Bugs with TODO items

Hide "check" TODOs

CVE-2017-2910An exploitable Out-of-bounds Write vulnerability exists in the xls_add ...check
CVE-2019-16961SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name. ...check
CVE-2019-3405In the and lower version of 360F5, the third party can tri ...check
CVE-2020-0471In reassemble_and_dispatch of packet_fragmenter.cc, there is a possibl ...check
CVE-2020-11995A deserialization vulnerability existed in dubbo 2.7.5 and its earlier ...check
CVE-2020-13449A directory traversal vulnerability in the Markdown engine of Gotenber ...check
CVE-2020-13450A directory traversal vulnerability in file upload function of Gotenbe ...check
CVE-2020-13451An incomplete-cleanup vulnerability in the Office rendering engine of ...check
CVE-2020-13452In Gotenberg through 6.2.1, insecure permissions for tini (writable by ...check
CVE-2020-13922Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary ...check
CVE-2020-14097Wrong nginx configuration, causing specific paths to be downloaded wit ...check
CVE-2020-15257containerd is an industry-standard container runtime and is available ...check details
CVE-2020-16045Use after Free in Payments in Google Chrome on Android prior to 87.0.4 ...check
CVE-2020-16046Script injection in iOSWeb in Google Chrome on iOS prior to 84.0.4147. ...check
CVE-2020-16255ownCloud (Core) before 10.5 allows XSS in login page 'forgot password. ...check
CVE-2020-17534There exists a race condition between the deletion of the temporary fi ...check
CVE-2020-23849Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2 ...check
CVE-2020-24025Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when r ...check
CVE-2020-24902Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting ...check
CVE-2020-25533An issue was discovered in Malwarebytes before 4.0 on macOS. A malicio ...check
CVE-2020-25646A flaw was found in Ansible Collection community.crypto. openssl_priva ...check
CVE-2020-26085Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS ...check
CVE-2020-26759clickhouse-driver before 0.1.5 allows a malicious clickhouse server to ...check
CVE-2020-26768Formstone <=1.4.16 is vulnerable to a Reflected Cross-Site Scriptin ...check
CVE-2020-26800A stack overflow vulnerability in Aleth Ethereum C++ client version &l ...check
CVE-2020-27148The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange ...check
CVE-2020-27219In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not ...check
CVE-2020-27220The Eclipse Hono AMQP and MQTT protocol adapters do not check whether ...check
CVE-2020-27534util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 c ...check
CVE-2020-27637The R programming language’s default package manager CRAN is aff ...check
CVE-2020-28470This affects the package @scullyio/scully before 1.0.9. The transfer s ...check
CVE-2020-35132An XSS issue has been discovered in phpLDAPadmin before that a ...check, unclear that the issue is completely fixed, cf. https://github.com/leenooks/phpLDAPadmin/issues/130#issuecomment-745152260
CVE-2020-35508claimed to be Red Hat kernel specific, but still references external reference to kernel-hardening project
CVE-2020-35875An issue was discovered in the tokio-rustls crate before 0.13.1 for Ru ...check
CVE-2020-35922An issue was discovered in the mio crate before 0.7.6 for Rust. It has ...check
CVE-2020-36048Engine.IO before 4.0.0 allows attackers to cause a denial of service ( ...check
CVE-2020-36049socket.io-parser before 3.4.1 allows attackers to cause a denial of se ...check
CVE-2020-3702u'Specifically timed and handcrafted traffic can cause internal errors ...check, it might affect src:linux as pointed out in https://lore.kernel.org/linux-wireless/CABvG-CVvPF++0vuGzCrBj8+s=Bcx1GwWfiW1_Somu_GVncTAcQ@mail.gmail.com/
CVE-2020-5805In Marvell QConvergeConsole GUI <=, credentials are stored ...check
CVE-2020-6655The Eaton's easySoft software v7.20 and prior are susceptible to Out-o ...check
CVE-2020-6656Eaton's easySoft software v7.20 and prior are susceptible to file pars ...check
CVE-2020-7784This affects all versions of package ts-process-promises. The injectio ...check
CVE-2020-7794This affects all versions of package buns. The injection point is loca ...check
CVE-2020-8280A missing file type check in Nextcloud Contacts 3.4.0 allows a malicio ...check
CVE-2020-8281A missing file type check in Nextcloud Contacts 3.3.0 allows a malicio ...check
CVE-2020-9209There is a privilege escalation vulnerability in SMC2.0 product. Some ...check
CVE-2021-21237Git LFS is a command line extension for managing large files with Git. ...check
CVE-2021-21252The jQuery Validation Plugin provides drop-in validation for your exis ...check
CVE-2021-22167An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2021-22168A regular expression denial of service issue has been discovered in Nu ...check
CVE-2021-22171Insufficient validation of authentication parameters in GitLab Pages f ...check
CVE-2021-3028git-big-picture before 1.0.0 mishandles ' characters in a branch name, ...check
CVE-2021-3121An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarsha ...check
CVE-2021-3162Docker Desktop Community before on macOS mishandles certificat ...check

Search for package or bug name: Reporting problems