1 for Ru ...check
CVE-2020-35922An issue was discovered in the mio crate before 0.7.6 for Rust. It has ...check
CVE-2021-0086Improper permissions in the installer for the Intel(R) Brand Verificat ...check
CVE-2021-3013ripgrep before 13 allows attackers to trigger execution of arbitrary p ...check
CVE-2021-3256KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the h ...check
CVE-2021-3283HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task d ...check details
CVE-2021-3426There's a flaw in Python 3's pydoc. A local or adjacent attacker who d ...check, upload of pypy/7.3.5+dfsg-1 to experimental claims this affects src:pypy
CVE-2021-3556RESERVEDcleanup after official reject
CVE-2021-3563scarce details on it if there are upstream references, try to get more information
CVE-2021-3583Template Injection through yaml multi-line strings with ansible facts used in templatescarce information, check later
CVE-2021-3597check, lack of details
CVE-2021-20206An improper limitation of path name flaw was found in containernetwork ...check details, impact on docker.io?
CVE-2021-20220A flaw was found in Undertow. A regression in the fix for CVE-2020-106 ...CVE for incomplete fix for CVE-2020-10687 but not clear if affected any Debian released version
CVE-2021-20291A deadlock vulnerability was found in 'github.com/containers/storage' ...check golang-github-containers-buildah, docker.io
CVE-2021-20329Specific cstrings input may not be properly validated in the MongoDB G ...check
CVE-2021-21382Restund is an open source NAT traversal server. The restund TURN serve ...check
CVE-2021-21391CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the f ...check
CVE-2021-22118In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x ...check
CVE-2021-22175When requests to the internal network for webhooks are enabled, a serv ...check
CVE-2021-22212ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 all ...check details
CVE-2021-22213A cross-site leak vulnerability in the OAuth flow of all versions of G ...check
CVE-2021-22214When requests to the internal network for webhooks are enabled, a serv ...check
CVE-2021-22215An information disclosure vulnerability in GitLab EE versions 13.11 an ...check
CVE-2021-22216A denial of service vulnerability in all versions of GitLab CE/EE befo ...check
CVE-2021-22217A denial of service vulnerability in all versions of GitLab CE/EE befo ...check
CVE-2021-22218All versions of GitLab CE/EE starting with 12.8 were affected by an is ...check
CVE-2021-22219GitLab CE/EE since version 9.5 allows a high privilege user to obtain ...check
CVE-2021-22220An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2021-22221An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2021-22548An attacker can change the pointer to untrusted memory to point to tru ...check
CVE-2021-22549An attacker can modify the address to point to trusted memory to overw ...check
CVE-2021-22550An attacker can modify the pointers in enclave memory to overwrite arb ...check
CVE-2021-22769A CWE-269: Improper Privilege Management vulnerability exists in Enerl ...check
CVE-2021-22895Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certif ...check
CVE-2021-22896Nextcloud Mail before 1.9.5 suffers from improper access control due t ...check
CVE-2021-22906Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers ...check
CVE-2021-22912Nextcloud iOS before 3.4.2 suffers from an information disclosure vuln ...check
CVE-2021-23024On version 8.0.x before 8.0.0.1, and all 6.x and 7.x versions, the BIG ...check
CVE-2021-23215An integer overflow leading to a heap-buffer overflow was found in the ...check details
CVE-2021-23230A SQL Injection vulnerability in the OPCUA interface of Gallagher Comm ...check
CVE-2021-23391This affects all versions of package calipso. It is possible for a mal ...check
CVE-2021-23392The package locutus before 2.0.15 are vulnerable to Regular Expression ...check
CVE-2021-23393This affects the package Flask-Unchained before 0.9.0. When using the ...check
CVE-2021-23394The package studio-42/elfinder before 2.1.58 are vulnerable to Remote ...check
CVE-2021-25322A UNIX Symbolic Link (Symlink) Following vulnerability in python-Hyper ...check
CVE-2021-25948Prototype pollution vulnerability in ‘expand-hash’ version ...check
CVE-2021-25949Prototype pollution vulnerability in ‘set-getter’ version ...check
CVE-2021-26194An issue was discovered in JerryScript 2.4.0. There is a heap-use-afte ...check
CVE-2021-26195An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-o ...check
CVE-2021-26197An issue was discovered in JerryScript 2.4.0. There is a SEGV in main_ ...check
CVE-2021-26198An issue was discovered in JerryScript 2.4.0. There is a SEVG in ecma_ ...check
CVE-2021-26199An issue was discovered in JerryScript 2.4.0. There is a heap-use-afte ...check
CVE-2021-26260An integer overflow leading to a heap-buffer overflow was found in the ...check details
CVE-2021-26314Potential floating point value injection in all supported CPU products ...check
CVE-2021-26945An integer overflow leading to a heap-buffer overflow was found in Ope ...check details
CVE-2021-27345A null pointer dereference was discovered in ucompthread in stream.c i ...check fixing commit
CVE-2021-27347Use after free in lzma_decompress_buf function in stream.c in Irzip 0. ...check fixing commit
CVE-2021-28213Example EDK2 encrypted private key in the IpSecDxe.efi present potenti ...check
CVE-2021-29499SIF is an open source implementation of the Singularity Container Imag ...check
CVE-2021-30535Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a re ...check src:icu
CVE-2021-31347An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...check
CVE-2021-31348An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...check
CVE-2021-31598An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...check
CVE-2021-33194golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows atta ...check completeness
CVE-2021-34555OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial ...check
TEMP-0000000-DD73A0Unexpected database bindings via requests (follow-up)check php-illuminate-database and CVE assignment

Search for package or bug name: Reporting problems