Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2021-27825A directory traversal vulnerability on Mercury MAC1200R devices allows ...check
CVE-2021-31233SQL Injection vulnerability found in Fighting Cock Information System ...check
CVE-2021-37819PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite loop ...check impact on other sources embedding lowagie/text/pdf/PdfReader.java
CVE-2021-45039Multiple models of the Uniview IP Camera (e.g., IPC_G6103 B6103.16.10. ...check
CVE-2022-4240Missing Authentication for Critical Function vulnerability in Honeywel ...check
CVE-2022-4332In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x avulnera ...check
CVE-2022-4333Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher A ...check
CVE-2022-23538github.com/sylabs/scs-library-client is the Go client for the Singular ...check details, might as well affect golang-github-apptainer-container-library-client
CVE-2022-24627An issue was discovered in AudioCodes Device Manager Express through 7 ...check
CVE-2022-24628An issue was discovered in AudioCodes Device Manager Express through 7 ...check
CVE-2022-24629An issue was discovered in AudioCodes Device Manager Express through 7 ...check
CVE-2022-24630An issue was discovered in AudioCodes Device Manager Express through 7 ...check
CVE-2022-24631An issue was discovered in AudioCodes Device Manager Express through 7 ...check
CVE-2022-24632An issue was discovered in AudioCodes Device Manager Express through 7 ...check
CVE-2022-24695Bluetooth Classic in Bluetooth Core Specification through 5.3 does not ...check
CVE-2022-30025SQL injection in "/Framewrk/Home.jsp" file (POST method) in tCredence ...check
CVE-2022-33974Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custo ...check
CVE-2022-35742Microsoft Outlook Denial of Service Vulnerabilitycheck
CVE-2022-35743Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution ...check
CVE-2022-35744Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerabil ...check
CVE-2022-35745Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution ...check
CVE-2022-35746Windows Digital Media Receiver Elevation of Privilege Vulnerabilitycheck
CVE-2022-35747Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerabilitycheck
CVE-2022-35748HTTP.sys Denial of Service Vulnerabilitycheck
CVE-2022-35749Windows Digital Media Receiver Elevation of Privilege Vulnerabilitycheck
CVE-2022-35750Win32k Elevation of Privilege Vulnerabilitycheck
CVE-2022-35751Windows Hyper-V Elevation of Privilege Vulnerabilitycheck
CVE-2022-35752Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution ...check
CVE-2022-35753Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution ...check
CVE-2022-35754Unified Write Filter Elevation of Privilege Vulnerabilitycheck
CVE-2022-35755Windows Print Spooler Elevation of Privilege Vulnerabilitycheck
CVE-2022-35756Windows Kerberos Elevation of Privilege Vulnerabilitycheck
CVE-2022-35757Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...check
CVE-2022-35758Windows Kernel Memory Information Disclosure Vulnerabilitycheck
CVE-2022-35759Windows Local Security Authority (LSA) Denial of Service Vulnerabilitycheck
CVE-2022-36243Shop Beat Solutions (pty) LTD Shop Beat Media Player 2.5.95 up to 3.2. ...check
CVE-2022-36244Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2. ...check
CVE-2022-36246Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2. ...check
CVE-2022-36247Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2. ...check
CVE-2022-36249Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2. ...check
CVE-2022-36250Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2. ...check
CVE-2022-36345Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download ...check
CVE-2022-39071There is an unauthorized access vulnerability in some ZTE mobile phone ...check
CVE-2022-39074There is an unauthorized access vulnerability in some ZTE mobile phone ...check
CVE-2022-39075There is an unauthorized access vulnerability in some ZTE mobile phone ...check
CVE-2022-42225Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vu ...check
CVE-2022-43485Use of Insufficiently Random Values in Honeywell OneWireless. This vul ...check
CVE-2022-43760An Improper Neutralization of Input During Web Page Generation ('Cross ...check
CVE-2022-45372Cross-Site Request Forgery (CSRF) vulnerability in Codeixer Product Ga ...check
CVE-2022-45938An issue was discovered in Comcast Defined Technologies microeisbss th ...check
CVE-2022-46307SGUDA U-Lock central lock control service\u2019s lock management funct ...check
CVE-2022-46308SGUDA U-Lock central lock control service\u2019s user management funct ...check
CVE-2022-46361An attacker having physical access to WDM can plug USB device to gain ...check
CVE-2022-46945Nagvis before 1.9.34 was discovered to contain an arbitrary file read ...check
CVE-2022-47028An issue discovered in Action Launcher for Android v50.5 allows an att ...check
CVE-2022-47029An issue was found in Action Launcher v50.5 allows an attacker to esca ...check
CVE-2022-47525Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Ze ...check
CVE-2022-47526Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path travers ...check
CVE-2022-47616Hitron CODA-5310 has insufficient filtering for specific parameters in ...check
CVE-2022-47617Hitron CODA-5310 has hard-coded encryption/decryption keys in the prog ...check
CVE-2023-0779At the most basic level, an invalid pointer can be input that crashes ...check
CVE-2023-1297Consul and Consul Enterprise's cluster peering implementation containe ...check
CVE-2023-1633Insecure Barbican configuration file leaking credentialcheck, possibly RedHat downstream RHOSP specific, RedHat clarifying with reporter
CVE-2023-1636incomplete container isolationcheck, possibly RedHat downstream RHOSP specific, RedHat clarifying with reporter
CVE-2023-2816Consul and Consul Enterprise allowed any user with service:write permi ...check
CVE-2023-3044An excessively large PDF page size (found in fuzz testing, unlikely in ...check
CVE-2023-3067Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium ...check
CVE-2023-20881Cloud foundry instances having CAPI version between 1.140 and 1.152.0 ...check
CVE-2023-20882In Cloud foundry routing release versions from 0.262.0 and prior to 0. ...check
CVE-2023-21514Improper scheme validation from InstantPlay Deeplink in Galaxy Store p ...check
CVE-2023-21515InstantPlay which included vulnerable script which could execute javas ...check
CVE-2023-21516XSS vulnerability from InstantPlay in Galaxy Store prior to version 4. ...check
CVE-2023-22647An Improper Privilege Management vulnerability in SUSE Rancher allowed ...check
CVE-2023-22648A Improper Privilege Management vulnerability in SUSE Rancher causes p ...check
CVE-2023-22652A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow ...check
CVE-2023-23306The `Toybox.Ant.BurstPayload.add` API method in CIQ API version 2.2.0 ...check
CVE-2023-23562Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access ...check
CVE-2023-23952Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1. ...check
CVE-2023-23953Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1. ...check
CVE-2023-23954Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1. ...check
CVE-2023-23955Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1. ...check
CVE-2023-23956A user can supply malicious HTML and JavaScript code that will be exec ...check
CVE-2023-24584Controller 6000 is vulnerable to a buffer overflow via the Controller ...check
CVE-2023-24593isolate required commits from merge commit
CVE-2023-25180isolate required commits from merge commit
CVE-2023-25539Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerabilit ...check
CVE-2023-25780It is identified a vulnerability of insufficient authentication in an ...check
CVE-2023-26044react/http is an event-driven, streaming HTTP client and server implem ...check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected
CVE-2023-26127All versions of the package n158 are vulnerable to Command Injection d ...check
CVE-2023-26128All versions of the package keep-module-latest are vulnerable to Comma ...check
CVE-2023-26131All versions of the package github.com/xyproto/algernon/engine; all ve ...check
CVE-2023-26818Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, ...check
CVE-2023-27639An issue was discovered in the tshirtecommerce (aka Custom Product Des ...check
CVE-2023-27640An issue was discovered in the tshirtecommerce (aka Custom Product Des ...check
CVE-2023-27744An issue was discovered in South River Technologies TitanFTP NextGen s ...check
CVE-2023-27745An issue in South River Technologies TitanFTP Before v2.0.1.2102 allow ...check
CVE-2023-28043Dell SCG 5.14 contains an information disclosure vulnerability during ...check
CVE-2023-28066Dell OS Recovery Tool, versions 2.2.4013 and 2.3.7012.0, contain an Im ...check
CVE-2023-28147An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privi ...check
CVE-2023-28469An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privi ...check
CVE-2023-28698Wade Graphic Design FANTSY has a vulnerability of insufficient authori ...check
CVE-2023-28699Wade Graphic Design FANTSY has a vulnerability of insufficient filteri ...check
CVE-2023-28700OMICARD EDM backend system\u2019s file uploading function does not res ...check
CVE-2023-28701ELITE TECHNOLOGY CORP. Web Fax has a vulnerability of SQL Injection. A ...check
CVE-2023-28702ASUS RT-AC86U does not filter special characters for parameters in spe ...check
CVE-2023-28703ASUS RT-AC86U\u2019s specific cgi function has a stack-based buffer ov ...check
CVE-2023-28704Furbo dog camera has insufficient filtering for special parameter of d ...check
CVE-2023-28705Openfind Mail2000 has insufficient filtering special characters of ema ...check
CVE-2023-29722The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unau ...check
CVE-2023-29723The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unau ...check
CVE-2023-29724The BT21 x BTS Wallpaper app 12 for Android allows unauthorized apps t ...check
CVE-2023-29725The BT21 x BTS Wallpaper app 12 for Android allows unauthorized applic ...check
CVE-2023-29736Keyboard Themes 1.275.1.164 for Android contains a dictionary traversa ...check
CVE-2023-29746An issue found in The Thaiger v.1.2 for Android allows unauthorized ap ...check
CVE-2023-30149SQL injection vulnerability in the City Autocomplete (cityautocomplete ...check
CVE-2023-31655redis-7.0.10 was discovered to contain a segmentation violation.check, likely invalid issue, cf. https://github.com/RedisLabs/redisraft/issues/608#issuecomment-1507062413
CVE-2023-32181A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow ...check
CVE-2023-32310DataEase is an open source data visualization and analysis tool. The A ...check
CVE-2023-32690libspdm is a sample implementation that follows the DMTF SPDM specific ...check
CVE-2023-33544hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input ...check
CVE-2023-33551Heap Buffer Overflow in the erofsfsck_dirent_iter function in fsck/mai ...check if reported upstream
CVE-2023-33552Heap Buffer Overflow in the erofs_read_one_data function at data.c in ...check if reported upstream
CVE-2023-33960OpenProject is web-based project management software. For any OpenProj ...check
CVE-2023-33963DataEase is an open source data visualization and analysis tool. Prior ...check
CVE-2023-33965Brook is a cross-platform programmable network tool. The `tproxy` serv ...check
CVE-2023-34091Kyverno is a policy engine designed for Kubernetes. In versions of Kyv ...check
CVE-2023-34092Vite provides frontend tooling. Prior to versions 2.9.16, 3.2.7, 4.0.5 ...check
CVE-2023-34152A vulnerability was found in ImageMagick. This security flaw cause a r ...check, CVE might get rejected or disputed

Search for package or bug name: Reporting problems