| Bug | Description | Note |
|---|
| CVE-2016-20013 | sha256crypt and sha512crypt through 0.6 allow attackers to cause a den ... | check, several sources (busybox, sssd, dietlibc, php*, ...) do embed an implentation of the code, but only track those with security impact |
| CVE-2020-0478 | In extend_frame_lowbd of restoration.c, there is a possible out of bou ... | check if ebba9c769be2c99d5396d0018901e9a4af5e2d2c is the needed commit |
| CVE-2020-19716 | A buffer overflow vulnerability in the Databuf function in types.cpp o ... | check, unclear if fixed or not, upstream cannot reproduce as well in 0.27.1 as reported |
| CVE-2020-22983 | A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStra ... | check |
| CVE-2020-23914 | An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ... | retroarch and salmon embed peglib, check if it's actually a security issue |
| CVE-2020-23915 | An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ... | retroarch and salmon embed peglib, check if it's actually a security issue |
| CVE-2020-36123 | saitoha libsixel v1.8.6 was discovered to contain a double free via th ... | check, unclear why reporter did close the issue again |
| CVE-2021-0066 | Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0072 | Improper input validation in firmware for some Intel(R) PROSet/Wireles ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0076 | Improper Validation of Specified Index, Position, or Offset in Input i ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0161 | Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0162 | Improper input validation in software for Intel(R) PROSet/Wireless Wi- ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0163 | Improper Validation of Consistency within input in software for Intel( ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0164 | Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0165 | Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0166 | Exposure of Sensitive Information to an Unauthorized Actor in firmware ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0167 | Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0168 | Improper input validation in firmware for some Intel(R) PROSet/Wireles ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0169 | Uncontrolled Search Path Element in software for Intel(R) PROSet/Wirel ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0170 | Exposure of Sensitive Information to an Unauthorized Actor in firmware ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0171 | Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0172 | Improper input validation in firmware for some Intel(R) PROSet/Wireles ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0173 | Improper Validation of Consistency within input in firmware for some I ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0174 | Improper Use of Validation Framework in firmware for some Intel(R) PRO ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0175 | Improper Validation of Specified Index, Position, or Offset in Input i ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0176 | Improper input validation in firmware for some Intel(R) PROSet/Wireles ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0177 | Improper Validation of Consistency within input in software for Intel( ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0178 | Improper input validation in software for Intel(R) PROSet/Wireless Wi- ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0179 | Improper Use of Validation Framework in software for Intel(R) PROSet/W ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-0183 | Improper Validation of Specified Index, Position, or Offset in Input i ... | check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree |
| CVE-2021-3681 | A flaw was found in Ansible Galaxy Collections. When collections are b ... | check, needs verifying the affected ansible/ansible-base components |
| CVE-2021-3773 | A flaw in netfilter could allow a network-connected attacker to infer ... | fill in tracking details |
| CVE-2021-3859 | | check details |
| CVE-2021-20315 | A locking protection bypass flaw was found in some versions of gnome-s ... | check, possibly Red Hat specific as issue introduced of backporting features to CentOS 8 Streams |
| CVE-2021-22275 | Buffer Overflow vulnerability in B&R Automation Runtime webserver ... | check |
| CVE-2021-26317 | Failure to verify the protocol in SMM may allow an attacker to control ... | check |
| CVE-2021-26318 | A timing and power-based side channel attack leveraging the x86 PREFET ... | check details and if mitigation in microcode/kernel exists |
| CVE-2021-26324 | A bug with the SEV-ES TMR may lead to a potential loss of memory integ ... | check |
| CVE-2021-26332 | Failure to verify SEV-ES TMR is not in MMIO space, SEV-ES FW could res ... | check |
| CVE-2021-26339 | A bug in AMD CPU’s core logic may allow for an attacker, using s ... | check |
| CVE-2021-26341 | Some AMD CPUs may transiently execute beyond unconditional direct bran ... | check if we need to track mitigations in src:linux |
| CVE-2021-26342 | In SEV guest VMs, the CPU may fail to flush the Translation Lookaside ... | check |
| CVE-2021-26347 | TOCTOU (time-of-check to time-of-use) issue in the System Management U ... | check |
| CVE-2021-26348 | Failure to flush the Translation Lookaside Buffer (TLB) of the I/O mem ... | check |
| CVE-2021-26349 | Failure to assign a new report ID to an imported guest may potentially ... | check |
| CVE-2021-26350 | A TOCTOU race condition in SMU may allow for the caller to obtain and ... | check |
| CVE-2021-26351 | Insufficient DRAM address validation in System Management Unit (SMU) m ... | check |
| CVE-2021-26352 | Insufficient bound checks in System Management Unit (SMU) PCIe Hot Plu ... | check |
| CVE-2021-26353 | Due to a mishandled error, it is possible to leave the DRTM UApp in a ... | check |
| CVE-2021-26361 | A malicious or compromised User Application (UApp) or AGESA Boot Loade ... | check |
| CVE-2021-26362 | A malicious or compromised UApp or ABL may be used by an attacker to i ... | check |
| CVE-2021-26363 | A malicious or compromised UApp or ABL could potentially change the va ... | check |
| CVE-2021-26364 | Insufficient bounds checking in an SMU mailbox register could allow an ... | check |
| CVE-2021-26366 | An attacker, who gained elevated privileges via some other vulnerabili ... | check |
| CVE-2021-26368 | Insufficient check of the process type in Trusted OS (TOS) may allow a ... | check |
| CVE-2021-26369 | A malicious or compromised UApp or ABL may be used by an attacker to s ... | check |
| CVE-2021-26370 | Improper validation of destination address in SVC_LOAD_FW_IMAGE_BY_INS ... | check |
| CVE-2021-26372 | Insufficient bound checks related to PCIE in the System Management Uni ... | check |
| CVE-2021-26373 | Insufficient bound checks in the System Management Unit (SMU) may resu ... | check |
| CVE-2021-26375 | Insufficient General Purpose IO (GPIO) bounds check in System Manageme ... | check |
| CVE-2021-26376 | Insufficient checks in System Management Unit (SMU) FeatureConfig may ... | check |
| CVE-2021-26378 | Insufficient bound checks in the System Management Unit (SMU) may resu ... | check |
| CVE-2021-26386 | A malicious or compromised UApp or ABL may be used by an attacker to i ... | check |
| CVE-2021-26388 | Improper validation of the BIOS directory may allow for searches to re ... | check |
| CVE-2021-26390 | A malicious or compromised UApp or ABL may coerce the bootloader into ... | check |
| CVE-2021-26400 | AMD processors may speculatively re-order load instructions which can ... | check |
| CVE-2021-26408 | Insufficient validation of elliptic curve points in SEV-legacy firmwar ... | check |
| CVE-2021-27478 | A specifically crafted packet sent by an attacker to EIPStackGroup OpE ... | check |
| CVE-2021-27482 | A specifically crafted packet sent by an attacker to EIPStackGroup OpE ... | check |
| CVE-2021-27498 | A specifically crafted packet sent by an attacker to EIPStackGroup OpE ... | check |
| CVE-2021-27500 | A specifically crafted packet sent by an attacker to EIPStackGroup OpE ... | check |
| CVE-2021-27505 | mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized ... | check |
| CVE-2021-28021 | Buffer overflow vulnerability in function stbi__extend_receive in stb_ ... | check libstb itself, and various packages embedd a copy |
| CVE-2021-28276 | A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a ... | check CVE reference, probably invalid report or old version. |
| CVE-2021-33005 | mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remot ... | check |
| CVE-2021-33009 | mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remot ... | check |
| CVE-2021-33013 | mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized ... | check |
| CVE-2021-33135 | Uncontrolled resource consumption in the Linux kernel drivers for Inte ... | check |
| CVE-2021-33139 | Improper conditions check in firmware for some Intel(R) Wireless Bluet ... | check in which firmware versions fixed |
| CVE-2021-33149 | Observable behavioral discrepancy in some Intel(R) Processors may allo ... | check |
| CVE-2021-33155 | Improper input validation in firmware for some Intel(R) Wireless Bluet ... | check in which firmware versions fixed |
| CVE-2021-33178 | The Manage Backgrounds functionality within NagVis versions prior to 1 ... | check, affects nagvis plugin used in Nagios XI and should be fixed in 2.0.9, https://www.synopsys.com/blogs/software-security/cyrc-advisory-nagios-xi/ |
| CVE-2021-33194 | golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows atta ... | check completeness |
| CVE-2021-34605 | A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to v ... | check |
| CVE-2021-34606 | A vulnerability exists in XINJE XD/E Series PLC Program Tool in versio ... | check |
| CVE-2021-36045 | XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-o ... | check for fixing commit |
| CVE-2021-36046 | XMP Toolkit version 2020.1 (and earlier) is affected by a memory corru ... | check for fixing commit |
| CVE-2021-36047 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Imprope ... | check for fixing commit |
| CVE-2021-36048 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Imprope ... | check for fixing commit |
| CVE-2021-36050 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ... | check for fixing commit |
| CVE-2021-36051 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ... | check for fixing commit |
| CVE-2021-36052 | XMP Toolkit version 2020.1 (and earlier) is affected by a memory corru ... | check for fixing commit |
| CVE-2021-36053 | XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-o ... | check for fixing commit |
| CVE-2021-36054 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ... | check for fixing commit |
| CVE-2021-36055 | XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-af ... | check for fixing commit |
| CVE-2021-36056 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ... | check for fixing commit |
| CVE-2021-36057 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-wh ... | check for fixing commit |
| CVE-2021-36058 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer ... | check for fixing commit |
| CVE-2021-36064 | XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Under ... | check for fixing commit |
| CVE-2021-36093 | It's possible to create an email which can be stuck while being proces ... | try to pinpoint status for znuny, cf. https://github.com/znuny/Znuny/issues/128 for an attempt |
| CVE-2021-36094 | It's possible to craft a request for appointment edit screen, which co ... | check, 6.1.2-1 claims to fix the issue through the znuny codebase, https://github.com/znuny/Znuny/issues/128 |
| CVE-2021-36095 | Malicious attacker is able to find out valid user logins by using the ... | try to pinpoint status for znuny, cf. https://github.com/znuny/Znuny/issues/128 for an attempt |
| CVE-2021-36096 | Generated Support Bundles contains private S/MIME and PGP keys if cont ... | check, 6.1.2-1 claims to fix the issue through the znuny codebase, cf. https://github.com/znuny/Znuny/issues/128 |
| CVE-2021-36100 | Specially crafted string in OTRS system configuration can allow the ex ... | check |
| CVE-2021-37298 | Laravel v5.1 was discovered to contain a deserialization vulnerability ... | check, unclear status of report to upstream |
| CVE-2021-38441 | Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-w ... | check for upstream commit |
| CVE-2021-38443 | Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid s ... | check for upstream commit |
| CVE-2021-39847 | XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-ba ... | check for fixing commit |
| CVE-2021-39880 | A Denial Of Service vulnerability in the apollo_upload_server Ruby gem ... | reach out for details for ruby-apollo-upload-server |
| CVE-2021-40716 | XMP Toolkit SDK versions 2021.07 (and earlier) are affected by an out- ... | check for fixing commit |
| CVE-2021-40732 | XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer ... | check for fixing commit |
| CVE-2021-41041 | In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw ... | check |
| CVE-2021-41752 | Stack overflow vulnerability in Jerryscript before commit e1ce7dd72712 ... | check - could be only a test artifact |
| CVE-2021-41867 | An information disclosure vulnerability in OnionShare 2.3 before 2.4 a ... | check details, exact fixing commits unclear |
| CVE-2021-41868 | OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to u ... | check details, exact fixing commits unclear |
| CVE-2021-41965 | A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4 ... | check |
| CVE-2021-42529 | XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-b ... | check for fixing commit |
| CVE-2021-42530 | XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-b ... | check for fixing commit |
| CVE-2021-42531 | XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-b ... | check for fixing commit |
| CVE-2021-42532 | XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-b ... | check for fixing commit |
| CVE-2021-42967 | Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/com ... | check |
| CVE-2021-42969 | Certain Anaconda3 2021.05 are affected by OS command injection. When a ... | check |
| CVE-2021-43503 | A Remote Code Execution (RCE) vulnerability exists in h laravel 5.8.38 ... | check, unclear status of report to upstream |
| CVE-2021-44481 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ... | check - unclear if affects only YottaDB |
| CVE-2021-44482 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ... | check - unclear if affects only YottaDB |
| CVE-2021-44483 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ... | check - unclear if affects only YottaDB |
| CVE-2021-44484 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ... | check - unclear if affects only YottaDB |
| CVE-2021-44485 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ... | check - unclear if affects only YottaDB |
| CVE-2021-44486 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ... | check - unclear if affects only YottaDB |
| CVE-2021-44487 | An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack ... | check - unclear if affects only YottaDB |
| CVE-2021-44488 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ... | check - unclear if affects only YottaDB |
| CVE-2021-44489 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ... | check - unclear if affects only YottaDB |
| CVE-2021-44490 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ... | check - unclear if affects only YottaDB |
| CVE-2021-44491 | An issue was discovered in YottaDB through r1.32 and V7.0-000. Using c ... | check - unclear if affects only YottaDB |
| CVE-2021-44492 | An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44493 | An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44494 | An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44495 | An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44496 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44497 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44498 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44499 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44500 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44501 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44502 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44503 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44504 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44505 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44506 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44507 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44508 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44509 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44510 | An issue was discovered in FIS GT.M through V7.0-000 (related to the Y ... | check upstream to find out which changes affect which CVE |
| CVE-2021-44647 | Lua v5.4.3 and above are affected by SEGV by type confusion in funcnam ... | check older versions if issue is present, reproducer do not crash, but needs inspection of the code yet |
| CVE-2021-44961 | A memory leakage flaw exists in the class PerimeterGenerator of Slic3r ... | check upstream commit |
| CVE-2021-44962 | An out-of-bounds read vulnerability exists in the GCode::extrude() fun ... | check upstream fix |
| CVE-2021-45926 | MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0 ... | check, possibly fixed in 0.9.3, but unclear fixing commit, related to 9b6b52cc8c5838cffeee9388c04890fe1eb73b52? |
| CVE-2021-45927 | MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0 ... | check, possibly fixed in 0.9.3, but unclear fixing commit, related to 9b6b52cc8c5838cffeee9388c04890fe1eb73b52? |
| CVE-2021-45940 | libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in _ ... | check details on fixing commit upstream, furthermore intorducing commit is only when oss-fuzz started |
| CVE-2021-45941 | libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in _ ... | check details on fixing commit upstream, furthermore intorducing commit is only when oss-fuzz started |
| CVE-2021-46744 | An attacker with access to a malicious hypervisor may be able to infer ... | check |
| CVE-2021-46771 | Insufficient validation of addresses in AMD Secure Processor (ASP) fir ... | check |
| CVE-2021-46787 | The AMS module has a vulnerability of improper permission control.Succ ... | check |
| CVE-2022-0004 | Hardware debug modes and processor INIT setting that allow override of ... | check |
| CVE-2022-0005 | Sensitive information accessible by physical probing of JTAG interface ... | check |
| CVE-2022-0084 | | check for details |
| CVE-2022-0427 | Missing sanitization of HTML attributes in Jupyter notebooks in all ve ... | check |
| CVE-2022-0481 | NULL Pointer Dereference in Homebrew mruby prior to 3.2. ... | check, possibly only introduced with dccd66f9efecd0a974b735c62836fe566015cf37 in 3.1.0-rc |
| CVE-2022-0529 | A flaw was found in Unzip. The vulnerability occurs during the convers ... | check details |
| CVE-2022-0530 | A flaw was found in Unzip. The vulnerability occurs during the convers ... | check details |
| CVE-2022-0918 | A vulnerability was discovered in the 389 Directory Server that allows ... | check details |
| CVE-2022-1071 | User after free in mrb_vm_exec in GitHub repository mruby/mruby prior ... | check where issue introduced and present before code refactoring |
| CVE-2022-1124 | An improper authorization issue has been discovered in GitLab CE/EE af ... | check |
| CVE-2022-1352 | Due to an insecure direct object reference vulnerability in Gitlab EE/ ... | check |
| CVE-2022-1379 | URL Restriction Bypass in GitHub repository plantuml/plantuml prior to ... | check |
| CVE-2022-1406 | Improper input validation in GitLab CE/EE affecting all versions from ... | check |
| CVE-2022-1417 | Improper access control in GitLab CE/EE affecting all versions startin ... | check |
| CVE-2022-1426 | An issue has been discovered in GitLab affecting all versions starting ... | check |
| CVE-2022-1428 | An issue has been discovered in GitLab affecting all versions before 1 ... | check |
| CVE-2022-1431 | An issue has been discovered in GitLab affecting all versions starting ... | check |
| CVE-2022-1433 | An issue has been discovered in GitLab affecting all versions starting ... | check |
| CVE-2022-1460 | An issue has been discovered in GitLab affecting all versions starting ... | check |
| CVE-2022-1510 | An issue has been discovered in GitLab affecting all versions starting ... | check |
| CVE-2022-1545 | It was possible to disclose details of confidential notes created via ... | check |
| CVE-2022-21131 | Improper access control for some Intel(R) Xeon(R) Processors may allow ... | check |
| CVE-2022-21136 | Improper input validation for some Intel(R) Xeon(R) Processors may all ... | check |
| CVE-2022-21190 | This affects the package convict before 6.2.3. This is a bypass of [CV ... | check |
| CVE-2022-22252 | The DFX module has a UAF vulnerability.Successful exploitation of this ... | check |
| CVE-2022-22260 | The kernel module has a UAF vulnerability.Successful exploitation of t ... | check |
| CVE-2022-22261 | The HiAIserver has a vulnerability in verifying the validity of the we ... | check |
| CVE-2022-22281 | A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender W ... | check |
| CVE-2022-22282 | SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier ver ... | check |
| CVE-2022-22970 | In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ... | check |
| CVE-2022-22971 | In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ... | check |
| CVE-2022-22975 | An issue was discovered in the Pinniped Supervisor with either LADPIde ... | check |
| CVE-2022-23131 | In the case of instances where the SAML SSO authentication is enabled ... | check, possibly only affecting 5.4.0 onwards; similar code but no upstream fix in 5.0 LTS |
| CVE-2022-23639 | crossbeam-utils provides atomics, synchronization primitives, scoped t ... | check, crossbeam-utils are vendored in various other sources, in particular rustc to be checked |
| CVE-2022-24830 | OpenClinica is an open source software for Electronic Data Capture (ED ... | check |
| CVE-2022-24831 | OpenClinica is an open source software for Electronic Data Capture (ED ... | check |
| CVE-2022-25349 | All versions of package materialize-css are vulnerable to Cross-site S ... | check if affected, CVE reported against the upstream fork |
| CVE-2022-25591 | BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file de ... | check |
| CVE-2022-25862 | This affects the package sds from 0.0.0. The library could be tricked ... | check |
| CVE-2022-25865 | The package workspace-tools before 0.18.4 are vulnerable to Command In ... | check |
| CVE-2022-27247 | onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an att ... | check |
| CVE-2022-28366 | Certain Neko-related HTML parsers allow a denial of service via crafte ... | check upstream for commits |
| CVE-2022-28890 | A vulnerability in the RDF/XML parser of Apache Jena allows an attacke ... | check, possibly not affected as according to upstrema 4.2.x and 4.3.x doe not allow external entities, double check |
| CVE-2022-28919 | HTMLCreator release_stable_2020-07-29 was discovered to contain a cros ... | check |
| CVE-2022-28920 | Tieba-Cloud-Sign v4.9 was discovered to contain a cross-site scripting ... | check |
| CVE-2022-28929 | Hospital Management System v1.0 was discovered to contain a SQL inject ... | check |
| CVE-2022-28930 | ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability ... | check |
| CVE-2022-28936 | FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where ... | check |
| CVE-2022-28937 | FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where ... | check |
| CVE-2022-29176 | Rubygems is a package registry used to supply software for the Ruby la ... | check |
| CVE-2022-29180 | A vulnerability in which attackers could forge HTTP requests to manipu ... | check |
| CVE-2022-29218 | RubyGems is a package registry used to supply software for the Ruby la ... | check |
| CVE-2022-29363 | Phpok v6.1 was discovered to contain a deserialization vulnerability v ... | check |
| CVE-2022-29368 | Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was di ... | check |
| CVE-2022-29538 | RESI Gemini-Net Web 4.2 is affected by Improper Access Control in auth ... | check |
| CVE-2022-29539 | resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Inject ... | check |
| CVE-2022-29970 | Sinatra before 2.2.0 does not validate that the expanded path matches ... | check where issue is introduced |
| CVE-2022-30049 | A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attacker ... | check |
| CVE-2022-30286 | pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-05-04 ... | check |
| CVE-2022-30293 | In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based bu ... | check, Alberto Garcia is checking with upstream |
| CVE-2022-30294 | In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-fre ... | check, Alberto Garcia is checking with upstream |
| TEMP-0000000-DD73A0 | Unexpected database bindings via requests (follow-up) | check php-illuminate-database and CVE assignment |