Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 60bd2da5 by Salvatore Bonaccorso at 2024-03-22T22:28:16+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,35 +1,35 @@ CVE-2024-2828 (A vulnerability, which was classified as critical, was found in lakern ...) - TODO: check + NOT-FOR-US: lakernote EasyAdmin CVE-2024-2827 (A vulnerability, which was classified as critical, has been found in l ...) - TODO: check + NOT-FOR-US: lakernote EasyAdmin CVE-2024-2826 (A vulnerability classified as problematic was found in lakernote EasyA ...) - TODO: check + NOT-FOR-US: lakernote EasyAdmin CVE-2024-2825 (A vulnerability classified as critical has been found in lakernote Eas ...) - TODO: check + NOT-FOR-US: lakernote EasyAdmin CVE-2024-2824 (A vulnerability was found in Matthias-Wandel jhead 3.08 and classified ...) TODO: check CVE-2024-2823 (A vulnerability has been found in DedeCMS 5.7 and classified as proble ...) - TODO: check + NOT-FOR-US: DedeCMS CVE-2024-2822 (A vulnerability, which was classified as problematic, was found in Ded ...) - TODO: check + NOT-FOR-US: DedeCMS CVE-2024-2821 (A vulnerability, which was classified as problematic, has been found i ...) - TODO: check + NOT-FOR-US: DedeCMS CVE-2024-2820 (A vulnerability classified as problematic was found in DedeCMS 5.7. Af ...) - TODO: check + NOT-FOR-US: DedeCMS CVE-2024-2728 (Information exposure vulnerability in the CIGESv2 system. This vulnera ...) - TODO: check + NOT-FOR-US: CIGESv2 system CVE-2024-2727 (HTML injection vulnerability affecting the CIGESv2 system, which allow ...) - TODO: check + NOT-FOR-US: CIGESv2 system CVE-2024-2726 (Stored Cross-Site Scripting (Stored-XSS) vulnerability affecting the C ...) - TODO: check + NOT-FOR-US: CIGESv2 system CVE-2024-2725 (Information exposure vulnerability in the CIGESv2 system. A remote att ...) - TODO: check + NOT-FOR-US: CIGESv2 system CVE-2024-2724 (SQL injection vulnerability in the CIGESv2 system, through/ajaxServici ...) - TODO: check + NOT-FOR-US: CIGESv2 system CVE-2024-2723 (SQL injection vulnerability in the CIGESv2 system, through/ajaxSubServ ...) - TODO: check + NOT-FOR-US: CIGESv2 system CVE-2024-2722 (SQL injection vulnerability in the CIGESv2 system, through/ajaxConfigT ...) - TODO: check + NOT-FOR-US: CIGESv2 system CVE-2024-2449 (A cross-site request forgery vulnerability has been identified in Load ...) TODO: check CVE-2024-2448 (An OS command injection vulnerability has been identified in LoadMaste ...) @@ -47,35 +47,35 @@ CVE-2024-29943 (An attacker was able to perform an out-of-bounds read or write o - firefox <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/#CVE-2024-29943 CVE-2024-29865 (Logpoint before 7.1.0 allows Self-XSS on the LDAP authentication page ...) - TODO: check + NOT-FOR-US: Logpoint CVE-2024-29499 (Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forg ...) - TODO: check + NOT-FOR-US: Anchor CMS CVE-2024-29385 (DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execu ...) - TODO: check + NOT-FOR-US: DIR-845L router CVE-2024-29366 (A command injection vulnerability exists in the cgibin binary in DIR-8 ...) - TODO: check + NOT-FOR-US: DIR-845L router CVE-2024-29338 (Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forg ...) - TODO: check + NOT-FOR-US: Anchor CMS CVE-2024-29186 (Bref is an open-source project that helps users go serverless on Amazo ...) TODO: check CVE-2024-29185 (FreeScout is a self-hosted help desk and shared mailbox. Versions prio ...) - TODO: check + NOT-FOR-US: FreeScout CVE-2024-29184 (FreeScout is a self-hosted help desk and shared mailbox. A Stored Cros ...) - TODO: check + NOT-FOR-US: FreeScout CVE-2024-29042 (Translate is a package that allows users to convert text to different ...) TODO: check CVE-2024-28861 (Symfony 1 is a community-driven fork of the 1.x branch of Symfony, a P ...) - TODO: check + NOT-FOR-US: Symfony1 (community fork of symfony 1.4 with some enhancements) CVE-2024-28824 (Least privilege violation and reliance on untrusted inputs in the mk_i ...) TODO: check CVE-2024-28593 (The Chat activity in Moodle 4.3.3 allows students to insert a potentia ...) TODO: check CVE-2024-28560 (SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows ...) - TODO: check + NOT-FOR-US: Niushop B2B2C CVE-2024-28559 (SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows ...) - TODO: check + NOT-FOR-US: Niushop B2B2C CVE-2024-25168 (SQL injection vulnerability in snow snow v.2.0.0 allows a remote attac ...) - TODO: check + NOT-FOR-US: snow snow CVE-2024-1848 (Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out ...) TODO: check CVE-2024-1742 (Invocation of the sqlplus command with sensitive information in the co ...) @@ -83,9 +83,9 @@ CVE-2024-1742 (Invocation of the sqlplus command with sensitive information in t CVE-2024-0638 (Least privilege violation in the Checkmk agent plugins mk_oracle, mk_o ...) TODO: check CVE-2023-4063 (Certain HP OfficeJet Pro printers are potentially vulnerable to a Deni ...) - TODO: check + NOT-FOR-US: HP CVE-2023-41099 (In the Windows installer in Atos Eviden CardOS API before 5.5.5.2811, ...) - TODO: check + NOT-FOR-US: Windows installer in Atos Eviden CardOS API CVE-2024-2817 (A vulnerability, which was classified as problematic, has been found i ...) NOT-FOR-US: Tenda CVE-2024-2816 (A vulnerability classified as problematic was found in Tenda AC15 15.0 ...) @@ -78271,7 +78271,7 @@ CVE-2023-23351 CVE-2023-23350 RESERVED CVE-2023-23349 (Kaspersky has fixed a security issue in Kaspersky Password Manager (KP ...) - TODO: check + NOT-FOR-US: Kaspersky CVE-2023-0229 (A flaw was found in github.com/openshift/apiserver-library-go, used in ...) NOT-FOR-US: OpenShift CVE-2023-0228 (Improper Authentication vulnerability in ABB Symphony Plus S+ Operatio ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60bd2da56150490b275c7f37a02aaa210e386ac2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60bd2da56150490b275c7f37a02aaa210e386ac2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits