Bugs with TODO items

Hide "check" TODOs

CVE-2014-7952The backup mechanism in the adb tool in Android might allow attackers ...check
CVE-2017-11750The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and ...check if patch simplifying patch applied in any suite
CVE-2017-16906In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a ...check
CVE-2017-16907In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ...check
CVE-2017-16908In Horde Groupware 5.2.19, there is XSS via the Name field during ...check
CVE-2017-18220The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in ...check, needs clarification, the issue is CloseBlob use-after-free
CVE-2017-18240The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ...check
CVE-2017-8316IntelliJ IDEA XML parser was found vulnerable to XML External Entity ...check
CVE-2018-0765A denial of service vulnerability exists when .NET and .NET Core ...check, can potentially affect mono packages
CVE-2018-1051It was found that the fix for CVE-2016-9606 in versions 3.0.22 and ...check
CVE-2018-10780Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based ...check, there is same function in byteSwap2 in earlier versions than 0.26
CVE-2018-10910ailure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devicescheck, might not be a problem with Gnome <= 3.26, i.e. no-dsa for those suites
CVE-2018-12466openSUSE openbuildservice before 9.2.4 allowed authenticated users to ...check if introducing commit is right and fix status
CVE-2018-12467Authorized users of the openbuildservice before 2.9.4 could delete ...check if introducing commit is right and fix status
CVE-2018-13818Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the ...check, details
CVE-2018-3783A privilege escalation detected in flintcms versions &lt;= 1.1.9 allows ...check
CVE-2018-3784A code injection in cryo 0.0.6 allows an attacker to arbitrarily ...check
CVE-2018-3785A command injection in git-dummy-commit v1.3.0 allows os level ...check
CVE-2018-3847Multiple exploitable buffer overflow vulnerabilities exist in image ...double-check
CVE-2018-5360LibTIFF before 4.0.6 mishandles the reading of TIFF files, as ...claimed to be fixed in latest libtiff, but no idication yet which changes adresses the issue
CVE-2018-6622An issue was discovered that affects all producers of BIOS firmware ...check
CVE-2018-8360An information disclosure vulnerability exists in Microsoft .NET ...check
CVE-2018-8753The IKEv1 implementation in Clavister cOS Core before 11.00.11, ...check
CVE-2018-9246The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in ...check if set of commits complete

Search for package or bug name: Reporting problems