Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 28ec6493 by Moritz Muehlenhoff at 2024-01-10T17:25:46+01:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,5 +1,7 @@ +CVE-2023-49619 + NOT-FOR-US: Apache Answer CVE-2024-21643 (IdentityModel Extensions for .NET provide assemblies for web developer ...) - TODO: check + NOT-FOR-US: IdentityModel Extensions for .NET CVE-2024-0364 (A vulnerability, which was classified as critical, was found in PHPGur ...) NOT-FOR-US: PHPGurukul Hospital Management System CVE-2024-0363 (A vulnerability, which was classified as critical, has been found in P ...) @@ -111,7 +113,7 @@ CVE-2024-22165 (In Splunk Enterprise Security (ES) versions lower than 7.1.2, an CVE-2024-22164 (In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker c ...) NOT-FOR-US: Splunk Enterprise Security (ES) CVE-2024-21668 (react-native-mmkv is a library that allows easy use of MMKV inside Rea ...) - TODO: check + NOT-FOR-US: react-native-mmkv CVE-2024-21664 (jwx is a Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, othe ...) TODO: check CVE-2024-21325 (Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution V ...) @@ -179,7 +181,7 @@ CVE-2024-20676 (Azure Storage Mover Remote Code Execution Vulnerability) CVE-2024-20674 (Windows Kerberos Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft CVE-2024-20672 (.NET Core and Visual Studio Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft .NET CVE-2024-20666 (BitLocker Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft CVE-2024-20664 (Microsoft Message Queuing Information Disclosure Vulnerability) @@ -224,7 +226,7 @@ CVE-2024-0213 (A buffer overflow vulnerability in TA for Linux and TA for MacOS CVE-2024-0206 (A symbolic link manipulation vulnerability in Trellix Anti-Malware Eng ...) NOT-FOR-US: Trellix CVE-2024-0057 (NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnera ...) - TODO: check + NOT-FOR-US: Microsoft .NET CVE-2024-0056 (Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider S ...) NOT-FOR-US: Microsoft CVE-2023-7223 (A vulnerability classified as problematic has been found in Totolink T ...) @@ -300,7 +302,7 @@ CVE-2023-44120 (A vulnerability has been identified in Spectrum Power 7 (All ver CVE-2023-42797 (A vulnerability has been identified in CP-8031 MASTER MODULE (All vers ...) NOT-FOR-US: Siemens CVE-2022-48618 (The issue was addressed with improved checks. This issue is fixed in m ...) - TODO: check + NOT-FOR-US: Apple CVE-2023-41056 [Buffer overflow in certain payloads may lead to remote code execution] - redis 5:7.0.15-1 (bug #1060316) [bullseye] - redis <not-affected> (Vulnerable code not present) @@ -329,7 +331,7 @@ CVE-2024-21651 (XWiki Platform is a generic wiki platform offering runtime servi CVE-2024-21648 (XWiki Platform is a generic wiki platform offering runtime services fo ...) NOT-FOR-US: XWiki CVE-2024-21646 (Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP lib ...) - TODO: check + NOT-FOR-US: Azure uAMQP CVE-2023-7220 (A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 an ...) NOT-FOR-US: Totolink CVE-2023-7219 (A vulnerability has been found in Totolink N350RT 9.3.5u.6139_B202012 ...) @@ -463,7 +465,7 @@ CVE-2023-5911 (The WP Custom Cursors | WordPress Cursor Plugin WordPress plugin CVE-2023-5235 (The Ovic Responsive WPBakery WordPress plugin before 1.2.9 does not li ...) NOT-FOR-US: WordPress plugin CVE-2023-5091 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allo ...) - TODO: check + NOT-FOR-US: Arm CVE-2023-52271 (The wsftprm.sys kernel driver 2.0.0.0 in Topaz Antifraud allows low-pr ...) NOT-FOR-US: Topaz Antifraud CVE-2023-52225 (Deserialization of Untrusted Data vulnerability in Tagbox Tagbox \u201 ...) @@ -499,13 +501,13 @@ CVE-2023-52200 (Cross-Site Request Forgery (CSRF), Deserialization of Untrusted CVE-2023-52190 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) NOT-FOR-US: WordPress plugin CVE-2023-51701 (fastify-reply-from is a Fastify plugin to forward the current HTTP req ...) - TODO: check + NOT-FOR-US: fastify-reply-from CVE-2023-51508 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) NOT-FOR-US: WordPress plugin CVE-2023-51246 (A Cross Site Scripting (XSS) vulnerability in GetSimple CMS 3.3.16 exi ...) NOT-FOR-US: GetSimple CMS CVE-2023-50982 (Stud.IP 5.x through 5.3.3 allows XSS with resultant upload of executab ...) - TODO: check + NOT-FOR-US: Stud.IP CVE-2023-47890 (pyLoad 0.5.0 is vulnerable to Unrestricted File Upload.) - pyload <itp> (bug #1001980) CVE-2023-47211 (A directory traversal vulnerability exists in the uploadMib functional ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28ec649336befdbfde626289f8a856ffeb5c36d8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28ec649336befdbfde626289f8a856ffeb5c36d8 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits