Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2018-9383In asn1_ber_decoder of asn1_decoder.c, there is a possible out of boun ...check
CVE-2018-9389In ip6_append_data of ip6_output.c, there is a possible way to achieve ...check, potentially src:linux upstream and not Android specific
CVE-2021-37787The unprivileged administrative interface in ABO.CMS version 5.8 throu ...check
CVE-2022-23538github.com/sylabs/scs-library-client is the Go client for the Singular ...check details, might as well affect golang-github-apptainer-container-library-client
CVE-2023-24010An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 ...check
CVE-2023-24011An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 ...check
CVE-2023-24012An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 ...check
CVE-2023-26044react/http is an event-driven, streaming HTTP client and server implem ...check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected
CVE-2023-49316In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ...check if affecting ldap-account-manager or unused path
CVE-2023-50251php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50252php-svg-lib is an SVG file parsing / rendering library. Prior to versi ...check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked
CVE-2023-50262Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ...check sources embedding php-dompdf if affected
CVE-2024-12368Improper access control in the auth_oauth module of Odoo Community 15. ...check, possibly fixed in a version after 15.0
CVE-2024-12546EDK2 contains a vulnerability in BIOS where a user may cause an Intege ...check
CVE-2024-22420JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-22421JupyterLab is an extensible environment for interactive and reproducib ...check completeness, src:jupyter-notebook?
CVE-2024-28180Package jose aims to provide an implementation of the Javascript Objec ...check completeness
CVE-2024-28607The ip-utils package through 2.4.0 for Node.js might allow SSRF becaus ...check
CVE-2024-36259Improper access control in mail module of Odoo Community 17.0 and Odoo ...possibly fixed in 18.0.0
CVE-2024-36353Insufficient clearing of GPU global memory could allow a malicious pro ...check, AMD GPU related, but unclear if src:linux
CVE-2024-51319A local file include vulnerability in the /servlet/Report of Zucchetti ...check
CVE-2024-51320Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 al ...check
CVE-2024-51321In Zucchetti Ad Hoc Infinity 2.4, an improper check on the m_cURL para ...check
CVE-2024-51322Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 al ...check
CVE-2024-54084APTIOV contains a vulnerability in BIOS where an attacker may cause a ...check
CVE-2024-54085AMI\u2019s SPx contains a vulnerability in the BMC where an Attacker m ...check
CVE-2024-57520Insecure Permissions vulnerability in asterisk v22 allows a remote att ...check upstream awareness and position
CVE-2025-1550The Keras Model.load_model function permits arbitrary code execution, ...check
CVE-2025-2192A vulnerability, which was classified as problematic, was found in Sto ...check
CVE-2025-2206A vulnerability classified as problematic has been found in aitangbao ...check
CVE-2025-2207A vulnerability classified as problematic was found in aitangbao sprin ...check
CVE-2025-23090With the aid of the diagnostics_channel utility, an event can be hooke ...check, seems to be duplicate of CVE-2025-23083, verify it with CNA
CVE-2025-25724list_item_verbose in tar/util.c in libarchive through 3.7.7 does not c ...check, might be just crashing CLI and so unimportant, additionally unclear status
CVE-2025-26701An issue was discovered in Percona PMM Server (OVA) before 3.0.0-1.ova ...check
CVE-2025-27363An out of bounds write exists in FreeType versions 2.13.0 and below wh ...check
CVE-2025-27403Ratify is a verification engine as a binary executable and on Kubernet ...check
CVE-2025-27591A privilege escalation vulnerability existed in the Below service prio ...check
CVE-2025-27607Python JSON Logger is a JSON Formatter for Python Logging. Between 30 ...check

Search for package or bug name: Reporting problems