Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2015-6964MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping atta ...check
CVE-2020-20813Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers t ...check
CVE-2020-26652An issue was discovered in function nl80211_send_chandef in rtl8812au ...check
CVE-2021-38243xunruicms <=4.5.1 is vulnerable to Remote Code Execution.check
CVE-2022-3261A flaw was found in OpenStack. Multiple components show plain-text pas ...check, unclear which OpenStack components affected, from https://bugzilla.redhat.com/show_bug.cgi?id=2128834
CVE-2022-23538github.com/sylabs/scs-library-client is the Go client for the Singular ...check details, might as well affect golang-github-apptainer-container-library-client
CVE-2022-35908Cambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitiz ...check
CVE-2022-47186There is an unrestricted upload of file vulnerability in Generex CS141 ...check
CVE-2022-47187There is a file upload XSS vulnerability in Generex CS141 below 2.06 v ...check
CVE-2022-47561The web application stores credentials in clear text in the "admin.xml ...check
CVE-2022-47562Vulnerability in the RCPbind service running on UDP port (111), allowi ...check
CVE-2022-48570Crypto++ through 8.4 contains a timing side channel in ECDSA signature ...check details on upstream fix (in 8.4?)
CVE-2023-0625Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extens ...check
CVE-2023-0626Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters ...check
CVE-2023-0627Docker Desktop 4.11.x allows --no-windows-containers flag bypass via I ...check
CVE-2023-0633In Docker Desktop on Windows before 4.12.0 an argument injection to in ...check
CVE-2023-0989An information disclosure issue in GitLab CE/EE affecting all versions ...check
CVE-2023-2233An improper authorization issue has been discovered in GitLab CE/EE af ...check
CVE-2023-2315Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authe ...check
CVE-2023-2358Hitachi Vantara Pentaho Business Analytics Server prior to versions 9. ...check
CVE-2023-3024Forcing the Bluetooth LE stack to segment 'prepare write response' pac ...check
CVE-2023-3115An issue has been discovered in GitLab EE affecting all versions affec ...check
CVE-2023-3413An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2023-3906An input validation issue in the asset proxy in GitLab EE, affecting a ...check
CVE-2023-3914A business logic error in GitLab EE affecting all versions prior to 16 ...check
CVE-2023-3917Denial of Service in pipelines affecting all versions of Gitlab EE and ...check
CVE-2023-3920An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2023-3922An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2023-3979An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2023-4316Zod in version 3.22.2 allows an attacker to perform a denial of servic ...check
CVE-2023-4532An issue has been discovered in GitLab affecting all versions starting ...check
CVE-2023-5157A vulnerability was found in MariaDB. An OpenVAS port scan on ports 33 ...check
CVE-2023-5198An issue has been discovered in GitLab affecting all versions prior to ...check
CVE-2023-5256In certain scenarios, Drupal's JSON:API module will output error backt ...check
CVE-2023-5288A remote unauthorized attacker may connect to the SIM1012, interact wi ...check
CVE-2023-20033A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and C ...check
CVE-2023-20034Vulnerability in the Elasticsearch database used in the of Cisco SD-WA ...check
CVE-2023-20109A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) f ...check
CVE-2023-20176A vulnerability in the networking component of Cisco access point (AP) ...check
CVE-2023-20179A vulnerability in the web-based management interface of Cisco Catalys ...check
CVE-2023-20186A vulnerability in the Authentication, Authorization, and Accounting ( ...check
CVE-2023-20187A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) featu ...check
CVE-2023-20202A vulnerability in the Wireless Network Control daemon (wncd) of Cisco ...check
CVE-2023-20223A vulnerability in Cisco DNA Center could allow an unauthenticated, re ...check
CVE-2023-20226A vulnerability in Application Quality of Experience (AppQoE) and Unif ...check
CVE-2023-20227A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Ci ...check
CVE-2023-20231A vulnerability in the web UI of Cisco IOS XE Software could allow an ...check
CVE-2023-20251A vulnerability in the memory buffer of Cisco Wireless LAN Controller ...check
CVE-2023-20252A vulnerability in the Security Assertion Markup Language (SAML) APIs ...check
CVE-2023-20253A vulnerability in the command line interface (cli) management interfa ...check
CVE-2023-20254A vulnerability in the session management system of the Cisco Catalyst ...check
CVE-2023-20262A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager co ...check
CVE-2023-20268A vulnerability in the packet processing functionality of Cisco access ...check
CVE-2023-20594Improper initialization of variables in the DXE driver may allow a pri ...check
CVE-2023-20597Improper initialization of variables in the DXE driver may allow a pri ...check
CVE-2023-22024In the Unbreakable Enterprise Kernel (UEK), the RDS module in UEK has ...check
CVE-2023-22513This High severity RCE (Remote Code Execution) vulnerability was intro ...check
CVE-2023-22644An Innsertion of Sensitive Information into Log File vulnerability in ...check
CVE-2023-23495A permissions issue was addressed with improved redaction of sensitive ...check
CVE-2023-23567A heap-based buffer overflow vulnerability exists in the CreateDIBfrom ...check
CVE-2023-23766An incorrect comparison vulnerability was identified in GitHub Enterpr ...check
CVE-2023-23958Symantec Protection Engine, prior to 9.1.0, may be susceptible to a Ha ...check
CVE-2023-25483Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anki ...check
CVE-2023-26044react/http is an event-driven, streaming HTTP client and server implem ...check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected
CVE-2023-26142All versions of the package crow are vulnerable to HTTP Response Split ...check
CVE-2023-26143Versions of the package blamer before 1.0.4 are vulnerable to Arbitrar ...check
CVE-2023-26145This affects versions of the package pydash before 6.0.0. A number of ...check
CVE-2023-26146All versions of the package ithewei/libhv are vulnerable to Cross-site ...check
CVE-2023-26147All versions of the package ithewei/libhv are vulnerable to HTTP Respo ...check
CVE-2023-26148All versions of the package ithewei/libhv are vulnerable to CRLF Injec ...check
CVE-2023-26149Versions of the package quill-mention before 4.0.0 are vulnerable to C ...check
CVE-2023-26218The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contain ...check
CVE-2023-27616Unauth. Stored Cross-Site Scripting (XSS) vulnerability in David F. Ca ...check
CVE-2023-27617Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Davi ...check
CVE-2023-27622Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abel ...check
CVE-2023-27628Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...check
CVE-2023-28055Dell NetWorker, Version 19.7 has an improper authorization vulnerabili ...check
CVE-2023-28393A stack-based buffer overflow vulnerability exists in the tif_processi ...check
CVE-2023-28490Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Estatik ...check
CVE-2023-28790Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Bre ...check
CVE-2023-29497A privacy issue was addressed with improved handling of temporary file ...check
CVE-2023-30415Sourcecodester Packers and Movers Management System v1.0 was discovere ...check
CVE-2023-30471Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cornel R ...check
CVE-2023-30472Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in MyThemeS ...check
CVE-2023-30493Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themefic ...check
CVE-2023-30591Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attacker ...check
CVE-2023-30959In Apollo change requests, comments added by users could contain a ja ...check
CVE-2023-30961Palantir Gotham was found to be vulnerable to a bug where under certai ...check
CVE-2023-32182A Improper Link Resolution Before File Access ('Link Following') vulne ...check
CVE-2023-32361The issue was addressed with improved handling of caches. This issue i ...check
CVE-2023-32377A buffer overflow issue was addressed with improved memory handling. T ...check
CVE-2023-32396This issue was addressed with improved checks. This issue is fixed in ...check
CVE-2023-32421A privacy issue was addressed with improved handling of temporary file ...check
CVE-2023-33972Scylladb is a NoSQL data store using the seastar framework, compatible ...check
CVE-2023-34047A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 a ...check
CVE-2023-35071Improper Neutralization of Special Elements used in an SQL Command ('S ...check
CVE-2023-35793An issue was discovered in Cassia Access Controller 2.1.1.2303271039. ...check
CVE-2023-35984The issue was addressed with improved checks. This issue is fixed in t ...check
CVE-2023-35990The issue was addressed with improved checks. This issue is fixed in i ...check
CVE-2023-36109Buffer Overflow vulnerability in JerryScript version 3.0, allows remot ...check
CVE-2023-36250CSV Injection vulnerability in GNOME time tracker version 3.0.2, allow ...check
CVE-2023-37448A lock screen issue was addressed with improved state management. This ...check
CVE-2023-37543Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for ...check details once GHSA-4x82-8w8m-w8hj accessible, 1.2.6 does not seem correct, reporter claims 1.2.25 wich is not released
CVE-2023-38586An access issue was addressed with additional sandbox restrictions. Th ...check
CVE-2023-38596The issue was addressed with improved handling of protocols. This issu ...check
CVE-2023-38615The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-38870A SQL injection vulnerability exists in gugoan Economizzer commit 3730 ...check
CVE-2023-38871The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer ...check
CVE-2023-38872An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Eco ...check
CVE-2023-38873The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer ...check
CVE-2023-38874A remote code execution (RCE) vulnerability via an insecure file uploa ...check
CVE-2023-38877A host header injection vulnerability exists in gugoan's Economizzer v ...check
CVE-2023-39233The issue was addressed with improved checks. This issue is fixed in m ...check
CVE-2023-39308Unauth. Stored Cross-Site Scripting (XSS) vulnerability in UserFeedbac ...check
CVE-2023-39410When deserializing untrusted or corrupted data, it is possible for a r ...check
CVE-2023-39575A reflected cross-site scripting (XSS) vulnerability in the url_str UR ...check
CVE-2023-40030Cargo downloads a Rust project\u2019s dependencies and compiles the pr ...check
CVE-2023-40330Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Milan Pe ...check
CVE-2023-40384A permissions issue was addressed with improved redaction of sensitive ...check
CVE-2023-40386A privacy issue was addressed with improved handling of temporary file ...check
CVE-2023-40388A privacy issue was addressed with improved handling of temporary file ...check
CVE-2023-40391The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-40395The issue was addressed with improved handling of caches. This issue i ...check
CVE-2023-40399The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-40400This issue was addressed with improved checks. This issue is fixed in ...check
CVE-2023-40402A permissions issue was addressed with additional restrictions. This i ...check
CVE-2023-40403The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-40406The issue was addressed with improved checks. This issue is fixed in m ...check
CVE-2023-40407The issue was addressed with improved bounds checks. This issue is fix ...check
CVE-2023-40409The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-40410An out-of-bounds read was addressed with improved input validation. Th ...check
CVE-2023-40412The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-40417A window management issue was addressed with improved state management ...check
CVE-2023-40418An authentication issue was addressed with improved state management. ...check
CVE-2023-40419The issue was addressed with improved checks. This issue is fixed in t ...check
CVE-2023-40420The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-40422The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-40424The issue was addressed with improved checks. This issue is fixed in i ...check
CVE-2023-40426A permissions issue was addressed with additional restrictions. This i ...check
CVE-2023-40427The issue was addressed with improved handling of caches. This issue i ...check
CVE-2023-40428The issue was addressed with improved handling of caches. This issue i ...check
CVE-2023-40429A permissions issue was addressed with improved validation. This issue ...check
CVE-2023-40431The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-40432The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-40434A configuration issue was addressed with additional restrictions. This ...check
CVE-2023-40435This issue was addressed by enabling hardened runtime. This issue is f ...check
CVE-2023-40436The issue was addressed with improved bounds checks. This issue is fix ...check
CVE-2023-40441A resource exhaustion issue was addressed with improved input validati ...check
CVE-2023-40443The issue was addressed with improved checks. This issue is fixed in i ...check
CVE-2023-40448The issue was addressed with improved handling of protocols. This issu ...check
CVE-2023-40450The issue was addressed with improved checks. This issue is fixed in m ...check
CVE-2023-40452The issue was addressed with improved bounds checks. This issue is fix ...check
CVE-2023-40454A permissions issue was addressed with additional restrictions. This i ...check
CVE-2023-40455A permissions issue was addressed with additional restrictions. This i ...check
CVE-2023-40456The issue was addressed with improved checks. This issue is fixed in t ...check
CVE-2023-40520The issue was addressed with improved checks. This issue is fixed in t ...check
CVE-2023-40541This issue was addressed by adding an additional prompt for user conse ...check
CVE-2023-40604Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jes ...check
CVE-2023-40605Auth. (contributor) Cross-Site Scripting (XSS) vulnerability in 93digi ...check
CVE-2023-40663Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rextheme ...check
CVE-2023-40664Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao D ...check
CVE-2023-40665Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pdfc ...check
CVE-2023-40667Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lasso Si ...check
CVE-2023-40668Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pdfc ...check
CVE-2023-40669Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...check
CVE-2023-40675Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plug ...check
CVE-2023-40676Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jaso ...check
CVE-2023-40677Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi ...check
CVE-2023-41063The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-41065A privacy issue was addressed with improved private data redaction for ...check
CVE-2023-41066An authentication issue was addressed with improved state management. ...check
CVE-2023-41067A logic issue was addressed with improved checks. This issue is fixed ...check
CVE-2023-41068An access issue was addressed with improved access restrictions. This ...check
CVE-2023-41070A logic issue was addressed with improved checks. This issue is fixed ...check
CVE-2023-41071A use-after-free issue was addressed with improved memory management. ...check
CVE-2023-41073An authorization issue was addressed with improved state management. T ...check
CVE-2023-41078An authorization issue was addressed with improved state management. T ...check
CVE-2023-41079The issue was addressed with improved permissions logic. This issue is ...check
CVE-2023-41174The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-41232An out-of-bounds read was addressed with improved bounds checking. Thi ...check
CVE-2023-41331SOFARPC is a Java RPC framework. Versions prior to 5.11.0 are vulnerab ...check
CVE-2023-41419An issue in Gevent Gevent before version 23.9.1 allows a remote attack ...check
CVE-2023-41444An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attac ...check
CVE-2023-41484An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to obtain s ...check
CVE-2023-41915OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to ...to be checked if affects the embedded copy for openmpi
CVE-2023-41968This issue was addressed with improved validation of symlinks. This is ...check
CVE-2023-41979A race condition was addressed with improved locking. This issue is fi ...check
CVE-2023-41980A permissions issue was addressed with additional restrictions. This i ...check
CVE-2023-41981The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-41984The issue was addressed with improved memory handling. This issue is f ...check
CVE-2023-41986The issue was addressed with improved checks. This issue is fixed in i ...check
CVE-2023-41991A certificate validation issue was addressed. This issue is fixed in m ...check
CVE-2023-41992The issue was addressed with improved checks. This issue is fixed in m ...check
CVE-2023-41995A use-after-free issue was addressed with improved memory management. ...check
CVE-2023-41996The issue was addressed with improved checks. This issue is fixed in m ...check
CVE-2023-42118Exim libspf2 Integer Underflow Remote Code Execution Vulnerabilitycheck if should be in src:libspf2 or in exim4's usage
CVE-2023-42280mee-admin 1.5 is vulnerable to Directory Traversal. The download metho ...check
CVE-2023-42456Sudo-rs, a memory safe implementation of sudo and su, allows users to ...check
CVE-2023-42487Soundminer \u2013 CWE-22: Improper Limitation of a Pathname to a Restr ...check
CVE-2023-42806Hydra is the layer-two scalability solution for Cardano. Prior to vers ...check
CVE-2023-42810systeminformation is a System Information Library for Node.JS. Version ...check
CVE-2023-42811aes-gcm is a pure Rust implementation of the AES-GCM. Starting in vers ...check
CVE-2023-43226An arbitrary file upload vulnerability in dede/baidunews.php in DedeCM ...check
CVE-2023-43630PCR14 is not in the list of PCRs that seal/unseal the \u201cvault\u201 ...check
CVE-2023-43631On boot, the Pillar eve container checks for the existence and content ...check
CVE-2023-43632As noted in the \u201cVTPM.md\u201d file in the eve documentation, \u2 ...check
CVE-2023-43633On boot, the Pillar eve container checks for the existence and content ...check
CVE-2023-43634When sealing/unsealing the \u201cvault\u201d key, a list of PCRs is us ...check
CVE-2023-43637Due to the implementation of "deriveVaultKey", prior to version 7.10, ...check
CVE-2023-43642snappy-java is a Java port of the snappy, a fast C++ compresser/decomp ...check
CVE-2023-43654TorchServe is a tool for serving and scaling PyTorch models in product ...check
CVE-2023-43655Composer is a dependency manager for PHP. Users publishing a composer. ...check
CVE-2023-43656matrix-hookshot is a Matrix bot for connecting to external services li ...check
CVE-2023-43739The 'bookisbn' parameter of the cart.php resource does not validate t ...check
CVE-2023-43740Online Book Store Project v1.0 is vulnerable to an Insecure File Uploa ...check
CVE-2023-44163The 'search' parameter of the process_search.php resource does not va ...check
CVE-2023-44164The 'Email' parameter of the process_login.php resource does not vali ...check
CVE-2023-44165The 'Password' parameter of the process_login.php resource does not v ...check
CVE-2023-44166The 'age' parameter of the process_registration.php resource does not ...check
CVE-2023-44167The 'name' parameter of the process_registration.php resource does no ...check
CVE-2023-44168The 'phone' parameter of the process_registration.php resource does n ...check
CVE-2023-44216PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU de ...check
CVE-2023-44273Consensys gnark-crypto through 0.11.2 allows Signature Malleability. T ...check

Search for package or bug name: Reporting problems