Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2020-18305Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered t ...check
CVE-2020-26312Dotmesh is a git-like command-line interface for capturing, organizing ...check
CVE-2021-22280Improper DLL loading algorithms in B&R Automation Studio may allow an ...check
CVE-2021-22508A potential vulnerability has been identified for OpenText Operations ...check
CVE-2021-33141Improper input validation in some Intel(R) Ethernet Adapters and Intel ...check
CVE-2021-33142Improper input validation in some Intel(R) Ethernet Adapters and Intel ...check
CVE-2021-33145Uncaught exception in some Intel(R) Ethernet Adapters and Intel(R) Eth ...check
CVE-2021-33146Improper input validation in some Intel(R) Ethernet Adapters and Intel ...check
CVE-2021-33157Insufficient control flow management in some Intel(R) Ethernet Adapter ...check
CVE-2021-33158Improper neutralization in some Intel(R) Ethernet Adapters and Intel(R ...check
CVE-2021-33161Improper input validation in some Intel(R) Ethernet Adapters and Intel ...check
CVE-2021-33162Improper access control in some Intel(R) Ethernet Adapters and Intel(R ...check
CVE-2022-4967strongSwan versions 5.9.2 through 5.9.5 are affected by authorization ...check
CVE-2022-23538github.com/sylabs/scs-library-client is the Go client for the Singular ...check details, might as well affect golang-github-apptainer-container-library-client
CVE-2022-28132The T-Soft E-Commerce 4 web application is susceptible to SQL injectio ...check
CVE-2022-37341Improper access control in some Intel(R) Ethernet Adapters and Intel(R ...check
CVE-2022-37410Improper access control for some Intel(R) Thunderbolt driver software ...check
CVE-2022-44581Insecure Storage of Sensitive Information vulnerability in WPMU DEV De ...check
CVE-2022-45070Missing Authorization vulnerability in FmeAddons Conditional Checkout ...check
CVE-2022-45368Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2022-45374Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-5597A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboar ...check
CVE-2023-6725An access-control flaw was found in the OpenStack Designate component ...check, details unclear
CVE-2023-22656Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL soft ...check
CVE-2023-22662Improper input validation of EpsdSrMgmtConfig in UEFI firmware for som ...check
CVE-2023-23645Improper Control of Generation of Code ('Code Injection') vulnerabilit ...check
CVE-2023-23700Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-23872Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-23888Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-23988Missing Authorization vulnerability in Joseph C Dolson My Tickets.This ...check
CVE-2023-23990Improper Privilege Management vulnerability in Qube One Ltd. Redirecti ...check
CVE-2023-24203Cross Site Scripting vulnerability in SourceCodester Simple Customer R ...check
CVE-2023-24204SQL injection vulnerability in SourceCodester Simple Customer Relation ...check
CVE-2023-24379Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-24460Incorrect default permissions in some Intel(R) GPA software installers ...check
CVE-2023-25050Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-25444Unrestricted Upload of File with Dangerous Type vulnerability in JS He ...check
CVE-2023-25701Improper Privilege Management vulnerability in WhatArmy WatchTowerHQ a ...check
CVE-2023-26009Improper Privilege Management vulnerability in favethemes Houzez Login ...check
CVE-2023-26044react/http is an event-driven, streaming HTTP client and server implem ...check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected
CVE-2023-26526Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-26540Improper Privilege Management vulnerability in Favethemes Houzez allow ...check
CVE-2023-26566Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credenti ...check
CVE-2023-27504Improper conditions check in some Intel(R) BIOS Guard firmware may all ...check
CVE-2023-28383Improper conditions check in some Intel(R) BIOS PPAM firmware may allo ...check
CVE-2023-28402Improper input validation in some Intel(R) BIOS Guard firmware may all ...check
CVE-2023-32110Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-32129Missing Authorization vulnerability in Sparkle WP Editorialmag editori ...check
CVE-2023-32244Improper Privilege Management vulnerability in XTemos Woodmart Core al ...check
CVE-2023-32297Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-33310Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-33321Missing Authorization vulnerability in Metagauss EventPrime allows Exp ...check
CVE-2023-33327Improper Privilege Management vulnerability in Teplitsa of social tech ...check
CVE-2023-34186Missing Authorization vulnerability in Imran Sayed Headless CMS.This i ...check
CVE-2023-35192Uncontrolled search path in some Intel(R) GPA Framework software befor ...check
CVE-2023-35841Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Dri ...check
CVE-2023-35881Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-36640A use of externally-controlled format string in Fortinet FortiProxy ve ...check
CVE-2023-37385Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-37389Improper Privilege Management vulnerability in SAASPROJECT Booking Pac ...check
CVE-2023-37866Improper Privilege Management vulnerability in Crocoblock JetFormBuild ...check
CVE-2023-37888Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-37929The buffer overflow vulnerability in the CGI program of the VMG3625-T5 ...check
CVE-2023-37999Improper Privilege Management vulnerability in HasThemes HT Mega allow ...check
CVE-2023-38399Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-38417Improper input validation for some Intel(R) PROSet/Wireless WiFi softw ...check
CVE-2023-38420Improper conditions check in Intel(R) Power Gadget software for macOS ...check
CVE-2023-38581Buffer overflow in Intel(R) Power Gadget software for Windows all vers ...check
CVE-2023-38654Improper input validation for some some Intel(R) PROSet/Wireless WiFi ...check
CVE-2023-39163Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-39433Improper access control for some Intel(R) CST software before version ...check
CVE-2023-39929Uncontrolled search path in some Libva software maintained by Intel(R) ...check
CVE-2023-40070Improper access control in some Intel(R) Power Gadget software for mac ...check
CVE-2023-40071Improper access control in some Intel(R) GPA software installers befor ...check
CVE-2023-40155Uncontrolled search path for some Intel(R) CST software before version ...check
CVE-2023-40297Stakater Forecastle 1.0.139 and before allows %5C../ directory travers ...check
CVE-2023-40536Race condition for some some Intel(R) PROSet/Wireless WiFi software fo ...check
CVE-2023-40720An authorization bypass through user-controlled key vulnerability [CWE ...check
CVE-2023-41082Null pointer dereference for some Intel(R) CST software before version ...check
CVE-2023-41092Unchecked return value in SDM firmware for Intel(R) Stratix 10 and Int ...check
CVE-2023-41234NULL pointer dereference in Intel(R) Power Gadget software for Windows ...check
CVE-2023-41243Improper Privilege Management vulnerability in WPvivid Team WPvivid Ba ...check
CVE-2023-41665Improper Privilege Management vulnerability in GiveWP allows Privilege ...check
CVE-2023-41954Improper Privilege Management vulnerability in ProfilePress Membership ...check
CVE-2023-41955Improper Privilege Management vulnerability in WPDeveloper Essential A ...check
CVE-2023-41956Improper Authentication vulnerability in smp7, wp.Insider Simple Membe ...check
CVE-2023-41957Improper Privilege Management vulnerability in smp7, wp.Insider Simple ...check
CVE-2023-41961Uncontrolled search path in some Intel(R) GPA software before version ...check
CVE-2023-42433Incorrect default permissions in some Endurance Gaming Mode software i ...check
CVE-2023-42668Incorrect default permissions in some onboard video driver software be ...check
CVE-2023-42773Improper neutralization in Intel(R) Power Gadget software for Windows ...check
CVE-2023-43487Improper access control in some Intel(R) CST before version 2.1.10300 ...check
CVE-2023-43629Incorrect default permissions in some Intel(R) GPA software installers ...check
CVE-2023-43745Improper input validation in some Intel(R) CBI software before version ...check
CVE-2023-43748Improper access control in some Intel(R) GPA Framework software instal ...check
CVE-2023-43751Uncontrolled search path in Intel(R) Graphics Command Center Service b ...check
CVE-2023-44247A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 ...check
CVE-2023-44478Cross-Site Request Forgery (CSRF) vulnerability in WP Hive Events Rich ...check
CVE-2023-45217Improper access control in Intel(R) Power Gadget software for Windows ...check
CVE-2023-45221Improper buffer restrictions in Intel(R) Media SDK all versions may al ...check
CVE-2023-45315Improper initialization in some Intel(R) Power Gadget software for Win ...check
CVE-2023-45320Uncontrolled search path element in some Intel(R) VTune(TM) Profiler s ...check
CVE-2023-45583A use of externally-controlled format string in Fortinet FortiProxy ve ...check
CVE-2023-45586An insufficient verification of data authenticity vulnerability [CWE-3 ...check
CVE-2023-45652Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-45736Insecure inherited permissions in Intel(R) Power Gadget software for W ...check
CVE-2023-45743Uncontrolled search path in some Intel(R) DSA software uninstallers be ...check
CVE-2023-45845Improper conditions check for some Intel(R) Wireless Bluetooth(R) prod ...check
CVE-2023-45846Incomplete cleanup in Intel(R) Power Gadget software for macOS all ver ...check
CVE-2023-46145Improper Privilege Management vulnerability in Themify Themify Ultra a ...check
CVE-2023-46197Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-46205Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-46280A vulnerability has been identified in S7-PCT (All versions), Security ...check
CVE-2023-46689Improper neutralization in Intel(R) Power Gadget software for macOS al ...check
CVE-2023-46691Use after free in Intel(R) Power Gadget software for Windows all versi ...check
CVE-2023-46714A stack-based buffer overflow [CWE-121] vulnerability in Fortinet Fort ...check
CVE-2023-46784Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...check
CVE-2023-46870extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAP ...check
CVE-2023-47165Improper conditions check in the Intel(R) Data Center GPU Max Series 1 ...check
CVE-2023-47169Improper buffer restrictions in Intel(R) Media SDK software all versio ...check
CVE-2023-47210Improper input validation for some Intel(R) PROSet/Wireless WiFi softw ...check
CVE-2023-47282Out-of-bounds write in Intel(R) Media SDK all versions and some Intel( ...check
CVE-2023-49316In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ...check if affecting ldap-account-manager or unused path
CVE-2023-49330Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injectio ...check
CVE-2023-49331Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injectio ...check
CVE-2023-49332Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injectio ...check
CVE-2023-49333Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injectio ...check
CVE-2023-49334Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injectio ...check
CVE-2023-49335Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injectio ...check
CVE-2023-50251php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50252php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50262Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ...check sources embedding php-dompdf if affected
CVE-2023-52424The IEEE 802.11 standard sometimes enables an adversary to trick a vic ...check
CVE-2024-0401ASUS routers supporting custom OpenVPN profiles are vulnerable to a co ...check
CVE-2024-0816The buffer overflow vulnerability in the DX3300-T1 firmware version V5 ...check
CVE-2024-1913An attacker who successfully exploited these vulnerabilities could cau ...check
CVE-2024-1914An attacker who successfully exploited these vulnerabilities could cau ...check
CVE-2024-1968In scrapy/scrapy, an issue was identified where the Authorization head ...check
CVE-2024-2189The Social Icons Widget & Block by WPZOOM WordPress plugin before 4.2. ...check
CVE-2024-2835A Stored Cross-Site Scripting (XSS) vulnerability has been identified ...check
CVE-2024-3155The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Block ...check
CVE-2024-3209A vulnerability was found in UPX up to 4.2.2. It has been rated as cri ...check upstream report status, seems not filled as issue
CVE-2024-3482A Stored Cross-Site Scripting (XSS) vulnerability has been identified ...check
CVE-2024-3744A security issue was discovered in azure-file-csi-driver where an acto ...check
CVE-2024-4810In register_device, the return value of ida_simple_get is unchecked, i ...check
CVE-2024-4976Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing obj ...check
CVE-2024-5055Uncontrolled resource consumption vulnerability in XAMPP Windows, vers ...check
CVE-2024-22095Improper input validation in PlatformVariableInitDxe driver in UEFI fi ...check
CVE-2024-22120Zabbix server can perform command execution for configured scripts. Af ...check
CVE-2024-22382Improper input validation in PprRequestLog module in UEFI firmware for ...check
CVE-2024-22420JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-22421JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-23487Improper input validation in UserAuthenticationSmm driver in UEFI firm ...check
CVE-2024-23980Improper buffer restrictions in PlatformPfrDxe driver in UEFI firmware ...check
CVE-2024-24293A Prototype Pollution issue in MiguelCastillo @bit/loader v.10.0.3 all ...check
CVE-2024-24294A Prototype Pollution issue in Blackprint @blackprint/engine v.0.9.0 a ...check
CVE-2024-24856The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee ...check
CVE-2024-24862In function pci1xxxx_spi_probe, there is a potential null pointer that ...check
CVE-2024-24863In malidp_mw_connector_reset, new memory is allocated with kzalloc, bu ...check
CVE-2024-25662Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 ...check
CVE-2024-26256libarchive Remote Code Execution Vulnerabilitycheck
CVE-2024-27312Zoho ManageEngine PAM360 version 6601 is vulnerable to authorization v ...check
CVE-2024-28180Package jose aims to provide an implementation of the Javascript Objec ...check completeness
CVE-2024-28285A Fault Injection vulnerability in the SymmetricDecrypt function in cr ...check details
CVE-2024-28836An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiati ...check, missing details
CVE-2024-29000The SolarWinds Platform was determined to be affected by a reflected c ...check
CVE-2024-29651A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v. ...check
CVE-2024-29895Cacti provides an operational monitoring and fault management framewor ...check, might affect only 1.3.x
CVE-2024-30166In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ...check, missing details
CVE-2024-30268Cacti provides an operational monitoring and fault management framewor ...check, might be only affecting 1.3.y
CVE-2024-31216The source-controller is a Kubernetes operator, specialised in artifac ...check
CVE-2024-31714Buffer Overflow vulnerability in Waxlab wax v.0.9-3 and before allows ...check
CVE-2024-32888The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provi ...check
CVE-2024-33899RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attacke ...check
CVE-2024-33900KeePassXC 2.7.7 allows attackers to recover cleartext credentials.check
CVE-2024-33901Issue in KeePassXC 2.7.7 allows an attacker to recover some passwords ...check
CVE-2024-34058The WebTop package for NethServer 7 and 8 allows stored XSS (for examp ...check
CVE-2024-34083aiosmptd is a reimplementation of the Python stdlib smtpd.py based on ...check
CVE-2024-34273njwt up to v0.4.0 was discovered to contain a prototype pollution in t ...check
CVE-2024-34353The matrix-sdk-crypto crate, part of the Matrix Rust SDK project, is a ...check
CVE-2024-34699GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged ...check
CVE-2024-34701CreateWiki is Miraheze's MediaWiki extension for requesting & creating ...check
CVE-2024-34712Oceanic is a NodeJS library for interfacing with Discord. Prior to ver ...check
CVE-2024-34913An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and b ...check
CVE-2024-35176REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a den ...check
CVE-2024-35183wolfictl is a command line tool for working with Wolfi. A git authenti ...check
CVE-2024-36048QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x b ...check
CVE-2024-36050Nix through 2.22.1 mishandles certain usage of hash caches, which make ...check details and verify if same code (and only then) is present in guix
CVE-2024-36070tine before 2023.11.8, when an LDAP backend is used, allows anonymous ...check

Search for package or bug name: Reporting problems