Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2014-7952The backup mechanism in the adb tool in Android might allow attackers ...check
CVE-2016-6542The iTrack device tracking ID number, also called "LosserID" in the ...check
CVE-2016-6543A captured MAC/device ID of an iTrack Easy can be registered under ...check
CVE-2016-6544getgps data in iTrack Easy can be modified without authentication by ...check
CVE-2016-6545Session cookies are not used for maintaining valid sessions in iTrack ...check
CVE-2016-6546The iTrack Easy mobile application stores the account password used to ...check
CVE-2016-6547The Zizai Tech Nut mobile app stores the account password used to ...check
CVE-2016-6551Intellian Satellite TV antennas t-Series and v-Series, firmware ...check
CVE-2016-6558A command injection vulnerability exists in apply.cgi on the ASUS ...check
CVE-2016-6559Improper bounds checking of the obuf variable in the link_ntoa() ...check
CVE-2016-6562On iOS and Android devices, the ShoreTel Mobility Client app version ...check
CVE-2016-6563Processing malformed SOAP messages when performing the HNAP Login ...check
CVE-2016-6564Android devices with code from Ragentek contain a privileged binary ...check
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...check if patch simplifying patch applied in any suite
CVE-2017-16906In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a ...check
CVE-2017-16907In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ...check
CVE-2017-16908In Horde Groupware 5.2.19, there is XSS via the Name field during ...check
CVE-2017-18220The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in ...check, needs clarification, the issue is CloseBlob use-after-free
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ...check
CVE-2017-7893In SaltStack Salt before 2016.3.6, compromised salt-minions can ...check, pinpoint fixing version, check with maintainers on issue
CVE-2018-0765A denial of service vulnerability exists when .NET and .NET Core ...check, can potentially affect mono packages
CVE-2018-1051It was found that the fix for CVE-2016-9606 in versions 3.0.22 and ...check
CVE-2018-10767There is a stack-based buffer over-read in calling GLib in the function ...check (in particular if reported upstream)
CVE-2018-10780Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based ...check, there is same function in byteSwap2 in earlier versions than 0.26
CVE-2018-11529VideoLAN VLC media player 2.2.x is prone to a use after free ...check
CVE-2018-13065** DISPUTED ** ModSecurity 3.0.0 has XSS via an onerror attribute of ...check
CVE-2018-13818Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the ...check, details
CVE-2018-13858MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 ...check
CVE-2018-13859MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 ...check
CVE-2018-13860MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 ...check
CVE-2018-13861Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 ...check
CVE-2018-13862Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 ...check
CVE-2018-13864A directory traversal vulnerability has been found in the Assets ...check
CVE-2018-14048An issue has been found in libpng 1.6.34. It is a SEGV in the function ...check
CVE-2018-14324The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP ...check
CVE-2018-14338samples/geotag.cpp in the example code of Exiv2 0.26 misuses the ...check
CVE-2018-1612IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could ...check
CVE-2018-3652Existing UEFI setting restrictions for DCI (Direct Connect Interface) ...check
CVE-2018-5360LibTIFF before 4.0.6 mishandles the reading of TIFF files, as ...claimed to be fixed in latest libtiff, but no idication yet which changes adresses the issue
CVE-2018-6681Abuse of Functionality vulnerability in the web interface in McAfee ...check
CVE-2018-8356A security feature bypass vulnerability exists when Microsoft .NET ...check, could affect mono packages
CVE-2018-9246The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in ...check if set of commits complete

Search for package or bug name: Reporting problems