Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2014-3164cmds/servicemanager/service_manager.c in Android before commit ...check
CVE-2015-1239Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG ...check
CVE-2016-10201Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10202Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10203Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10204SQL injection vulnerability in Zoneminder 1.30 and earlier allows ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10205Session fixation vulnerability in Zoneminder 1.30 and earlier allows ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10206Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-5714Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet ...check
CVE-2017-10293RESERVEDprobably specific to Oracle Java
CVE-2017-11120On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, ...check
CVE-2017-11121On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, ...check
CVE-2017-11122On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can ...check
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...check if patch simplifying patch applied in any suite
CVE-2017-12167RESERVEDcheck, possibly Red Hat specific issue
CVE-2017-13083Akeo Consulting Rufus prior to version 2.17.1187 does not adequately ...check
CVE-2017-14857In Exiv2 0.26, there is an invalid free in the Image class in image.cpp ...check, asked reporter to contact upstream
CVE-2017-14858There is a heap-based buffer overflow in the Exiv2::l2Data function of ...check, asked reporter to contact upstream
CVE-2017-14859An Invalid memory address dereference was discovered in ...check, asked reporter to contact upstream
CVE-2017-14860There is a heap-based buffer over-read in the ...check, asked reporter to contact upstream
CVE-2017-14861There is a stack consumption vulnerability in the ...check, asked reporter to contact upstream
CVE-2017-14862An Invalid memory address dereference was discovered in ...check, asked reporter to contact upstream
CVE-2017-14863A NULL pointer dereference was discovered in ...check, asked reporter to contact upstream
CVE-2017-14864An Invalid memory address dereference was discovered in Exiv2::getULong ...check, asked reporter to contact upstream
CVE-2017-14865There is a heap-based buffer overflow in the Exiv2::us2Data function of ...check, asked reporter to contact upstream
CVE-2017-14866There is a heap-based buffer overflow in the Exiv2::s2Data function of ...check, asked reporter to contact upstream
CVE-2017-15011The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and ...check, can't make much sense of it, probably limited to Win32
CVE-2017-5367Multiple reflected XSS vulnerabilities exist within form and link input ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2017-5368ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified

Search for package or bug name: Reporting problems