Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d68e33b3 by Salvatore Bonaccorso at 2022-12-31T09:29:41+01:00
Associate some NFUs with itp entry for froxlor
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -94823,7 +94823,7 @@ CVE-2021-42326 (Redmine before 4.1.5 and 4.2.x before
4.2.3 may disclose the nam
NOTE:
https://www.redmine.org/projects/redmine/wiki/Changelog_4_2#423-2021-10-10
NOTE:
https://www.redmine.org/projects/redmine/repository/revisions/21209
CVE-2021-42325 (Froxlor through 0.10.29.1 allows SQL injection in
Database/Manager/DbM ...)
- NOT-FOR-US: Froxlor
+ - froxlor <itp> (bug #581792)
CVE-2021-42324 (An issue was discovered on DCN (Digital China Networks)
S4600-10P-SI d ...)
NOT-FOR-US: DCN S4600 switches
CVE-2021-42323 (Azure RTOS Information Disclosure Vulnerability This CVE ID is
unique ...)
@@ -154902,7 +154902,7 @@ CVE-2020-29655 (An injection vulnerability exists in
RT-AC88U Download Master be
CVE-2020-29654 (Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking
that lea ...)
NOT-FOR-US: Western Digital Dashboard
CVE-2020-29653 (Froxlor through 0.10.22 does not perform validation on user
input pass ...)
- NOT-FOR-US: Froxlor
+ - froxlor <itp> (bug #581792)
CVE-2020-29652 (A nil pointer dereference in the golang.org/x/crypto/ssh
component thr ...)
- golang-go.crypto 1:0.0~git20201221.eec23a3-1
[buster] - golang-go.crypto <not-affected> (Vulnerable code not present)
@@ -207354,11 +207354,11 @@ CVE-2020-10239 (An issue was discovered in Joomla!
before 3.9.16. Incorrect Acce
CVE-2020-10238 (An issue was discovered in Joomla! before 3.9.16. Various
actions in c ...)
NOT-FOR-US: Joomla!
CVE-2020-10237 (An issue was discovered in Froxlor through 0.10.15. The
installer wrot ...)
- NOT-FOR-US: Froxlor
+ - froxlor <itp> (bug #581792)
CVE-2020-10236 (An issue was discovered in Froxlor before 0.10.14. It created
files wi ...)
- NOT-FOR-US: Froxlor
+ - froxlor <itp> (bug #581792)
CVE-2020-10235 (An issue was discovered in Froxlor before 0.10.14. Remote
attackers wi ...)
- NOT-FOR-US: Froxlor
+ - froxlor <itp> (bug #581792)
CVE-2020-10234 (The AscRegistryFilter.sys kernel driver in IObit Advanced
SystemCare 1 ...)
NOT-FOR-US: IObit Advanced SystemCare
CVE-2020-10233 (In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is
a heap- ...)
@@ -308806,7 +308806,7 @@ CVE-2018-1000528 (GONICUS GOsa version before commit
56070d6289d47ba3f5918885954
NOTE:
https://github.com/gosa-project/gosa-core/commit/56070d6289d47ba3f5918885954dcceb75606001
NOTE: https://github.com/gosa-project/gosa-core/issues/14
CVE-2018-1000527 (Froxlor version <= 0.9.39.5 contains a PHP Object
Injection vulnera ...)
- NOT-FOR-US: Froxlor
+ - froxlor <itp> (bug #581792)
CVE-2018-1000526 (Openpsa contains a XML Injection vulnerability in RSS file
upload feat ...)
NOT-FOR-US: openpsa
CVE-2018-1000525 (openpsa contains a PHP Object Injection vulnerability in
Form data pas ...)
@@ -411234,7 +411234,7 @@ CVE-2016-5102 (Buffer overflow in the readgifimage
function in gif2tiff.c in the
CVE-2016-5101 (Unspecified vulnerability in Opera Mail before 2016-02-16 on
Windows a ...)
NOT-FOR-US: Opera
CVE-2016-5100 (Froxlor before 0.9.35 uses the PHP rand function for random
number gen ...)
- NOT-FOR-US: Froxlor
+ - froxlor <itp> (bug #581792)
CVE-2016-5099 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x
before 4. ...)
{DSA-3627-1}
- phpmyadmin 4:4.6.2-1 (low)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d68e33b30708cc73536b29aa39de534e32282947
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d68e33b30708cc73536b29aa39de534e32282947
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
