Bugs with TODO items

Show "check" TODOs

BugDescriptionNote
CVE-2016-10201Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10202Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10203Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10204SQL injection vulnerability in Zoneminder 1.30 and earlier allows ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10205Session fixation vulnerability in Zoneminder 1.30 and earlier allows ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2016-10206Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2017-10293Vulnerability in the Java SE component of Oracle Java SE ...probably specific to Oracle Java
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...check if patch simplifying patch applied in any suite
CVE-2017-12167RESERVEDcheck, possibly Red Hat specific issue
CVE-2017-14857In Exiv2 0.26, there is an invalid free in the Image class in image.cpp ...check, asked reporter to contact upstream
CVE-2017-14858There is a heap-based buffer overflow in the Exiv2::l2Data function of ...check, asked reporter to contact upstream
CVE-2017-14859An Invalid memory address dereference was discovered in ...check, asked reporter to contact upstream
CVE-2017-14860There is a heap-based buffer over-read in the ...check, asked reporter to contact upstream
CVE-2017-14861There is a stack consumption vulnerability in the ...check, asked reporter to contact upstream
CVE-2017-14862An Invalid memory address dereference was discovered in ...check, asked reporter to contact upstream
CVE-2017-14863A NULL pointer dereference was discovered in ...check, asked reporter to contact upstream
CVE-2017-14864An Invalid memory address dereference was discovered in Exiv2::getULong ...check, asked reporter to contact upstream
CVE-2017-14865There is a heap-based buffer overflow in the Exiv2::us2Data function of ...check, asked reporter to contact upstream
CVE-2017-14866There is a heap-based buffer overflow in the Exiv2::s2Data function of ...check, asked reporter to contact upstream
CVE-2017-15011The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and ...check, can't make much sense of it, probably limited to Win32
CVE-2017-5367Multiple reflected XSS vulnerabilities exist within form and link input ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified
CVE-2017-5368ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, ...check, claimed to be fixed in 1.30.4+dfsg-1 but not yet verified

Search for package or bug name: Reporting problems