Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2011-3151The Ubuntu SELinux initscript before version 1:0.10 used touch to crea ...check
CVE-2015-1316Juju Core's Joyent provider before version 1.25.5 uploads the user's p ...check
CVE-2015-1327Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only ...check
CVE-2015-1343All versions of unity-scope-gdrive logs search terms to syslog. ...check
CVE-2015-9287Directory Traversal was discovered in University of Cambridge mod_ucam ...check
CVE-2016-1573Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Da ...check
CVE-2016-1579UDM provides support for running commands after a download is complete ...check
CVE-2016-1584In all versions of Unity8 a running but not active application on a la ...check
CVE-2016-7151Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a re ...check
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 an ...check if patch simplifying patch applied in any suite
CVE-2017-12778The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Aut ...check
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownersh ...check
CVE-2018-12556The signature verification routine in install.sh in yarnpkg/website th ...check
CVE-2018-16716A path traversal vulnerability exists in viewcgi.c in the 2.0.7 throug ...check
CVE-2018-16717A heap-based buffer overflow exists in nph-viewgif.cgi in the 2.0.7 th ...check
CVE-2018-16718An XSS vulnerability exists in wwwblast.c in the 2.0.7 through 2.2.26 ...check
CVE-2018-16838A flaw was found in sssd Group Policy Objects implementation. When the ...check, Bugzilla entry does not provide details
CVE-2018-16873In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...check other versions
CVE-2018-16874In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...check other versions
CVE-2018-16875The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 d ...check other versions
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ...further check, stb_image.h in older version is embedded in src:catimg
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2018-19756There is a heap-based buffer over-read at stb_image.h (function: stbi_ ...check
CVE-2018-20509The print_binder_ref_olocked function in drivers/android/binder.c in t ...check
CVE-2018-20510The print_binder_transaction_ilocked function in drivers/android/binde ...check
CVE-2018-6885An issue was discovered in MicroStrategy Web Services (the Microsoft O ...check
CVE-2018-7577Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Go ...check
CVE-2019-0086Insufficient access control vulnerability in Dynamic Application Loade ...check
CVE-2019-0089Improper data sanitization vulnerability in subsystem in Intel(R) SPS ...check
CVE-2019-0090Insufficient access control vulnerability in subsystem for Intel(R) CS ...check
CVE-2019-0091Code injection vulnerability in installer for Intel(R) CSME before ver ...check
CVE-2019-0092Insufficient input validation vulnerability in subsystem for Intel(R) ...check
CVE-2019-0093Insufficient data sanitization vulnerability in HECI subsystem for Int ...check
CVE-2019-0094Insufficient input validation vulnerability in subsystem for Intel(R) ...check
CVE-2019-0096Out of bound write vulnerability in subsystem for Intel(R) AMT before ...check
CVE-2019-0097Insufficient input validation vulnerability in subsystem for Intel(R) ...check
CVE-2019-0098Logic bug vulnerability in subsystem for Intel(R) CSME before version ...check
CVE-2019-0099Insufficient access control vulnerability in subsystem in Intel(R) SPS ...check
CVE-2019-0113Insufficient bounds checking in Intel(R) Graphics Drivers before versi ...check
CVE-2019-0114A race condition in Intel(R) Graphics Drivers before version 10.18.14. ...check
CVE-2019-0115Insufficient input validation in KMD module for Intel(R) Graphics Driv ...check
CVE-2019-0116An out of bound read in KMD module for Intel(R) Graphics Driver before ...check
CVE-2019-0119Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) ...check
CVE-2019-0120Insufficient key protection vulnerability in silicon reference firmwar ...check
CVE-2019-0126Insufficient access control in silicon reference firmware for Intel(R) ...check
CVE-2019-0199The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5. ...check if other versions might be affected.
CVE-2019-0707An elevation of privilege vulnerability exists in the Network Driver I ...check
CVE-2019-0708A remote code execution vulnerability exists in Remote Desktop Service ...check
CVE-2019-0725A memory corruption vulnerability exists in the Windows Server DHCP se ...check
CVE-2019-0727An elevation of privilege vulnerability exists when the Diagnostics Hu ...check
CVE-2019-0863An elevation of privilege vulnerability exists in the way Windows Erro ...check
CVE-2019-0864A denial of service vulnerability exists when .NET Framework improperl ...check
CVE-2019-0872A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...check
CVE-2019-0886An information disclosure vulnerability exists when Windows Hyper-V on ...check
CVE-2019-0889A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0890A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0891A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0893A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0894A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0895A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0896A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0897A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0898A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0899A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0900A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0901A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0902A remote code execution vulnerability exists when the Windows Jet Data ...check
CVE-2019-0929A remote code execution vulnerability exists when Internet Explorer im ...check
CVE-2019-0930An information disclosure vulnerability exists when Internet Explorer ...check
CVE-2019-0931An elevation of privilege vulnerability exists when the Storage Servic ...check
CVE-2019-0971An information disclosure vulnerability exists when Azure DevOps Serve ...check
CVE-2019-0976A tampering vulnerability exists in the NuGet Package Manager for Linu ...check details
CVE-2019-0979A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...check
CVE-2019-0982A denial of service vulnerability exists when ASP.NET Core improperly ...check
CVE-2019-1008A security feature bypass vulnerability exists in Dynamics On Premise, ...check
CVE-2019-1010258nanosvg library nanosvg after commit c1f6e209c16b18b46aa9f45d7e619acf4 ...check
CVE-2019-10714LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 ...check, potentially only introduced in later versions than present in unstable as LocaleLowercase not present, but check if present before refactoring
CVE-2019-11458An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserial ...check, possibly introduced in later version than present in unstable 2.10.11
CVE-2019-11840An issue was discovered in supplementary Go cryptography libraries, ak ...check
CVE-2019-11879** DISPUTED ** The WEBrick gem 1.4.2 for Ruby allows directory travers ...check
CVE-2019-12107The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd ...check, might affect minidlna
CVE-2019-12185eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/con ...check
CVE-2019-12198In GoHttp through 2017-07-25, there is a stack-based buffer over-read ...check
CVE-2019-2054In the seccomp implementation prior to kernel version 4.8, there is a ...check
CVE-2019-3552C++ Facebook Thrift servers (using cpp2) would not error upon receivin ...check
CVE-2019-3558Python Facebook Thrift servers would not error upon receiving messages ...check
CVE-2019-3559Java Facebook Thrift servers would not error upon receiving messages w ...check
CVE-2019-3564Go Facebook Thrift servers would not error upon receiving messages wit ...check
CVE-2019-3565Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would n ...check
CVE-2019-5437Information exposure through the directory listing in npm's harp modul ...check
CVE-2019-5438Path traversal using symlink in npm harp module versions <= 0.29.0. ...check
CVE-2019-5597In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEAS ...check
CVE-2019-5598In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, ...check
CVE-2019-8338The signature verification routine in the Airmail GPG-PGP Plugin, vers ...check
CVE-2019-8339An issue was discovered in Sysdig through 0.24.2, as used in Falco thr ...check
CVE-2019-9196The Face authentication component in Aware mobile liveness 2.2.1 sdk 2 ...check
CVE-2019-9946Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...singularity-container seems to embed as well a copy of cni

Search for package or bug name: Reporting problems