Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 99121d70 by Salvatore Bonaccorso at 2024-02-20T21:50:08+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,13 +1,13 @@ CVE-2024-26270 (The Account Settings page in Liferay Portal 7.4.3.76 through 7.4.3.99, ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-26268 (User enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.2 ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-26267 (In Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versio ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-26265 (The Image Uploader module in Liferay Portal 7.2.0 through 7.4.3.15, an ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-26135 (MeshCentral is a full computer management web site. Versions prior to ...) - TODO: check + NOT-FOR-US: MeshCentral CVE-2024-26132 (Element Android is an Android Matrix Client. A third-party malicious a ...) TODO: check CVE-2024-26131 (Element Android is an Android Matrix Client. Element Android version 1 ...) @@ -17,23 +17,23 @@ CVE-2024-25631 (Cilium is a networking, observability, and security solution wit CVE-2024-25630 (Cilium is a networking, observability, and security solution with an e ...) - cilium <itp> (bug #858303) CVE-2024-25610 (In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versio ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25609 (HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.12, and ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25608 (HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25607 (The default password hashing algorithm (PBKDF2-HMAC-SHA1) in Liferay P ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25606 (XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and older u ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25605 (The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25604 (Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25366 (Buffer Overflow vulnerability in mz-automation.de libiec61859 v.1.4.0 ...) TODO: check CVE-2024-25274 (An arbitrary file upload vulnerability in the component /sysFile/uploa ...) - TODO: check + NOT-FOR-US: Novel-Plus CVE-2024-25262 (texlive-bin commit c515e was discovered to contain heap buffer overflo ...) TODO: check CVE-2024-25260 (elfutils v0.189 was discovered to contain a NULL pointer dereference v ...) @@ -47,13 +47,13 @@ CVE-2024-25197 (Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble CVE-2024-25196 (Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versi ...) TODO: check CVE-2024-25150 (Information disclosure vulnerability in the Control Panel in Liferay P ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-24794 (A use-after-free vulnerability exists in the DICOM Element Parsing as ...) TODO: check CVE-2024-24793 (A use-after-free vulnerability exists in the DICOM Element Parsing as ...) TODO: check CVE-2024-24763 (JumpServer is an open source bastion host and an operation and mainten ...) - TODO: check + NOT-FOR-US: JumpServer CVE-2024-24475 (An issue in Qemu before v.8.2.0 allows a remote attacker to execute ar ...) TODO: check CVE-2024-24474 (Buffer Overflow vulnerability in Qemu before v.8.2.0 allows a remote a ...) @@ -69,11 +69,11 @@ CVE-2024-23310 (A use-after-free vulnerability exists in the sopen_FAMOS_read fu CVE-2024-23305 (An out-of-bounds write vulnerability exists in the BrainVisionMarker P ...) TODO: check CVE-2024-22824 (An issue in Timo v.2.0.3 allows a remote attacker to execute arbitrary ...) - TODO: check + NOT-FOR-US: Timo CVE-2024-22250 (Session Hijack vulnerability in Deprecated VMware Enhanced Authenticat ...) - TODO: check + NOT-FOR-US: VMware CVE-2024-22245 (Arbitrary Authentication Relay and Session Hijack vulnerabilities in t ...) - TODO: check + NOT-FOR-US: VMware CVE-2024-22097 (A double-free vulnerability exists in the BrainVision Header Parsing f ...) TODO: check CVE-2024-22054 (A malformed discovery packet sent by a malicious actor with preexistin ...) @@ -83,21 +83,21 @@ CVE-2024-21812 (An integer overflow vulnerability exists in the sopen_FAMOS_read CVE-2024-21795 (A heap-based buffer overflow vulnerability exists in the .egi parsing ...) TODO: check CVE-2024-21726 (Inadequate content filtering leads to XSS vulnerabilities in various c ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2024-21725 (Inadequate escaping of mail addresses lead to XSS vulnerabilities in v ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2024-21724 (Inadequate input validation for media selection fields lead to XSS vul ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2024-21723 (Inadequate parsing of URLs could result into an open redirect.) - TODO: check + NOT-FOR-US: Joomla! CVE-2024-21722 (The MFA management features did not properly terminate existing user s ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2024-21682 (This High severity Injection vulnerability was introduced in Assets Di ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2024-21678 (This High severity Stored XSS vulnerability was introduced in version ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2024-1661 (A vulnerability classified as problematic was found in Totolink X6000R ...) - TODO: check + NOT-FOR-US: Totolink CVE-2024-1608 (In OPPO Usercenter Credit SDK, there's a possible escalation of privil ...) TODO: check CVE-2024-1586 (The Schema & Structured Data for WP & AMP plugin for WordPress is vuln ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99121d704558a0d91586836fcc5c03d2c8cef49e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99121d704558a0d91586836fcc5c03d2c8cef49e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits