Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
99121d70 by Salvatore Bonaccorso at 2024-02-20T21:50:08+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2024-26270 (The Account Settings page in Liferay Portal 7.4.3.76 through
7.4.3.99, ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-26268 (User enumeration vulnerability in Liferay Portal 7.2.0 through
7.4.3.2 ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-26267 (In Liferay Portal 7.2.0 through 7.4.3.25, and older
unsupported versio ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-26265 (The Image Uploader module in Liferay Portal 7.2.0 through
7.4.3.15, an ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-26135 (MeshCentral is a full computer management web site. Versions
prior to ...)
- TODO: check
+ NOT-FOR-US: MeshCentral
CVE-2024-26132 (Element Android is an Android Matrix Client. A third-party
malicious a ...)
TODO: check
CVE-2024-26131 (Element Android is an Android Matrix Client. Element Android
version 1 ...)
@@ -17,23 +17,23 @@ CVE-2024-25631 (Cilium is a networking, observability, and
security solution wit
CVE-2024-25630 (Cilium is a networking, observability, and security solution
with an e ...)
- cilium <itp> (bug #858303)
CVE-2024-25610 (In Liferay Portal 7.2.0 through 7.4.3.12, and older
unsupported versio ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-25609 (HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through
7.4.3.12, and ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-25608 (HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through
7.4.3.18, and ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-25607 (The default password hashing algorithm (PBKDF2-HMAC-SHA1) in
Liferay P ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-25606 (XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and
older u ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-25605 (The Journal module in Liferay Portal 7.2.0 through 7.4.3.4,
and older ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-25604 (Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported
versions, ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-25366 (Buffer Overflow vulnerability in mz-automation.de libiec61859
v.1.4.0 ...)
TODO: check
CVE-2024-25274 (An arbitrary file upload vulnerability in the component
/sysFile/uploa ...)
- TODO: check
+ NOT-FOR-US: Novel-Plus
CVE-2024-25262 (texlive-bin commit c515e was discovered to contain heap buffer
overflo ...)
TODO: check
CVE-2024-25260 (elfutils v0.189 was discovered to contain a NULL pointer
dereference v ...)
@@ -47,13 +47,13 @@ CVE-2024-25197 (Open Robotics Robotic Operating Sytstem 2
(ROS2) and Nav2 humble
CVE-2024-25196 (Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2
humble versi ...)
TODO: check
CVE-2024-25150 (Information disclosure vulnerability in the Control Panel in
Liferay P ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2024-24794 (A use-after-free vulnerability exists in the DICOM Element
Parsing as ...)
TODO: check
CVE-2024-24793 (A use-after-free vulnerability exists in the DICOM Element
Parsing as ...)
TODO: check
CVE-2024-24763 (JumpServer is an open source bastion host and an operation and
mainten ...)
- TODO: check
+ NOT-FOR-US: JumpServer
CVE-2024-24475 (An issue in Qemu before v.8.2.0 allows a remote attacker to
execute ar ...)
TODO: check
CVE-2024-24474 (Buffer Overflow vulnerability in Qemu before v.8.2.0 allows a
remote a ...)
@@ -69,11 +69,11 @@ CVE-2024-23310 (A use-after-free vulnerability exists in
the sopen_FAMOS_read fu
CVE-2024-23305 (An out-of-bounds write vulnerability exists in the
BrainVisionMarker P ...)
TODO: check
CVE-2024-22824 (An issue in Timo v.2.0.3 allows a remote attacker to execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Timo
CVE-2024-22250 (Session Hijack vulnerability in Deprecated VMware Enhanced
Authenticat ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2024-22245 (Arbitrary Authentication Relay and Session Hijack
vulnerabilities in t ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2024-22097 (A double-free vulnerability exists in the BrainVision Header
Parsing f ...)
TODO: check
CVE-2024-22054 (A malformed discovery packet sent by a malicious actor with
preexistin ...)
@@ -83,21 +83,21 @@ CVE-2024-21812 (An integer overflow vulnerability exists in
the sopen_FAMOS_read
CVE-2024-21795 (A heap-based buffer overflow vulnerability exists in the .egi
parsing ...)
TODO: check
CVE-2024-21726 (Inadequate content filtering leads to XSS vulnerabilities in
various c ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2024-21725 (Inadequate escaping of mail addresses lead to XSS
vulnerabilities in v ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2024-21724 (Inadequate input validation for media selection fields lead to
XSS vul ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2024-21723 (Inadequate parsing of URLs could result into an open redirect.)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2024-21722 (The MFA management features did not properly terminate
existing user s ...)
- TODO: check
+ NOT-FOR-US: Joomla!
CVE-2024-21682 (This High severity Injection vulnerability was introduced in
Assets Di ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2024-21678 (This High severity Stored XSS vulnerability was introduced in
version ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2024-1661 (A vulnerability classified as problematic was found in Totolink
X6000R ...)
- TODO: check
+ NOT-FOR-US: Totolink
CVE-2024-1608 (In OPPO Usercenter Credit SDK, there's a possible escalation of
privil ...)
TODO: check
CVE-2024-1586 (The Schema & Structured Data for WP & AMP plugin for WordPress
is vuln ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99121d704558a0d91586836fcc5c03d2c8cef49e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99121d704558a0d91586836fcc5c03d2c8cef49e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
