Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2016-10502While generating trusted application id, An integer overflow can occur ...check
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...check if patch simplifying patch applied in any suite
CVE-2017-14888In all android releases(Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2017-15835In all android releases(Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2017-18220The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in ...check, needs clarification, the issue is CloseBlob use-after-free
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ...check
CVE-2018-1002101In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, ...check
CVE-2018-11457A vulnerability has been identified in SINUMERIK 828D V4.7 (All ...check
CVE-2018-11458A vulnerability has been identified in SINUMERIK 828D V4.7 (All ...check
CVE-2018-11459A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...check
CVE-2018-11460A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...check
CVE-2018-11461A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...check
CVE-2018-11462A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...check
CVE-2018-11463A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...check
CVE-2018-11464A vulnerability has been identified in SINUMERIK 828D V4.7 (All ...check
CVE-2018-11465A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...check
CVE-2018-11466A vulnerability has been identified in SINUMERIK 808D V4.7 (All ...check
CVE-2018-11905In all android releases(Android for MSM, Firefox OS for MSM, QRD ...check
CVE-2018-12076A vulnerability in the UPC bar code of the Avanti Markets MarketCard ...check
CVE-2018-12466openSUSE openbuildservice before 9.2.4 allowed authenticated users to ...check if introducing commit is right and fix status
CVE-2018-12467Authorized users of the openbuildservice before 2.9.4 could delete ...check if introducing commit is right and fix status
CVE-2018-1279Pivotal RabbitMQ for PCF, all versions, uses a deterministically ...check
CVE-2018-13804A vulnerability has been identified in SIMATIC IT LMS (All versions), ...check
CVE-2018-13811A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) ...check
CVE-2018-13812A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...check
CVE-2018-13813A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...check
CVE-2018-13814A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...check
CVE-2018-13815A vulnerability has been identified in SIMATIC S7-1200 (All versions), ...check
CVE-2018-13816A vulnerability has been identified in TIM 1531 IRC (All version < ...check
CVE-2018-15328On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, ...check
CVE-2018-15518Qt Base: "double free or corruption" in QXmlStreamReadercheck for completeness
CVE-2018-15717Open Dental before version 18.4 stores user passwords as base64 ...check
CVE-2018-15718Open Dental before version 18.4 transmits the entire user database ...check
CVE-2018-15719Open Dental before version 18.4 installs a mysql database and uses the ...check
CVE-2018-15800Cloud Foundry Bits Service, versions prior to 2.18.0, includes an ...check
CVE-2018-16329In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the ...check if though missing null checks are present as well in 6.x series
CVE-2018-16478A Path Traversal in simplehttpserver versions <=0.2.1 allows to list ...check
CVE-2018-16555A vulnerability has been identified in SCALANCE S602 (All versions < ...check
CVE-2018-16556A vulnerability has been identified in SIMATIC S7-400 (incl. F) V6 and ...check
CVE-2018-16557A vulnerability has been identified in SIMATIC S7-400 (incl. F) V6 and ...check
CVE-2018-16856Private keys written to world-readable log filescheck if Debian affected by the problem or Red Hat specific setup
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other ...further check, stb_image.h in older version is embedded in src:catimg
CVE-2018-17157In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer ...check
CVE-2018-17158In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer ...check
CVE-2018-17159In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS ...check
CVE-2018-17160In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, ...check
CVE-2018-17949Cross site scripting vulnerability in iManager prior to 3.1 SP2. ...check
CVE-2018-17950Incorrect enforcement of authorization checks in eDirectory prior to ...check
CVE-2018-17952Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 ...check
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2018-18810The Administrator Service component of TIBCO Software Inc.'s TIBCO ...check
CVE-2018-18922add_user in AbiSoft Ticketly 1.0 allows remote attackers to create ...check
CVE-2018-18923AbiSoft Ticketly 1.0 is affected by multiple SQL Injection ...check
CVE-2018-19118Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote ...check
CVE-2018-19439XSS exists in the Administration Console in Oracle Secure Global ...check
CVE-2018-19756There is a heap-based buffer over-read at stb_image.h (function: ...check
CVE-2018-19757There is a NULL pointer dereference at function ...check
CVE-2018-19758There is a heap-based buffer over-read at wav.c in wav_write_header in ...check
CVE-2018-19759There is a heap-based buffer over-read at stb_image_write.h (function: ...check
CVE-2018-19761There is an illegal address access at fromsixel.c (function: ...check
CVE-2018-19762There is a heap-based buffer overflow at fromsixel.c (function: ...check
CVE-2018-19763There is a heap-based buffer over-read at writer.c (function: ...check
CVE-2018-19865A keystroke logging issue was discovered in Virtual Keyboard in Qt ...check for completeness
CVE-2018-19969phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a ...check, upstream explicitly fixed only the 4.7/4.8 branch but not entirely clear if only introduced in 4.7.0, and older versions are EOLed, and only on best-effort mentioned in affected versions informations.
CVE-2018-19991VeryNginx 0.3.3 allows remote attackers to bypass the Web Application ...check
CVE-2018-20000Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as ...check
CVE-2018-20094An issue was discovered in XXL-CONF 1.6.0. There is a path traversal ...check
CVE-2018-20096There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf ...check
CVE-2018-20097There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups ...check
CVE-2018-20098There is a heap-based buffer over-read in ...check
CVE-2018-20099There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of ...check
CVE-2018-20138PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via ...check
CVE-2018-3847Multiple exploitable buffer overflow vulnerabilities exist in image ...double-check
CVE-2018-3988Signal Messenger for Android 4.24.8 may expose private information ...check
CVE-2018-5496Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are ...check
CVE-2018-8517A denial of service vulnerability exists when .NET Framework ...check
CVE-2018-8540A remote code execution vulnerability exists when the Microsoft .NET ...check
CVE-2018-8650A cross-site-scripting (XSS) vulnerability exists when Microsoft ...check
CVE-2018-9246The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in ...check if set of commits complete
CVE-2018-9538In V4L2SliceVideoDecodeAccelerator::Dequeue of ...check
CVE-2018-9547In unflatten of GraphicBuffer.cpp, there is a possible bad fd close ...check
CVE-2018-9548In multiple functions of ContentProvider.java, there is a possible ...check
CVE-2018-9549In lppTransposer of lpp_tran.cpp there is a possible out of bounds ...check
CVE-2018-9550In CAacDecoder_Init of aacdecoder.cpp, there is a possible out of ...check
CVE-2018-9551In CAacDecoder_Init of aacdecoder.cpp, there is a possible ...check
CVE-2018-9552In ihevcd_sao_shift_ctb of ihevcd_sao.c there is a possible out of ...check
CVE-2018-9553In MasteringMetadata::Parse of mkvparser.cc there is a possible double ...check
CVE-2018-9554In dumpExtractors of IMediaExtractor.cp, there is a possible ...check
CVE-2018-9555In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds ...check
CVE-2018-9556In ParsePayloadHeader of payload_metadata.cc, there is a possible out ...check
CVE-2018-9557In really_install_package of install.cpp, there is a possible free of ...check
CVE-2018-9558In rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc, there is a possible ...check
CVE-2018-9559In persist_set_key and other functions of cryptfs.cpp, there is a ...check
CVE-2018-9560In HID_DevAddRecord of hidd_api.cc, there is a possible out-of-bounds ...check
CVE-2018-9562In bta_ag_do_disc of bta_ag_sdp.cc, there is a possible out-of-bound ...check
CVE-2018-9565In readBytes of xltdecwbxml.c, there is a possible out of bounds read ...check
CVE-2018-9566In process_service_search_rsp of sdp_discovery.c, there is a possible ...check
CVE-2018-9567On Pixel devices there is a bug causing verified boot to show the same ...check

Search for package or bug name: Reporting problems