Bugs with TODO items

Hide "check" TODOs

BugDescriptionNote
CVE-2015-1007A specially crafted configuration file could be used to cause a stack- ...check
CVE-2015-1012Wireless keys are stored in plain text on version 5 of the Hospira Lif ...check
CVE-2015-3952Wireless keys are stored in plain text on Hospira Plum A+ Infusion Sys ...check
CVE-2015-3953Hard-coded accounts may be used to access Hospira Plum A+ Infusion Sys ...check
CVE-2015-3954Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infus ...check
CVE-2015-3956Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infus ...check
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 an ...check if patch simplifying patch applied in any suite
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownersh ...check
CVE-2018-12466openSUSE openbuildservice before 9.2.4 allowed authenticated users to ...check if introducing commit is right and fix status
CVE-2018-12467Authorized users of the openbuildservice before 2.9.4 could delete pac ...check if introducing commit is right and fix status
CVE-2018-16329In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in th ...check if though missing null checks are present as well in 6.x series
CVE-2018-16838A flaw was found in sssd Group Policy Objects implementation. When the ...check, Bugzilla entry does not provide details
CVE-2018-16873In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...check other versions
CVE-2018-16874In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...check other versions
CVE-2018-16875The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 d ...check other versions
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ...further check, stb_image.h in older version is embedded in src:catimg
CVE-2018-17937gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open ...check if more commits needed
CVE-2018-18653The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Se ...check, this should be very Ubuntu specific, but it is introduced with the out-of-tree patch from the Lockdown patchset https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/cosmic/commit/?id=03c7de9e956395f3b36f86f89b62780ad9501eef and so possibly affect our kernel as well in some way.
CVE-2018-19756There is a heap-based buffer over-read at stb_image.h (function: stbi_ ...check
CVE-2018-19872An issue was discovered in Qt 5.11. A malformed PPM image causes a div ...check if affects qt4-x11 as well
CVE-2018-19969phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a s ...check, upstream explicitly fixed only the 4.7/4.8 branch but not entirely clear if only introduced in 4.7.0, and older versions are EOLed, and only on best-effort mentioned in affected versions informations.
CVE-2019-10018An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...check
CVE-2019-10019An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...check
CVE-2019-10020An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...check
CVE-2019-10021An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...check
CVE-2019-10022An issue was discovered in Xpdf 4.01.01. There is a NULL pointer deref ...check
CVE-2019-10023An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...check
CVE-2019-10024An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...check
CVE-2019-10025An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...check
CVE-2019-10026An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...check
CVE-2019-7613Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient loggin ...check
CVE-2019-9587There is a stack consumption issue in md5Round1() located in Decrypt.c ...check
CVE-2019-9588There is an Invalid memory access in gAtomicIncrement() located at GMu ...check
CVE-2019-9589There is a NULL pointer dereference vulnerability in PSOutputDev::setu ...check
CVE-2019-9631Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBo ...check details
CVE-2019-9877There is an invalid memory access vulnerability in the function TextPa ...check
CVE-2019-9878There is an invalid memory access in the function GfxIndexedColorSpace ...check

Search for package or bug name: Reporting problems