| Bug | Description | Note |
|---|
| CVE-2013-5958 | The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2. ... | Check if php-symfony-polyfill/1.17.0-1 needs to be tracked |
| CVE-2017-1712 | "A vulnerability in the TLS protocol implementation of the Domino serv ... | check |
| CVE-2018-18653 | The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ... | check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way. |
| CVE-2018-6446 | A vulnerability in Brocade Network Advisor Version Before 14.3.1 could ... | check |
| CVE-2019-0145 | Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Contro ... | check |
| CVE-2019-0146 | Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ... | check |
| CVE-2019-0147 | Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ... | check |
| CVE-2019-0148 | Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ... | check |
| CVE-2019-0149 | Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ... | check |
| CVE-2019-1010091 | tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization ... | check |
| CVE-2019-11938 | Java Facebook Thrift servers would not error upon receiving messages d ... | check |
| CVE-2019-12107 | The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd ... | check, might affect minidlna |
| CVE-2019-12522 | An issue was discovered in Squid through 4.7. When Squid is run as roo ... | check |
| CVE-2019-14493 | An issue was discovered in OpenCV before 4.1.1. There is a NULL pointe ... | check if the old code though is really affected, might been introduced with the refactoring |
| CVE-2019-17178 | HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-0 ... | check |
| CVE-2019-17558 | Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ... | check, whilst the advisory claims 5.0.0 upwards only the SolrParamResourceLoader might be of issue already earlier? |
| CVE-2019-19161 | CyMiInstaller322 ActiveX which runs MIPLATFORM downloads files require ... | check |
| CVE-2019-20787 | Teeworlds before 0.7.4 has an integer overflow when computing a tilema ... | reject with MITRE |
| CVE-2019-3681 | A External Control of File Name or Path vulnerability in osc of SUSE L ... | check |
| CVE-2019-9946 | Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ... | singularity-container seems to embed as well a copy of cni |
| CVE-2020-10688 | | check details, not much information provided by Red Hat. |
| CVE-2020-10719 | A flaw was found in Undertow in versions before 2.1.1.Final, regarding ... | check, no details on Red Hat bugreport |
| CVE-2020-10755 | An insecure-credentials flaw was found in all openstack-cinder version ... | check, affects as well python-os-brick or needs a respective update? |
| CVE-2020-10809 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ... | check details |
| CVE-2020-10810 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ... | check details |
| CVE-2020-10811 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ... | check details |
| CVE-2020-10812 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ... | check details |
| CVE-2020-11558 | An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by ... | check |
| CVE-2020-11724 | An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_sub ... | check details (patch applies to src:ngnix, but check if issue is specific to OpenResty before 1.15.8.4) |
| CVE-2020-11759 | An issue was discovered in OpenEXR before 2.4.1. Because of integer ov ... | check completeness for upstream commits to cover CVE-2020-11759 |
| CVE-2020-12695 | The Open Connectivity Foundation UPnP specification before 2020-04-17 ... | for gupnp, there are partial fixes, check |
| CVE-2020-13817 | ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote att ... | check ntpsec |
| CVE-2020-13844 | Arm Armv8-A core implementations utilizing speculative execution past ... | check further details |
| CVE-2020-13849 | The MQTT protocol 3.1.1 requires a server to set a timeout value of 1. ... | check |
| CVE-2020-13973 | OWASP json-sanitizer before 1.2.1 allows XSS. An attacker who controls ... | check |
| CVE-2020-14152 | In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs. ... | report to libjpeg-turbo upstream |
| CVE-2020-14947 | OCS Inventory NG 2.7 allows Remote Command Execution via shell metacha ... | check |
| CVE-2020-15007 | A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ... | check, the included code in rbdoom3bfg seems actually to be ported |
| CVE-2020-1775 | BCC recipients in mails sent from OTRS are visible in article detail o ... | check |
| CVE-2020-3282 | A vulnerability in the web-based management interface of Cisco Unified ... | check |
| CVE-2020-4035 | In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0. ... | check |
| CVE-2020-4037 | In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users ... | check |
| CVE-2020-4038 | GraphQL Playground (graphql-playground-html NPM package) before versio ... | check |
| CVE-2020-4044 | The xrdp-sesman service before version 0.9.13.1 can be crashed by conn ... | check |
| CVE-2020-4051 | In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 ... | check |
| CVE-2020-4059 | In mversion before 2.0.0, there is a command injection vulnerability. ... | check |
| CVE-2020-4061 | In October from version 1.0.319 and before version 1.0.467, pasting co ... | check |
| CVE-2020-4062 | In Conjur OSS Helm Chart before 2.0.0, a recently identified critical ... | check |
| CVE-2020-4066 | In Limdu before 0.95, the trainBatch function has a command injection ... | check |
| CVE-2020-4070 | In CSS Validator less than or equal to commit 54d68a1, there is a cros ... | check |
| CVE-2020-4071 | In django-basic-auth-ip-whitelist before 0.3.4, a potential timing att ... | check |
| CVE-2020-4072 | In generator-jhipster-kotlin version 1.6.0 log entries are created for ... | check |
| CVE-2020-4074 | In PrestaShop from version 1.5.0.0 and before version 1.7.7.6, the aut ... | check |
| CVE-2020-5238 | The table extension in GitHub Flavored Markdown before version 0.29.0. ... | check |
| CVE-2020-5411 | When configured to enable default typing, Jackson contained a deserial ... | check |
| CVE-2020-5529 | HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. Html ... | check details, might affect jenkins-htmlunit |
| CVE-2020-5899 | In NGINX Controller 3.0.0-3.4.0, recovery code required to change a us ... | check |
| CVE-2020-5900 | In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient ... | check |
| CVE-2020-5901 | In NGINX Controller 3.3.0-3.4.0, undisclosed API endpoints may allow f ... | check |
| CVE-2020-5909 | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the co ... | check |
| CVE-2020-5910 | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic ... | check |
| CVE-2020-5911 | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller ... | check |
| CVE-2020-6752 | In OMERO before 5.6.1, group owners can access members' data in other ... | check |
| CVE-2020-7010 | Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate pas ... | check |
| CVE-2020-7354 | Cross-site Scripting (XSS) vulnerability in the 'host' field of a disc ... | check |
| CVE-2020-7355 | Cross-site Scripting (XSS) vulnerability in the 'notes' field of a dis ... | check |
| CVE-2020-7513 | A CWE-312: Cleartext Storage of Sensitive Information vulnerability ex ... | check |
| CVE-2020-7659 | reel through 0.6.1 allows Request Smuggling attacks due to incorrect C ... | check |
| CVE-2020-7661 | all versions of url-regex are vulnerable to Regular Expression Denial ... | check |
| CVE-2020-7664 | The ExtractTo function doesn't securely escape file paths in zip archi ... | check |
| CVE-2020-7667 | The CPIO extraction functionality doesn't sanitize the paths of the ar ... | check |
| CVE-2020-7668 | The ExtractTo function doesn't securely escape file paths in zip archi ... | check |
| CVE-2020-7670 | agoo through 2.12.3 allows request smuggling attacks where agoo is use ... | check |
| CVE-2020-7671 | goliath through 1.0.6 allows request smuggling attacks where goliath i ... | check |
| CVE-2020-7672 | mosc through 1.0.0 is vulnerable to Arbitrary Code Execution. User inp ... | check |
| CVE-2020-7673 | node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. U ... | check |
| CVE-2020-7919 | Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte ... | check older versions than golang-1.11 |
| CVE-2020-8020 | A Improper Neutralization of Input During Web Page Generation vulnerab ... | check |
| CVE-2020-8021 | a Improper Access Control vulnerability in of Open Build Service allow ... | check |
| CVE-2020-9225 | FusionSphere OpenStack 6.5.1 have an improper permissions management v ... | check |
| CVE-2020-9794 | An out-of-bounds read was addressed with improved bounds checking. Thi ... | Try to get more information, as usual Apple advisories are too unspecific |