| Bug | Description | Note |
|---|
| CVE-2017-2910 | An exploitable Out-of-bounds Write vulnerability exists in the xls_add ... | check |
| CVE-2020-11987 | Apache Batik 1.13 is vulnerable to server-side request forgery, caused ... | check fixing commits |
| CVE-2020-11988 | Apache XmlGraphics Commons 2.4 is vulnerable to server-side request fo ... | check fixing commits |
| CVE-2020-11997 | Apache Guacamole 1.2.0 and earlier do not consistently restrict access ... | check details, both guacamole-client and guacamole-server affected? |
| CVE-2020-13697 | An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2 ... | check |
| CVE-2020-14409 | SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow ... | check libsdl1.2 |
| CVE-2020-24502 | Improper input validation in some Intel(R) Ethernet E810 Adapter drive ... | checking, might affect src:linux, ice drivers |
| CVE-2020-24503 | Insufficient access control in some Intel(R) Ethernet E810 Adapter dri ... | checking, might affect src:linux, ice drivers |
| CVE-2020-24504 | Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapt ... | checking, might affect src:linux, ice drivers |
| CVE-2020-25646 | A flaw was found in Ansible Collection community.crypto. openssl_priva ... | check |
| CVE-2020-27543 | The restify-paginate package 0.0.5 for Node.js allows remote attackers ... | check |
| CVE-2020-27637 | The R programming language’s default package manager CRAN is aff ... | check details |
| CVE-2020-35132 | An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that a ... | check, unclear that the issue is completely fixed, cf. https://github.com/leenooks/phpLDAPadmin/issues/130#issuecomment-745152260 |
| CVE-2020-35875 | An issue was discovered in the tokio-rustls crate before 0.13.1 for Ru ... | check |
| CVE-2020-35922 | An issue was discovered in the mio crate before 0.7.6 for Rust. It has ... | check |
| CVE-2020-36240 | The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, a ... | check |
| CVE-2020-3702 | u'Specifically timed and handcrafted traffic can cause internal errors ... | check, it might affect src:linux as pointed out in https://lore.kernel.org/linux-wireless/CABvG-CVvPF++0vuGzCrBj8+s=Bcx1GwWfiW1_Somu_GVncTAcQ@mail.gmail.com/ |
| CVE-2021-0366 | In vpu, there is a possible memory corruption due to a race condition. ... | check |
| CVE-2021-0367 | In vpu, there is a possible memory corruption due to a race condition. ... | check |
| CVE-2021-0401 | In vow, there is a possible memory corruption due to a race condition. ... | check |
| CVE-2021-0402 | In jpeg, there is a possible out of bounds write due to improper input ... | check |
| CVE-2021-0403 | In netdiag, there is a possible information disclosure due to a missin ... | check |
| CVE-2021-0404 | In mobile_log_d, there is a possible information disclosure due to imp ... | check |
| CVE-2021-0405 | In performance driver, there is a possible out of bounds write due to ... | check |
| CVE-2021-0406 | In cameraisp, there is a possible out of bounds write due to a missing ... | check |
| CVE-2021-20201 | Client initiated renegotiation denial of service | check details |
| CVE-2021-20206 | | check details, impact on docker.io? |
| CVE-2021-20220 | A flaw was found in Undertow. A regression in the fix for CVE-2020-106 ... | CVE for incomplete fix for CVE-2020-10687 but not clear if affected any Debian released version |
| CVE-2021-20243 | Division by zero in GetResizeFilterWeight in MagickCore/resize.c | check |
| CVE-2021-20327 | A specific version of the Node.js mongodb-client-encryption module doe ... | check |
| CVE-2021-21297 | Node-Red is a low-code programming for event-driven applications built ... | check |
| CVE-2021-21298 | Node-Red is a low-code programming for event-driven applications built ... | check |
| CVE-2021-21320 | matrix-react-sdk is an npm package which is a Matrix SDK for React Jav ... | check |
| CVE-2021-21321 | fastify-reply-from is an npm package which is a fastify plugin to forw ... | check |
| CVE-2021-21322 | fastify-http-proxy is an npm package which is a fastify plugin for pro ... | check |
| CVE-2021-21328 | Vapor is a web framework for Swift. In Vapor before version 4.40.1, th ... | check |
| CVE-2021-21517 | SRS Policy Manager 6.X is affected by an XML External Entity Injection ... | check |
| CVE-2021-21974 | OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESX ... | check |
| CVE-2021-22114 | Addresses partial fix in CVE-2018-1263. Spring-integration-zip, versio ... | check |
| CVE-2021-23336 | The package python/cpython from 0 and before 3.6.13, from 3.7.0 and be ... | check Py2 status |
| CVE-2021-23345 | All versions of package github.com/thecodingmachine/gotenberg are vuln ... | check |
| CVE-2021-25914 | Prototype pollution vulnerability in 'object-collider' versions 1.0.0 ... | check |
| CVE-2021-27804 | JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption. ... | check |
| CVE-2021-27884 | Weak JSON Web Token (JWT) signing secret generation in YMFE YApi throu ... | check |
| CVE-2021-3283 | HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task d ... | check details |
| TEMP-0000000-DD73A0 | Unexpected database bindings via requests (follow-up) | check php-illuminate-database and CVE assignment |