Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d68e33b3 by Salvatore Bonaccorso at 2022-12-31T09:29:41+01:00 Associate some NFUs with itp entry for froxlor - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -94823,7 +94823,7 @@ CVE-2021-42326 (Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the nam NOTE: https://www.redmine.org/projects/redmine/wiki/Changelog_4_2#423-2021-10-10 NOTE: https://www.redmine.org/projects/redmine/repository/revisions/21209 CVE-2021-42325 (Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbM ...) - NOT-FOR-US: Froxlor + - froxlor <itp> (bug #581792) CVE-2021-42324 (An issue was discovered on DCN (Digital China Networks) S4600-10P-SI d ...) NOT-FOR-US: DCN S4600 switches CVE-2021-42323 (Azure RTOS Information Disclosure Vulnerability This CVE ID is unique ...) @@ -154902,7 +154902,7 @@ CVE-2020-29655 (An injection vulnerability exists in RT-AC88U Download Master be CVE-2020-29654 (Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that lea ...) NOT-FOR-US: Western Digital Dashboard CVE-2020-29653 (Froxlor through 0.10.22 does not perform validation on user input pass ...) - NOT-FOR-US: Froxlor + - froxlor <itp> (bug #581792) CVE-2020-29652 (A nil pointer dereference in the golang.org/x/crypto/ssh component thr ...) - golang-go.crypto 1:0.0~git20201221.eec23a3-1 [buster] - golang-go.crypto <not-affected> (Vulnerable code not present) @@ -207354,11 +207354,11 @@ CVE-2020-10239 (An issue was discovered in Joomla! before 3.9.16. Incorrect Acce CVE-2020-10238 (An issue was discovered in Joomla! before 3.9.16. Various actions in c ...) NOT-FOR-US: Joomla! CVE-2020-10237 (An issue was discovered in Froxlor through 0.10.15. The installer wrot ...) - NOT-FOR-US: Froxlor + - froxlor <itp> (bug #581792) CVE-2020-10236 (An issue was discovered in Froxlor before 0.10.14. It created files wi ...) - NOT-FOR-US: Froxlor + - froxlor <itp> (bug #581792) CVE-2020-10235 (An issue was discovered in Froxlor before 0.10.14. Remote attackers wi ...) - NOT-FOR-US: Froxlor + - froxlor <itp> (bug #581792) CVE-2020-10234 (The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 1 ...) NOT-FOR-US: IObit Advanced SystemCare CVE-2020-10233 (In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap- ...) @@ -308806,7 +308806,7 @@ CVE-2018-1000528 (GONICUS GOsa version before commit 56070d6289d47ba3f5918885954 NOTE: https://github.com/gosa-project/gosa-core/commit/56070d6289d47ba3f5918885954dcceb75606001 NOTE: https://github.com/gosa-project/gosa-core/issues/14 CVE-2018-1000527 (Froxlor version <= 0.9.39.5 contains a PHP Object Injection vulnera ...) - NOT-FOR-US: Froxlor + - froxlor <itp> (bug #581792) CVE-2018-1000526 (Openpsa contains a XML Injection vulnerability in RSS file upload feat ...) NOT-FOR-US: openpsa CVE-2018-1000525 (openpsa contains a PHP Object Injection vulnerability in Form data pas ...) @@ -411234,7 +411234,7 @@ CVE-2016-5102 (Buffer overflow in the readgifimage function in gif2tiff.c in the CVE-2016-5101 (Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows a ...) NOT-FOR-US: Opera CVE-2016-5100 (Froxlor before 0.9.35 uses the PHP rand function for random number gen ...) - NOT-FOR-US: Froxlor + - froxlor <itp> (bug #581792) CVE-2016-5099 (Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4. ...) {DSA-3627-1} - phpmyadmin 4:4.6.2-1 (low) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d68e33b30708cc73536b29aa39de534e32282947 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d68e33b30708cc73536b29aa39de534e32282947 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits