Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2022-23538github.com/sylabs/scs-library-client is the Go client for the Singular ...check details, might as well affect golang-github-apptainer-container-library-client
CVE-2023-6725An access-control flaw was found in the OpenStack Designate component ...check, details unclear
CVE-2023-26044react/http is an event-driven, streaming HTTP client and server implem ...check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected
CVE-2023-47435An issue in the verifyPassword function of hexo-theme-matery v2.0.0 al ...check
CVE-2023-49275Wazuh is a free and open source platform used for threat prevention, d ...check
CVE-2023-49316In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ...check if affecting ldap-account-manager or unused path
CVE-2023-49501Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a ...check
CVE-2023-49502Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a ...check
CVE-2023-50007Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a ...check
CVE-2023-50008Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a ...check
CVE-2023-50009Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a ...check
CVE-2023-50010Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a ...check
CVE-2023-50251php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50252php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50260Wazuh is a free and open source platform used for threat prevention, d ...check
CVE-2023-50262Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ...check sources embedding php-dompdf if affected
CVE-2023-51791Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a ...check
CVE-2023-51792Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attac ...check
CVE-2023-51793Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a ...check
CVE-2023-51795Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a ...check
CVE-2023-51796Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a ...check
CVE-2023-51797Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a ...check
CVE-2023-51798Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a ...check
CVE-2024-0671Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm ...check
CVE-2024-1065Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm ...check
CVE-2024-1681corydolphin/flask-cors is vulnerable to log injection when the log lev ...check
CVE-2024-3209A vulnerability was found in UPX up to 4.2.2. It has been rated as cri ...check upstream report status, seems not filled as issue
CVE-2024-3566A command inject vulnerability allows an attacker to perform command i ...check
CVE-2024-20380A vulnerability in the HTML parser of ClamAV could allow an unauthenti ...check
CVE-2024-21002Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...check
CVE-2024-21003Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...check
CVE-2024-21004Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...check
CVE-2024-21005Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...check
CVE-2024-21090Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...check
CVE-2024-21103Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...check
CVE-2024-22420JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-22421JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-24856The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee ...check
CVE-2024-24862In function pci1xxxx_spi_probe, there is a potential null pointer that ...check
CVE-2024-24863In malidp_mw_connector_reset, new memory is allocated with kzalloc, bu ...check
CVE-2024-26256libarchive Remote Code Execution Vulnerabilitycheck
CVE-2024-27280Buffer overread vulnerability in StringIOcheck details
CVE-2024-28180Package jose aims to provide an implementation of the Javascript Objec ...check completeness
CVE-2024-28718An issue in OpenStack magnum yoga-eom version allows a remote attacker ...check
CVE-2024-28836An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiati ...check, missing details
CVE-2024-29028memos is a privacy-first, lightweight note-taking service. In memos 0. ...check
CVE-2024-29029memos is a privacy-first, lightweight note-taking service. In memos 0. ...check
CVE-2024-29030memos is a privacy-first, lightweight note-taking service. In memos 0. ...check
CVE-2024-29183OpenRASP is a RASP solution that directly integrates its protection en ...check
CVE-2024-29291An issue in Laravel Framework 8 through 11 might allow a remote attack ...check
CVE-2024-30166In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ...check, missing details
CVE-2024-31450Owncast is an open source, self-hosted, decentralized, single user liv ...check
CVE-2024-31463Ironic-image is an OpenStack Ironic deployment packaged and configured ...check
CVE-2024-31744In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/j ...check
CVE-2024-31745Libdwarf v0.9.1 was discovered to contain a heap use-after-free via th ...check
CVE-2024-32038Wazuh is a free and open source platform used for threat prevention, d ...check
CVE-2024-32166Webid v1.2.1 suffers from an Insecure Direct Object Reference (IDOR) - ...check
CVE-2024-32473Moby is an open source container framework that is a key component of ...check
CVE-2024-32650Rustls is a modern TLS library written in Rust. `rustls::ConnectionCom ...check
CVE-2024-32652The adapter @hono/node-server allows you to run your Hono application ...check

Search for package or bug name: Reporting problems