| Bug | Description | Note |
|---|
| CVE-2020-0478 | In extend_frame_lowbd of restoration.c, there is a possible out of bou ... | check if ebba9c769be2c99d5396d0018901e9a4af5e2d2c is the needed commit |
| CVE-2020-12083 | An elevated privileges issue related to Spring MVC calls impacts Code ... | check |
| CVE-2020-19716 | A buffer overflow vulnerability in the Databuf function in types.cpp o ... | check, unclear if fixed or not, upstream cannot reproduce as well in 0.27.1 as reported |
| CVE-2020-23914 | An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ... | retroarch and salmon embed peglib, check if it's actually a security issue |
| CVE-2020-23915 | An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ... | retroarch and salmon embed peglib, check if it's actually a security issue |
| CVE-2020-25467 | A null pointer dereference was discovered lzo_decompress_buf in stream ... | check fixing commit |
| CVE-2020-25646 | A flaw was found in Ansible Collection community.crypto. openssl_priva ... | check |
| CVE-2021-3681 | RESERVED | check, needs verifying the affected ansible/ansible-base components |
| CVE-2021-3773 | RESERVED | fill in tracking details |
| CVE-2021-21897 | A code execution vulnerability exists in the DL_Dxf::handleLWPolylineD ... | check, horizon-eda, cloudcompare, kicad embedds it, but needs to check if actually used and issue affects those |
| CVE-2021-22931 | Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Co ... | check, nodejs uses system c-ares which fixed CVE-2021-3672 and so this entry might be not-affected |
| CVE-2021-23442 | This affects all versions of package @cookiex/deep. The global proto o ... | check |
| CVE-2021-26314 | Potential floating point value injection in all supported CPU products ... | check |
| CVE-2021-32686 | PJSIP is a free and open source multimedia communication library writt ... | check, might affect in impact src:ring |
| CVE-2021-33194 | golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows atta ... | check completeness |
| CVE-2021-33928 | Buffer overflow vulnerability in function pool_installable in src/repo ... | check, completeness |
| CVE-2021-33929 | Buffer overflow vulnerability in function pool_disabled_solvable in sr ... | check, completeness |
| CVE-2021-33930 | Buffer overflow vulnerability in function pool_installable_whatprovide ... | check, completeness |
| CVE-2021-33938 | Buffer overflow vulnerability in function prune_to_recommended in src/ ... | check, completeness |
| CVE-2021-37218 | HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server ... | check |
| CVE-2021-39216 | Wasmtime is an open source runtime for WebAssembly & WASI. In Wasm ... | check |
| CVE-2021-39218 | Wasmtime is an open source runtime for WebAssembly & WASI. In Wasm ... | check |
| CVE-2021-39219 | Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtim ... | check |
| CVE-2021-39227 | ZRender is a lightweight graphic library providing 2d draw for Apache ... | check |
| CVE-2021-39228 | Tremor is an event processing system for unstructured data. A vulnerab ... | check |
| CVE-2021-41303 | Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a ... | check |
| CVE-2021-41380 | RealVNC Viewer 6.21.406 allows remote VNC servers to cause a denial of ... | check |
| CVE-2021-41392 | static/main-preload.js in Boost Note through 0.22.0 allows remote comm ... | check |
| TEMP-0000000-DD73A0 | Unexpected database bindings via requests (follow-up) | check php-illuminate-database and CVE assignment |