Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2014-7952The backup mechanism in the adb tool in Android might allow attackers ...check
CVE-2016-0715Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, ...check
CVE-2016-9040An exploitable denial of service exists in the the Joyent SmartOS OS ...check
CVE-2016-9044An exploitable command execution vulnerability exists in Information ...check
CVE-2016-9045A code execution vulnerability exists in ProcessMaker Enterprise Core ...check
CVE-2016-9048Multiple exploitable SQL Injection vulnerabilities exists in ...check
CVE-2017-1000600WordPress version <4.9 contains a CWE-20 Input Validation ...check
CVE-2017-1082In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the ...check
CVE-2017-1083In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is ...check
CVE-2017-1084In FreeBSD before 11.2-RELEASE, multiple issues with the ...check
CVE-2017-1085In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() ...check
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...check if patch simplifying patch applied in any suite
CVE-2017-14026In Ice Qube Thermal Management Center versions prior to version 4.13, ...check
CVE-2017-14443An exploitable information leak vulnerability exists in Insteon Hub ...check
CVE-2017-15818In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2017-15828In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2017-15844In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2017-16639Tor Browser on Windows before 8.0 allows remote attackers to bypass ...check
CVE-2017-16714In Ice Qube Thermal Management Center versions prior to version 4.13, ...check
CVE-2017-16906In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a ...check
CVE-2017-16907In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ...check
CVE-2017-16908In Horde Groupware 5.2.19, there is XSS via the Name field during ...check
CVE-2017-1794IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 ...check
CVE-2017-18220The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in ...check, needs clarification, the issue is CloseBlob use-after-free
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ...check
CVE-2017-2777An exploitable heap overflow vulnerability exists in the ...check
CVE-2017-2792An exploitable heap corruption vulnerability exists in the iBldDirInfo ...check
CVE-2017-2795An exploitable heap corruption vulnerability exists in the Txo ...check
CVE-2017-2854An exploitable buffer overflow vulnerability exists in the DDNS client ...check
CVE-2017-2855An exploitable buffer overflow vulnerability exists in the DDNS client ...check
CVE-2017-2856An exploitable buffer overflow vulnerability exists in the DDNS client ...check
CVE-2017-2857An exploitable buffer overflow vulnerability exists in the DDNS client ...check
CVE-2017-2872Insufficient security checks exist in the recovery procedure used by ...check
CVE-2017-2873An exploitable command injection vulnerability exists in the web ...check
CVE-2017-2874An information disclosure vulnerability exists in the Multi-Camera ...check
CVE-2017-2875An exploitable buffer overflow vulnerability exists in the ...check
CVE-2017-2876An exploitable buffer overflow vulnerability exists in the ...check
CVE-2017-2877A missing error check exists in the Multi-Camera interface used by the ...check
CVE-2017-2878An exploitable buffer overflow vulnerability exists in the web ...check
CVE-2017-2879An exploitable buffer overflow vulnerability exists in the UPnP ...check
CVE-2017-3912Bypassing password security vulnerability in McAfee Application and ...check
CVE-2017-6913Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail ...check
CVE-2017-8316IntelliJ IDEA XML parser was found vulnerable to XML External Entity ...check
CVE-2018-0623Untrusted search path vulnerability in Multiple Yayoi 17 Series ...check
CVE-2018-0624Untrusted search path vulnerability in Multiple Yayoi 17 Series ...check
CVE-2018-0642Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 ...check
CVE-2018-0643Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 ...check
CVE-2018-0644Buffer overflow in Ubuntu14.04 ORCA (Online Receipt Computer ...check
CVE-2018-0645MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via ...check
CVE-2018-0649Untrusted search path vulnerability in the installers of multiple ...check
CVE-2018-0672Cross-site scripting vulnerability in Movable Type versions prior to ...check
CVE-2018-0718Command injection vulnerability in Music Station 5.1.2 and earlier ...check
CVE-2018-0765A denial of service vulnerability exists when .NET and .NET Core ...check, can potentially affect mono packages
CVE-2018-0965A remote code execution vulnerability exists when Windows Hyper-V on a ...check
CVE-2018-1000773WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...check
CVE-2018-1000802Python Software Foundation Python (CPython) version 2.7 contains a ...check
CVE-2018-1051It was found that the fix for CVE-2016-9606 in versions 3.0.22 and ...check
CVE-2018-10637A maliciously crafted project file may cause a buffer overflow, which ...check
CVE-2018-10780Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based ...check, there is same function in byteSwap2 in earlier versions than 0.26
CVE-2018-11071Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, ...check
CVE-2018-11084Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents ...check
CVE-2018-11086Pivotal Usage Service in Pivotal Application Service, versions 2.0 ...check
CVE-2018-11088Pivotal Applications Manager in Pivotal Application Service, versions ...check
CVE-2018-11267In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...check
CVE-2018-11268In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...check
CVE-2018-11269In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, ...check
CVE-2018-11274In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11275In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11277In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, ...check
CVE-2018-11278In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11280In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11286In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11291In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, ...check
CVE-2018-11294In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11299In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11302In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-1149cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers ...check
CVE-2018-1150NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow ...check
CVE-2018-11818In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11826In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11827In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11832In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11840In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11843In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11851In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11852In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11860In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11863In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11868In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11869In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11878In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11883In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11886In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11889In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11891In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11893In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11894In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11895In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11897In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11902In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11903In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-11904In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-1198Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser ...check
CVE-2018-11982In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, ...check
CVE-2018-12086Buffer overflow in OPC UA applications allows remote attackers to ...check
CVE-2018-1223Cloud Foundry Container Runtime (kubo-release), versions prior to ...check
CVE-2018-12466openSUSE openbuildservice before 9.2.4 allowed authenticated users to ...check if introducing commit is right and fix status
CVE-2018-12467Authorized users of the openbuildservice before 2.9.4 could delete ...check if introducing commit is right and fix status
CVE-2018-12585An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can ...check
CVE-2018-12608An issue was discovered in Docker Moby before 17.06.0. The Docker ...check
CVE-2018-14642An information leak vulnerability was found in Undertow. If all ...further check, the RedHat bug 1628702 references are not public accessible
CVE-2018-14796Tec4Data SmartCooler, all versions prior to firmware 180806, the ...check
CVE-2018-15474** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formula ...check
CVE-2018-16329In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the ...check if though missing null checks are present as well in 6.x series
CVE-2018-16413ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the ...further check before updating entry, partially fixed (1249), but problem with 1251
CVE-2018-16646In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause ...check, reporter did only report to Red Hat so far, few details
CVE-2018-1674IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through ...check
CVE-2018-16785XML injection vulnerability exists in the file of DedeCMS V5.7 SP2 ...check
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other ...further check, stb_image.h in older version is embedded in src;catimg
CVE-2018-17075The html package (aka x/net/html) before 2018-07-13 in Go mishandles ...check
CVE-2018-17142The html package (aka x/net/html) through 2018-09-17 in Go mishandles ...check, in golang-golang-x-net-dev?
CVE-2018-17143The html package (aka x/net/html) through 2018-09-17 in Go mishandles ...check, in golang-golang-x-net-dev?
CVE-2018-17228nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell ...check
CVE-2018-17229Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to ...check
CVE-2018-17230Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to ...check
CVE-2018-17233A SIGFPE signal is raised in the function ...check
CVE-2018-17234Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in ...check
CVE-2018-17237A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of ...check
CVE-2018-17254The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the ...check
CVE-2018-17255Navigate CMS 2.8 has Reflected XSS via the navigate.php fid parameter. ...check
CVE-2018-1782IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1) allows a local, ...check
CVE-2018-1800IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could ...check
CVE-2018-3573In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-3574In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-3616Bleichenbacher-style side channel vulnerability in TLS implementation ...check
CVE-2018-3643A vulnerability in Power Management Controller firmware in systems ...check
CVE-2018-3655A vulnerability in a subsystem in Intel CSME before version 11.21.55, ...check
CVE-2018-3657Multiple buffer overflows in Intel AMT in Intel CSME firmware versions ...check
CVE-2018-3658Multiple memory leaks in Intel AMT in Intel CSME firmware versions ...check
CVE-2018-3659A vulnerability in Intel PTT module in Intel CSME firmware before ...check
CVE-2018-3669A STOP error (BSoD) in the ibtfltcoex.sys driver for Intel Centrino ...check
CVE-2018-3679Escalation of privilege in Reference UI in Intel Data Center Manager ...check
CVE-2018-3686Code injection vulnerability in INTEL-SA-00086 Detection Tool before ...check
CVE-2018-3823X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a ...check
CVE-2018-3824X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a ...check
CVE-2018-3825In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default ...check
CVE-2018-3826In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was ...check
CVE-2018-3827A sensitive data disclosure flaw was found in the Elasticsearch ...check
CVE-2018-3828Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an ...check
CVE-2018-3829In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was ...check
CVE-2018-3830Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) ...check
CVE-2018-3831Elasticsearch Alerting and Monitoring in versions before 6.4.1 or ...check
CVE-2018-3847Multiple exploitable buffer overflow vulnerabilities exist in image ...double-check
CVE-2018-3864An exploitable buffer overflow vulnerability exists in the Samsung ...check
CVE-2018-3865An exploitable buffer overflow vulnerability exists in the Samsung ...check
CVE-2018-3882An exploitable SQL injection vulnerability exists in the authenticated ...check
CVE-2018-3883An exploitable SQL injection vulnerability exists in the authenticated ...check
CVE-2018-3884An exploitable SQL injection vulnerability exists in the authenticated ...check
CVE-2018-3885An exploitable SQL injection vulnerability exists in the authenticated ...check
CVE-2018-5360LibTIFF before 4.0.6 mishandles the reading of TIFF files, as ...claimed to be fixed in latest libtiff, but no idication yet which changes adresses the issue
CVE-2018-5905In all android releases (Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-6500A potential Directory Traversal Security vulnerability has been ...check
CVE-2018-6501Potential security vulnerability of Insufficient Access Controls has ...check
CVE-2018-6502A potential Reflected Cross-Site Scripting (XSS) Security ...check
CVE-2018-6503A potential Access Control vulnerability has been identified in ...check
CVE-2018-6504A potential Cross-Site Request Forgery (CSRF) vulnerability has been ...check
CVE-2018-6505A potential Unauthenticated File Download vulnerability has been ...check
CVE-2018-6690Accessing, modifying, or executing executable files vulnerability in ...check
CVE-2018-6693An unprivileged user can delete arbitrary files on a Linux system ...check
CVE-2018-6923In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip ...check
CVE-2018-6924In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, ...check
CVE-2018-7572Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to ...check
CVE-2018-7929Huawei Mate RS smartphones with the versions before NEO-AL00D ...check
CVE-2018-7991Huawei smartphones Mate10 with versions earlier before ALP-AL00B ...check
CVE-2018-8269A denial of service vulnerability exists when OData Library improperly ...check
CVE-2018-8360An information disclosure vulnerability exists in Microsoft .NET ...check mono
CVE-2018-8889A directory traversal vulnerability in the Connect Service of the ...check
CVE-2018-9246The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in ...check if set of commits complete
CVE-2018-9472RESERVEDpotentially libxml?

Search for package or bug name: Reporting problems