Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3cc6066e by Salvatore Bonaccorso at 2024-03-15T21:35:37+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,17 +1,17 @@ CVE-2024-2537 (Improper Control of Dynamically-Managed Code Resources vulnerability i ...) - TODO: check + NOT-FOR-US: Logitech Logi Tune CVE-2024-2497 (A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified ...) - TODO: check + NOT-FOR-US: RaspAP raspap-webgui CVE-2024-2495 (Cryptographic key vulnerability encoded in the FriendlyWrt firmware af ...) - TODO: check + NOT-FOR-US: riendlyWrt firmware CVE-2024-2490 (A vulnerability classified as critical was found in Tenda AC18 15.03.0 ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-2489 (A vulnerability classified as critical has been found in Tenda AC18 15 ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-2488 (A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-2487 (A vulnerability was found in Tenda AC18 15.03.05.05. It has been decla ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-2450 (Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x bef ...) TODO: check CVE-2024-2446 (Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x bef ...) @@ -23,77 +23,77 @@ CVE-2024-28854 (tls-listener is a rust lang wrapper around a connection listener CVE-2024-28851 (The Snowflake Hive metastore connector provides an easy way to query H ...) TODO: check CVE-2024-28848 (OpenMetadata is a unified platform for discovery, observability, and g ...) - TODO: check + NOT-FOR-US: OpenMetadata CVE-2024-28847 (OpenMetadata is a unified platform for discovery, observability, and g ...) - TODO: check + NOT-FOR-US: OpenMetadata CVE-2024-28404 (TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-s ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-28403 (TOTOLINK X2000R before V1.0.0-B20231213.1013 is vulnerable to Cross Si ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-28401 (TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-si ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-28319 (gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out ...) TODO: check CVE-2024-28318 (gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain a out ...) TODO: check CVE-2024-28255 (OpenMetadata is a unified platform for discovery, observability, and g ...) - TODO: check + NOT-FOR-US: OpenMetadata CVE-2024-28254 (OpenMetadata is a unified platform for discovery, observability, and g ...) - TODO: check + NOT-FOR-US: OpenMetadata CVE-2024-28253 (OpenMetadata is a unified platform for discovery, observability, and g ...) - TODO: check + NOT-FOR-US: OpenMetadata CVE-2024-28252 (CoreWCF is a port of the service side of Windows Communication Foundat ...) - TODO: check + NOT-FOR-US: CoreWCF CVE-2024-28242 (Discourse is an open source platform for community discussion. In affe ...) - TODO: check + NOT-FOR-US: Discourse CVE-2024-28053 (Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 ...) TODO: check CVE-2024-27987 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-27920 (projectdiscovery/nuclei is a fast and customisable vulnerability scann ...) - TODO: check + NOT-FOR-US: projectdiscovery/nuclei CVE-2024-27196 (Cross Site Scripting (XSS) vulnerability in Joel Starnes postMash \u20 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-27193 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-27192 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-27189 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-27100 (Discourse is an open source platform for community discussion. In affe ...) - TODO: check + NOT-FOR-US: Discourse CVE-2024-27085 (Discourse is an open source platform for community discussion. In affe ...) - TODO: check + NOT-FOR-US: Discourse CVE-2024-25936 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-25934 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-25921 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-25919 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-25916 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-25598 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-25597 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-25596 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-25593 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-25592 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-24975 (Uncontrolled Resource Consumption in Mattermost Mobile versions before ...) - TODO: check + NOT-FOR-US: Mattermost Mobile CVE-2024-24827 (Discourse is an open source platform for community discussion. Without ...) - TODO: check + NOT-FOR-US: Discourse CVE-2024-24748 (Discourse is an open source platform for community discussion. In affe ...) - TODO: check + NOT-FOR-US: Discourse CVE-2023-7248 (Certain functionality in OpenText Vertica Management console might be ...) - TODO: check + NOT-FOR-US: OpenText Vertica Management console CVE-2023-7060 (Zephyr OS IP packet handling does not properly drop IP packets arrivin ...) - TODO: check + NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr) CVE-2023-7017 (Sciener locks' firmware update mechanism do not authenticate or valida ...) TODO: check CVE-2023-7009 (Some Sciener-based locks support plaintext message processing over Blu ...) @@ -113,17 +113,17 @@ CVE-2023-6725 (An access-control flaw was found in the OpenStack Designate compo CVE-2023-51699 (Fluid is an open source Kubernetes-native Distributed Dataset Orchestr ...) TODO: check CVE-2023-51525 (Cross-Site Request Forgery (CSRF) vulnerability in Veribo, Roland Murg ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51522 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Mem ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51369 (Cross-Site Request Forgery (CSRF) vulnerability in SysBasics Customize ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50898 (Missing Authorization vulnerability in sirv.Com Sirv.This issue affect ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50886 (Cross-Site Request Forgery (CSRF), Incorrect Authorization vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50861 (Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY \u ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47699 (IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site ...) NOT-FOR-US: IBM CVE-2023-47162 (IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cc6066e0d4c1f4ded5dad1e4ad4ea116da8d885 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cc6066e0d4c1f4ded5dad1e4ad4ea116da8d885 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits