Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2012-0945whoopsie-daisy before 0.1.26: Root user can remove arbitrary files ...check
CVE-2012-4919Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerabilit ...check
CVE-2014-2680The update process in Xmind 3.4.1 and earlier allow remote attackers t ...check
CVE-2014-5081sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus pri ...check
CVE-2014-5209An Information Disclosure vulnerability exists in NTP 4.2.7p25 private ...check
CVE-2015-2784The papercrop gem before 0.3.0 for Ruby on Rails does not properly han ...check
CVE-2015-5071AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 ...check
CVE-2015-5072The BIRT Engine servlet in the AR System Mid Tier component before 9.0 ...check
CVE-2015-5952Directory traversal vulnerability in Thomson Reuters for FATCA before ...check
CVE-2015-8549XML external entity (XXE) vulnerability in PyAMF before 0.8.0 allows r ...check
CVE-2016-4761WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow rem ...check
CVE-2018-1002104Versions < 1.5 of the Kubernetes ingress default backend, which han ...check
CVE-2018-16262The pkgmgr system service in Tizen allows an unprivileged process to p ...check
CVE-2018-16263The PulseAudio system service in Tizen allows an unprivileged process ...check
CVE-2018-16264The BlueZ system service in Tizen allows an unprivileged process to pa ...check
CVE-2018-16265The bt/bt_core system service in Tizen allows an unprivileged process ...check
CVE-2018-16266The Enlightenment system service in Tizen allows an unprivileged proce ...check
CVE-2018-16267The system-popup system service in Tizen allows an unprivileged proces ...check
CVE-2018-16268The SoundServer/FocusServer system services in Tizen allow an unprivil ...check
CVE-2018-16269The wnoti system service in Samsung Galaxy Gear series allows an unpri ...check
CVE-2018-16270Samsung Galaxy Gear series before build RE2 includes the hcidump utili ...check
CVE-2018-16271The wemail_consumer_service (from the built-in application wemail) in ...check
CVE-2018-16272The wpa_supplicant system service in Samsung Galaxy Gear series allows ...check
CVE-2018-17981Lifesize Express ls ex2_4.7.10 2000 (14) devices allow XSS via the int ...check
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2019-0145Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Contro ...check
CVE-2019-0146Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ...check
CVE-2019-0147Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ...check
CVE-2019-0148Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ...check
CVE-2019-0149Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ...check
CVE-2019-1010091tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization ...check
CVE-2019-10780BibTeX-ruby before 5.1.0 allows shell command injection due to unsanit ...check
CVE-2019-10781In schema-inspector before 1.6.9, a maliciously crafted JavaScript obj ...check
CVE-2019-11157Improper conditions check in voltage settings for some Intel(R) Proces ...check
CVE-2019-12107The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd ...check, might affect minidlna
CVE-2019-14493An issue was discovered in OpenCV before 4.1.1. There is a NULL pointe ...check if the old code though is really affected, might been introduced with the refactoring
CVE-2019-14596Improper access control in the installer for Intel(R) Chipset Device S ...check
CVE-2019-14600Uncontrolled search path element in the installer for Intel(R) SNMP Su ...check
CVE-2019-14601Improper permissions in the installer for Intel(R) RWC 3 for Windows b ...check
CVE-2019-14613Improper access control in driver for Intel(R) VTune(TM) Amplifier for ...check
CVE-2019-14629Improper permissions in Intel(R) DAAL before version 2020 Gold may all ...check
CVE-2019-15486django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_ ...check, might actually only have been introduced in upstream v0.9.0 with commits around 9850b675e3d988341c05302df236a560f7985184
CVE-2019-16791In postfix-mta-sts-resolver before 0.5.1, All users can receive incorr ...check
CVE-2019-17125A Reflected Client Side Template Injection (CSTI) with Angular was dis ...check
CVE-2019-17127A Stored Client Side Template Injection (CSTI) with Angular was discov ...check
CVE-2019-17178HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-0 ...check
CVE-2019-17558Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ...check, whilst the advisory claims 5.0.0 upwards only the SolrParamResourceLoader might be of issue already earlier?
CVE-2019-20327Insecure permissions in cwrapper_perl in Centreon Infrastructure Monit ...check
CVE-2019-3682The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7 ...check
CVE-2019-3683The keystone-json-assignment package in SUSE Openstack Cloud 8 before ...check
CVE-2019-3686openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vuln ...check
CVE-2019-5061An exploitable denial-of-service vulnerability exists in the hostapd 2 ...check
CVE-2019-5062An exploitable denial-of-service vulnerability exists in the 802.11w s ...check
CVE-2019-9946Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...singularity-container seems to embed as well a copy of cni
CVE-2020-1929The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an ...check
CVE-2020-2585Vulnerability in the Java SE product of Oracle Java SE (component: Jav ...check
CVE-2020-5397Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF ...check
CVE-2020-5398In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x pri ...check
CVE-2020-6638Grin through 2.1.1 has Insufficient Validation. ...check
CVE-2020-6838In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems ...check
CVE-2020-6839In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_ ...check
CVE-2020-6840In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mru ...check
CVE-2020-7039tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, misman ...Futher check for src:slirp

Search for package or bug name: Reporting problems