Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a92b819c by Salvatore Bonaccorso at 2024-01-03T09:28:31+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -3,9 +3,9 @@ CVE-2024-21632 (omniauth-microsoft_graph provides an Omniauth strategy for the M CVE-2024-21629 (Rust EVM is an Ethereum Virtual Machine interpreter. In `rust-evm`, a ...) TODO: check CVE-2024-21628 (PrestaShop is an open-source e-commerce platform. Prior to version 8.1 ...) - TODO: check + NOT-FOR-US: PrestaShop CVE-2024-21627 (PrestaShop is an open-source e-commerce platform. Prior to versions 8. ...) - TODO: check + NOT-FOR-US: PrestaShop CVE-2024-21623 (OTCLient is an alternative tibia client for otserv. Prior to commit db ...) TODO: check CVE-2024-0211 (DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via ...) @@ -23,43 +23,43 @@ CVE-2024-0196 (A vulnerability has been found in Magic-Api up to 2.0.1 and class CVE-2024-0195 (A vulnerability, which was classified as critical, was found in spider ...) TODO: check CVE-2024-0194 (A vulnerability, which was classified as critical, has been found in C ...) - TODO: check + NOT-FOR-US: CodeAstro Internet Banking System CVE-2023-7027 (The POST SMTP Mailer \u2013 Email log, Delivery Failure Notifications ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6986 (The EmbedPress \u2013 Embed PDF, YouTube, Google Docs, Vimeo, Wistia V ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6981 (The WP SMS \u2013 Messaging & SMS Notification for WordPress, WooComme ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6980 (The WP SMS \u2013 Messaging & SMS Notification for WordPress, WooComme ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6629 (The POST SMTP Mailer \u2013 Email log, Delivery Failure Notifications ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6600 (The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6524 (The MapPress Maps for WordPress plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6339 (Google Nest WiFi Pro root code-execution & user-data compromise) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50922 (An issue was discovered on GL.iNet devices through 4.5.0. Attackers wh ...) - TODO: check + NOT-FOR-US: GL.iNet devices CVE-2023-50351 (HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotati ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-50350 (HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-50348 (HCL DRYiCE MyXalytics is impacted by an improper error handling vulner ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-50346 (HCL DRYiCE MyXalytics is impacted by an information disclosure vulnera ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-50345 (HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability wh ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-50344 (HCL DRYiCE MyXalytics is impacted by improper access control (Unauthen ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-50343 (HCL DRYiCE MyXalytics is impacted by an Improper Access Control (Contr ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-50342 (HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Referen ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-50341 (HCL DRYiCE MyXalytics is impacted by Improper Access Control (Obsolete ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-50020 (An issue was discovered in open5gs v2.6.6. SIGPIPE can be used to cras ...) TODO: check CVE-2023-50019 (An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registrat ...) @@ -89,9 +89,9 @@ CVE-2023-49549 (An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause CVE-2023-48418 (In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a ...) TODO: check CVE-2023-47473 (Directory Traversal vulnerability in fuwushe.org iFair versions 23.8_a ...) - TODO: check + NOT-FOR-US: fuwushe.org iFair CVE-2023-47458 (An issue in SpringBlade v.3.7.0 and before allows a remote attacker to ...) - TODO: check + NOT-FOR-US: SpringBlade CVE-2023-46308 (In Plotly plotly.js before 2.25.2, plot API calls have a risk of __pro ...) TODO: check CVE-2023-45893 (An indirect Object Reference (IDOR) in the Order and Invoice pages in ...) @@ -99,23 +99,23 @@ CVE-2023-45893 (An indirect Object Reference (IDOR) in the Order and Invoice pag CVE-2023-45892 (An issue discovered in the Order and Invoice pages in Floorsight Insig ...) TODO: check CVE-2023-45724 (HCL DRYiCE MyXalytics product is impacted by unauthenticated file uplo ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-45723 (HCL DRYiCE MyXalytics is impacted by path traversal vulnerability whic ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-45722 (HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file rea ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-45561 (An issue in A-WORLD OIRASE BEER_waiting Line v.13.6.1 allows attackers ...) - TODO: check + NOT-FOR-US: A-WORLD OIRASE BEER_waiting Line CVE-2023-42358 (An issue was discovered in O-RAN Software Community ric-plt-e2mgr in t ...) TODO: check CVE-2023-41783 (There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. Due ...) - TODO: check + NOT-FOR-US: ZTE CVE-2023-41780 (There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due ...) - TODO: check + NOT-FOR-US: ZTE CVE-2023-41779 (There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI ...) - TODO: check + NOT-FOR-US: ZTE CVE-2023-41776 (There is a local privilege escalation vulnerability of ZTE's ZXCLOUD i ...) - TODO: check + NOT-FOR-US: ZTE CVE-2024-0193 (A use-after-free flaw was found in the netfilter subsystem of the Linu ...) - linux <unfixed> [bookworm] - linux 6.1.69-1 @@ -231742,11 +231742,11 @@ CVE-2020-26627 CVE-2020-26626 RESERVED CVE-2020-26625 (A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and ea ...) - TODO: check + NOT-FOR-US: Gila CMS CVE-2020-26624 (A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and ea ...) - TODO: check + NOT-FOR-US: Gila CMS CVE-2020-26623 (SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier ...) - TODO: check + NOT-FOR-US: Gila CMS CVE-2020-26622 RESERVED CVE-2020-26621 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a92b819cde2e3f47be498a5899a5f3ad402425f5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a92b819cde2e3f47be498a5899a5f3ad402425f5 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits