Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2018-9389In ip6_append_data of ip6_output.c, there is a possible way to achieve ...check, potentially src:linux upstream and not Android specific
CVE-2022-23538github.com/sylabs/scs-library-client is the Go client for the Singular ...check details, might as well affect golang-github-apptainer-container-library-client
CVE-2023-26044react/http is an event-driven, streaming HTTP client and server implem ...check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected
CVE-2023-49316In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ...check if affecting ldap-account-manager or unused path
CVE-2023-50251php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50252php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50262Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ...check sources embedding php-dompdf if affected
CVE-2024-22420JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-22421JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-28180Package jose aims to provide an implementation of the Javascript Objec ...check completeness
CVE-2024-36353Insufficient clearing of GPU global memory could allow a malicious pro ...check, AMD GPU related, but unclear if src:linux
CVE-2024-39442In sprd ssense service, there is a possible missing permission check. ...check
CVE-2025-0217BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are ...check
CVE-2025-2905An XML External Entity (XXE) vulnerability exists in the gateway compo ...check
CVE-2025-3020An low privileged remote Attacker can execute arbitrary web scripts or ...check
CVE-2025-3891A flaw was found in the mod_auth_openidc module for Apache httpd. This ...check upstream status
CVE-2025-4287A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as ...check
CVE-2025-4291A vulnerability, which was classified as critical, was found in IdeaCM ...check
CVE-2025-4292A vulnerability has been found in MRCMS 3.1.3 and classified as proble ...check
CVE-2025-4293A vulnerability was found in MRCMS 3.1.3 and classified as problematic ...check
CVE-2025-4305A vulnerability has been found in kefaming mayi up to 1.3.9 and classi ...check
CVE-2025-4323A vulnerability, which was classified as problematic, has been found i ...check
CVE-2025-4324A vulnerability, which was classified as problematic, was found in MRC ...check
CVE-2025-4325A vulnerability has been found in MRCMS 3.1.2 and classified as proble ...check
CVE-2025-4326A vulnerability was found in MRCMS 3.1.2 and classified as problematic ...check
CVE-2025-4327A vulnerability was found in MRCMS 3.1.2. It has been classified as pr ...check
CVE-2025-4328A vulnerability was found in fp2952 spring-cloud-base up to 7f050dc6db ...check
CVE-2025-4329A vulnerability was found in 74CMS up to 3.33.0. It has been rated as ...check
CVE-2025-4333A vulnerability was found in feng_ha_ha/megagao ssm-erp and production ...check
CVE-2025-23090With the aid of the diagnostics_channel utility, an event can be hooke ...check, seems to be duplicate of CVE-2025-23083, verify it with CNA
CVE-2025-24977OpenCTI is an open cyber threat intelligence (CTI) platform. Prior to ...check
CVE-2025-25504An issue in the /usr/local/bin/jncs.sh script of Gefen WebFWC (In AV o ...check
CVE-2025-26241A SQL injection vulnerability in the "Search" functionality of "ticket ...check
CVE-2025-27920Output Messenger before 2.0.63 was vulnerable to a directory traversal ...check
CVE-2025-27921A reflected cross-site scripting (XSS) vulnerability was discovered in ...check
CVE-2025-44071SeaCMS v13.3 was discovered to contain a remote code execution (RCE) v ...check
CVE-2025-44072SeaCMS v13.3 was discovered to contain a SQL injection vulnerability v ...check
CVE-2025-44074SeaCMS v13.3 was discovered to contain a SQL injection vulnerability v ...check
CVE-2025-45236A stored cross-site scripting (XSS) vulnerability in the Edit Profile ...check
CVE-2025-45237Incorrect access control in the component /config/download of DBSyncer ...check
CVE-2025-45242Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vu ...check
CVE-2025-45609Incorrect access control in the doFilter function of kob latest v1.0.0 ...check
CVE-2025-45616Incorrect access control in the /admin/** API of brcc v1.2.0 allows at ...check
CVE-2025-45617Incorrect access control in the component /user/list of production_ssm ...check
CVE-2025-45618Incorrect access control in the component /admin/sys/datasource/ajaxLi ...check
CVE-2025-46728cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. ...check
CVE-2025-46734league/commonmark is a PHP Markdown parser. A cross-site scripting (XS ...check

Search for package or bug name: Reporting problems