Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2013-3947Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 ...check
CVE-2014-0872The installation process in IBM Security Key Lifecycle Manager 2.5 ...check
CVE-2014-0881The TPM on Integrated Management Module II (IMM2) on IBM Flex System ...check
CVE-2014-0882Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, ...check
CVE-2014-5014The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows ...check
CVE-2014-7952The backup mechanism in the adb tool in Android might allow attackers ...check
CVE-2017-11592There is a Mismatched Memory Management Routines vulnerability in the ...Report against experimental
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...check if patch simplifying patch applied in any suite
CVE-2017-12194A flaw was found in the way spice-client processed certain messages ...check for details
CVE-2017-14858There is a heap-based buffer overflow in the Exiv2::l2Data function of ...report against experimental version
CVE-2017-15400Insufficient restriction of IPP filters in CUPS in Google Chrome OS ...double-check
CVE-2017-16906In Horde Groupware 5.2.19, there is XSS via the URL field in a ...check
CVE-2017-16907In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ...check
CVE-2017-16908In Horde Groupware 5.2.19, there is XSS via the Name field during ...check
CVE-2017-1721IBM Security QRadar SIEM 7.2 and 7.3 could allow an unauthenticated ...check
CVE-2017-1722IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. A ...check
CVE-2017-1723IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to ...check
CVE-2017-1724IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site ...check
CVE-2017-1750IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through ...check
CVE-2017-18220The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in ...check, needs clarification, the issue is CloseBlob use-after-free
CVE-2017-18225The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, ...check
CVE-2017-18226The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of ...check
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ...check
CVE-2017-2903An exploitable integer overflow exists in the DPX loading ...check
CVE-2017-6888An error in the "read_metadata_vorbiscomment_()" function ...check
CVE-2017-7893In SaltStack Salt before 2016.3.6, compromised salt-minions can ...check, pinpoint fixing version, check with maintainers on issue
CVE-2018-10126LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 ...check, possible invalid (for src:tiff) assignment, cf. upstream bug
CVE-2018-1047A flaw was found in Wildfly 9.x. A path traversal vulnerability ...check, issue in undertow or WildFly?
CVE-2018-1051It was found that the fix for CVE-2016-9606 in versions 3.0.22 and ...check
CVE-2018-1067RESERVEDcheck, unclear if issue is in src:untertow or in its use in WildFly (issue is incomplete fix for CVE-2016-4993, which might need an update depending on the result)
CVE-2018-5360LibTIFF before 4.0.6 mishandles the reading of TIFF files, as ...claimed to be fixed in latest libtiff, but no idication yet which changes adresses the issue
CVE-2018-7263The mad_decoder_run() function in decoder.c in Underbit libmad through ...clarify with MITRE why this CVE was additionally assigned

Search for package or bug name: Reporting problems