Bugs with TODO items

Hide "check" TODOs

CVE-2011-2844Google Chrome before 14.0.835.163 does not properly process MP3 files, ...check ffmpeg, http://src.chromium.org/viewvc/chrome?view=rev&revision=88382
CVE-2011-2896The LZW decompressor in the LWZReadByte function in giftoppm.c in the ...There's more: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2896
CVE-2011-5034Apache Geronimo 2.2.1 and earlier computes hash values for form ...check
CVE-2013-1799Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before ...check if fix applied to Debian in 3.4.2-2 was incomplete
CVE-2013-4866The LIXIL Corporation My SATIS Genius Toilet application for Android ...check
CVE-2014-0227java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in ...check
CVE-2014-2886GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) ...check
CVE-2014-3514activerecord/lib/active_record/relation/query_methods.rb in Active ...needs to check the others rails versions
CVE-2014-5361Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk ...check
CVE-2014-5370Directory traversal vulnerability in the CFChart servlet ...check
CVE-2014-5400The installation component in Hospira MedNet before 6.1 places ...check
CVE-2014-5403Hospira MedNet before 6.1 uses hardcoded cryptographic keys for ...check
CVE-2014-5405Hospira MedNet before 6.1 uses a hardcoded cleartext password to ...check
CVE-2014-8171kernel: memcg: OOM handling DoScheck
CVE-2014-8172The filesystem implementation in the Linux kernel before 3.13 performs ...unclear, if given commit actually fixes the issue, see http://www.openwall.com/lists/oss-security/2015/03/09/3
CVE-2014-8390Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 ...check
CVE-2014-9145Multiple SQL injection vulnerabilities in Fiyo CMS allow ...check
CVE-2014-9146Multiple cross-site scripting (XSS) vulnerabilities in Fiyo CMS ...check
CVE-2015-0135IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 ...check
CVE-2015-0345Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before ...check
CVE-2015-0692Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 ...check
CVE-2015-0693Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 ...check
CVE-2015-0694Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that ...check
CVE-2015-0698Multiple cross-site scripting (XSS) vulnerabilities in filter search ...check
CVE-2015-0876Multiple cross-site scripting (XSS) vulnerabilities in the ...check
CVE-2015-0877Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD ...check
CVE-2015-0899input validation bypass in MultiPageValidatorcheck
CVE-2015-0903Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows ...check
CVE-2015-1125The touch-events implementation in WebKit in Apple iOS before 8.3 ...check
CVE-2015-1127The private-browsing implementation in WebKit in Apple Safari before ...check
CVE-2015-1128The private-browsing implementation in Apple Safari before 6.2.5, 7.x ...check
CVE-2015-1129Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does ...check
CVE-2015-1149Integer overflow in the simulator in Swift in Apple Xcode before 6.3 ...check
CVE-2015-1314The USAA Mobile Banking application before 7.10.1 for Android displays ...check
CVE-2015-1415The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when ...check
CVE-2015-1484Unquoted Windows search path vulnerability in the agent in Symantec ...check
CVE-2015-1773Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html ...check
CVE-2015-1855OpenSSL extension hostname matching implementation violates RFC 6125check
CVE-2015-1889The Big SQL component in IBM InfoSphere BigInsights 3.0 through ...check
CVE-2015-2223Multiple cross-site scripting (XSS) vulnerabilities in Palo Alto ...check
CVE-2015-2247Unspecified vulnerability in Boosted Boards skateboards allows ...check
CVE-2015-2778Quassel before 0.12-rc1 uses an incorrect data-type size when ...check affected versions
CVE-2015-2779Stack consumption vulnerability in the message splitting functionality ...check affected versions
CVE-2015-3035Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with ...check
CVE-2015-3333Multiple unspecified vulnerabilities in Google V8 before, as ...check
CVE-2015-3334browser/ui/website_settings/website_settings.cc in Google Chrome ...check
CVE-2015-3335The NaClSandbox::InitializeLayerTwoSandbox function in ...check
CVE-2015-3336Google Chrome before 42.0.2311.90 does not always ask the user before ...check
CVE-2015-3344Cross-site scripting (XSS) vulnerability in the Course module 6.x-1.x ...check
CVE-2015-3345SQL injection vulnerability in the PHPlist Integration Module before ...check
CVE-2015-3350Cross-site request forgery (CSRF) vulnerability in the Todo Filter ...check
CVE-2015-3352Multiple cross-site request forgery (CSRF) vulnerabilities in the ...check
CVE-2015-3354Cross-site request forgery (CSRF) vulnerability in the Wishlist module ...check
TEMP-0000000-776ECEincorrect accounting when writing to the entropy pool data can lead to overstimating the amount of entropy in the pool weakening the RNGcheck details
TEMP-0000000-883263net-snmp snmp_pdu_parse() function incompletely initializaition vulnerabilitycheck
TEMP-0760455-22ED59install-sh: insecure use of /tmpcheck other automake versions
TEMP-0781547-BCD9B7nbd-server: server dies if client asks for a non-existing exportcheck details
TEMP-0781640-F16931Signature Bypass in several JSON Web Token Librariescheck (various libraries)

Search for package or bug name: Reporting problems