Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2011-1551SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ ...check, /var/log/cobbler is set to cobbler:cobbler and daemon runs as root
CVE-2011-2844Google Chrome before 14.0.835.163 does not properly process MP3 files, ...check ffmpeg, http://src.chromium.org/viewvc/chrome?view=rev&revision=88382
CVE-2011-2896The LZW decompressor in the LWZReadByte function in giftoppm.c in the ...There's more: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2896
CVE-2011-5034Apache Geronimo 2.2.1 and earlier computes hash values for form ...check
CVE-2013-1799Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before ...check if fix applied to Debian in 3.4.2-2 was incomplete
CVE-2013-7440incorrect wildcard matching rulescheck affected versions
CVE-2014-2886GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) ...check
CVE-2014-3514activerecord/lib/active_record/relation/query_methods.rb in Active ...needs to check the others rails versions
CVE-2015-2778Quassel before 0.12-rc1 uses an incorrect data-type size when ...check affected versions
CVE-2015-2779Stack consumption vulnerability in the message splitting functionality ...check affected versions
CVE-2015-2803SQL injection vulnerability in mod1/index.php in the Akronymmanager ...check
CVE-2015-3226XSS Vulnerability in ActiveSupport::JSON.encodecheck if complete
CVE-2015-3227Denial of Servicecheck if complete
CVE-2015-3900RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before ...check
CVE-2015-4344The Services Basic Authentication module 7.x-1.x through 7.x-1.3 for ...check
CVE-2015-4345The RESTWS Basic Auth submodule in the RESTful Web Services module ...check
CVE-2015-4346Cross-site scripting (XSS) vulnerability in the SMS Framework module ...check
CVE-2015-4347Cross-site scripting (XSS) vulnerability in the inLinks Integration ...check
CVE-2015-4348SQL injection vulnerability in the Spider Contacts module for Drupal ...check
CVE-2015-4349Cross-site request forgery (CSRF) vulnerability in the Spider Contacts ...check
CVE-2015-4350Multiple cross-site request forgery (CSRF) vulnerabilities in the ...check
CVE-2015-4351The Spider Video Player module for Drupal allows remote authenticated ...check
CVE-2015-4352Cross-site request forgery (CSRF) vulnerability in the Spider Video ...check
CVE-2015-4353Cross-site request forgery (CSRF) vulnerability in the Custom Sitemap ...check
CVE-2015-4354Cross-site scripting (XSS) vulnerability in the Ubercart Webform ...check
CVE-2015-4355Cross-site request forgery (CSRF) vulnerability in the Watchdog ...check
CVE-2015-4356Cross-site scripting (XSS) vulnerability in the view-based webform ...check
CVE-2015-4357Cross-site scripting (XSS) vulnerability in the Webform module before ...check
CVE-2015-4358Cross-site scripting (XSS) vulnerability in unspecified administration ...check
CVE-2015-4359Multiple cross-site scripting (XSS) vulnerabilities in the ...check
CVE-2015-4360Cross-site request forgery (CSRF) vulnerability in the Registration ...check
CVE-2015-4361Cross-site request forgery (CSRF) vulnerability in the Registration ...check
CVE-2015-4362Cross-site request forgery (CSRF) vulnerability in ...check
CVE-2015-4363Open redirect vulnerability in the finder_form_goto function in the ...check
CVE-2015-4364Multiple cross-site request forgery (CSRF) vulnerabilities in ...check
CVE-2015-4365Cross-site scripting (XSS) vulnerability in the Taxonomy Accordion ...check
CVE-2015-4366Cross-site scripting (XSS) vulnerability in the Mover module 6.x-1.0 ...check
CVE-2015-4367Cross-site scripting (XSS) vulnerability in the Simple Subscription ...check
CVE-2015-4368The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows ...check
CVE-2015-4369Cross-site scripting (XSS) vulnerability in the Trick Question module ...check
CVE-2015-4370Cross-site scripting (XSS) vulnerability in the Site Documentation ...check
CVE-2015-4371Open redirect vulnerability in the Perfecto module before 7.x-1.2 for ...check
CVE-2015-4372Cross-site scripting (XSS) vulnerability in the Image Title module ...check
CVE-2015-4373Cross-site scripting (XSS) vulnerability in the OG tabs module before ...check
CVE-2015-4375The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal ...check
CVE-2015-4376Cross-site scripting (XSS) vulnerability in the Profile2 Privacy ...check
CVE-2015-4377Cross-site scripting (XSS) vulnerability in unspecified administration ...check
CVE-2015-4378Cross-site scripting (XSS) vulnerability in the Crumbs module 7.x-2.x ...check
CVE-2015-4379Cross-site request forgery (CSRF) vulnerability in the Webform ...check
CVE-2015-4380Cross-site scripting (XSS) vulnerability in the Linear Case module ...check
CVE-2015-4381Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x ...check
CVE-2015-4382Multiple cross-site request forgery (CSRF) vulnerabilities in the ...check
CVE-2015-4383Cross-site request forgery (CSRF) vulnerability in the Decisions ...check
CVE-2015-4384Cross-site scripting (XSS) vulnerability in the Ubercart Webform ...check
CVE-2015-4385Cross-site scripting (XSS) vulnerability in unspecified administration ...check
CVE-2015-4386Multiple cross-site scripting (XSS) vulnerabilities in unspecified ...check
CVE-2015-4387Cross-site scripting (XSS) vulnerability in unspecified administration ...check
CVE-2015-4388Cross-site scripting (XSS) vulnerability in the Current Search Links ...check
CVE-2015-4389The Open Graph Importer (og_tag_importer) 7.x-1.x for Drupal does not ...check
CVE-2015-4390Multiple cross-site request forgery (CSRF) vulnerabilities in the User ...check
CVE-2015-4391Cross-site request forgery (CSRF) vulnerability in the CiviCRM private ...check
CVE-2015-4392Cross-site scripting (XSS) vulnerability in the Display Suite module ...check
CVE-2015-4393The resource/endpoint for uploading files in the Services module ...check
CVE-2015-4394The Services module 7.x-3.x before 7.x-3.12 for Drupal allows remote ...check
CVE-2015-4395The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal ...check
CVE-2015-4396Multiple cross-site request forgery (CSRF) vulnerabilities in the ...check
CVE-2015-4397Cross-site request forgery (CSRF) vulnerability in the Node Template ...check
CVE-2015-4398Open redirect vulnerability in the Chaos tool suite (ctools) module ...check
CVE-2015-4590The extractFrom function in Internals/QuotedString.cpp in Arduino JSON ...check
CVE-2015-4606Unrestricted file upload vulnerability in the Job Fair (jobfair) ...check
CVE-2015-4607Unrestricted file upload vulnerability in the Frontend User Upload ...check
CVE-2015-4608Cross-site scripting (XSS) vulnerability in the BE User Log ...check
CVE-2015-4609SQL injection vulnerability in the wt_directory extension before 1.4.2 ...check
CVE-2015-4610SQL injection vulnerability in the Store Locator (locator) extension ...check
CVE-2015-4611SQL injection vulnerability in the Smoelenboek (ncgov_smoelenboek) ...check
CVE-2015-4612SQL injection vulnerability in the "FAQ - Frequently Asked Questions" ...check
CVE-2015-4613SQL injection vulnerability in the backend module in the Developer Log ...check
TEMP-0760455-22ED59install-sh: insecure use of /tmpcheck other automake versions
TEMP-0781640-F16931Signature Bypass in several JSON Web Token Librariescheck (various libraries)

Search for package or bug name: Reporting problems