Bugs with TODO items

Hide "check" TODOs

CVE-2016-10729An issue was discovered in Amanda 3.3.1. A user with backup privileges ...check
CVE-2016-10730An issue was discovered in Amanda 3.3.1. A user with backup privileges ...check
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...check if patch simplifying patch applied in any suite
CVE-2017-18220The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in ...check, needs clarification, the issue is CloseBlob use-after-free
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ...check
CVE-2018-0673Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 ...check
CVE-2018-0679Cross-site scripting vulnerability in multiple FXC Inc. network ...check
CVE-2018-0680Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...check
CVE-2018-0681Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...check
CVE-2018-0682Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...check
CVE-2018-0683Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P ...check
CVE-2018-0684Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P ...check
CVE-2018-0685SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and ...check
CVE-2018-0686Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, ...check
CVE-2018-0687Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun ...check
CVE-2018-0690An unvalidated software update vulnerability in Music Center for PC ...check
CVE-2018-0691Multiple +Message Apps (Softbank +Message App for Android prior to ...check
CVE-2018-0692Untrusted search path vulnerability in Baidu Browser Version ...check
CVE-2018-0693Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows ...check
CVE-2018-0694FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary ...check
CVE-2018-0695Cross-site scripting vulnerability in User-friendly SVN (USVN) Version ...check
CVE-2018-0697Cross-site scripting vulnerability in Metabase version 0.29.3 and ...check
CVE-2018-0699Cross-site scripting vulnerability in YukiWiki 2.1.3 and earlier ...check
CVE-2018-0700YukiWiki 2.1.3 and earlier does not process a particular request ...check
CVE-2018-0701BlueStacks App Player (BlueStacks App Player for Windows 3.0.0 to ...check
CVE-2018-0765A denial of service vulnerability exists when .NET and .NET Core ...check, can potentially affect mono packages
CVE-2018-11832In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-12466openSUSE openbuildservice before 9.2.4 allowed authenticated users to ...check if introducing commit is right and fix status
CVE-2018-12467Authorized users of the openbuildservice before 2.9.4 could delete ...check if introducing commit is right and fix status
CVE-2018-15708Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers ...check
CVE-2018-16329In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the ...check if though missing null checks are present as well in 6.x series
CVE-2018-1643The Installation Verification Tool of IBM WebSphere Application Server ...check
CVE-2018-16856Private keys written to world-readable log filescheck if Debian affected by the problem or Red Hat specific setup
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other ...further check, stb_image.h in older version is embedded in src:catimg
CVE-2018-17846The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...check, possibly introduced in later versions
CVE-2018-17847The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...check, possibly introduced in later versions
CVE-2018-17848The html package (aka x/net/html) through 2018-09-25 in Go mishandles ...check, possibly introduced in later versions
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2018-19211In ncurses 6.1, there is a NULL pointer dereference at function ...check
CVE-2018-19212In libwebm through 2018-10-03, there is an abort caused by ...check
CVE-2018-19216Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken ...Something is not correct about this CVE, the upstream bug is 3392425, but commit references 3392525, and the former is really fixed in 2.13.02 but the latter is unfixed in 2.13.02 and even 2.13.03.
CVE-2018-19286The server in mubu note 2018-11-11 has XSS by configuring an account ...check
CVE-2018-3621Insufficient input validation in the Intel Driver & Support Assistant ...check
CVE-2018-3635Insufficient input validation in installer in Intel Rapid Store ...check
CVE-2018-3697Improper directory permissions in the installer for the Intel Media ...check
CVE-2018-3698Improper file permissions in the installer for the Intel Ready Mode ...check
CVE-2018-3847Multiple exploitable buffer overflow vulnerabilities exist in image ...double-check
CVE-2018-5360LibTIFF before 4.0.6 mishandles the reading of TIFF files, as ...claimed to be fixed in latest libtiff, but no idication yet which changes adresses the issue
CVE-2018-5495All StorageGRID Webscale versions are susceptible to a vulnerability ...check
CVE-2018-6260NVIDIA graphics driver contains a vulnerability that may allow access ...check
CVE-2018-8416A tampering vulnerability exists when .NET Core improperly handles ...check
CVE-2018-8529A remote code execution vulnerability exists when Team Foundation ...check
CVE-2018-9246The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in ...check if set of commits complete
CVE-2018-9457In onCheckedChanged of BluetoothPairingController.java, there is a ...check
CVE-2018-9521In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out ...check
CVE-2018-9522In the serialization functions of StatsLogEventWrapper.java, there is ...check
CVE-2018-9523In Parcel.writeMapInternal of Parcel.java, there is a possible parcel ...check
CVE-2018-9524In functionality implemented in System UI, there are insufficient ...check
CVE-2018-9525In the AndroidManifest.xml file defining the SliceBroadcastReceiver ...check
CVE-2018-9526In device configuration data, there is an improperly configured ...check
CVE-2018-9527In vorbis_book_decodev_set of codebook.c there is a possible out of ...check
CVE-2018-9528In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s there is a ...check
CVE-2018-9529In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a ...check
CVE-2018-9530In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a ...check
CVE-2018-9531In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible ...check
CVE-2018-9532In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a ...check
CVE-2018-9533In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out ...check
CVE-2018-9534In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a ...check
CVE-2018-9535In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible ...check
CVE-2018-9536In numerous functions of libFDK, there are possible out of bounds ...check
CVE-2018-9537In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible ...check
CVE-2018-9539In the ClearKey CAS descrambler, there is a possible use after free ...check
CVE-2018-9540In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possible ...check
CVE-2018-9541In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible ...check
CVE-2018-9542In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of ...check
CVE-2018-9543In f2fs_format_utils.c WITH_BLKDISCARD is not defined, which may cause ...check
CVE-2018-9544In register_app of btif_hd.cc, there is a possible out-of-bounds read ...check
CVE-2018-9545In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible ...check
CVE-2018-9580A Elevation of privilege vulnerability in the HTC bootloader. Product: ...check

Search for package or bug name: Reporting problems