Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 831fa063 by Salvatore Bonaccorso at 2024-04-08T22:33:11+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -13,7 +13,7 @@ CVE-2024-3455 (A vulnerability was found in Netentsec NS-ASG Application Securit CVE-2024-3445 (A vulnerability was found in SourceCodester Laundry Management System ...) NOT-FOR-US: SourceCodester Laundry Management System CVE-2024-3444 (A vulnerability was found in Wangshen SecGate 3600 up to 20240408. It ...) - TODO: check + NOT-FOR-US: Wangshen SecGate 3600 CVE-2024-3443 (A vulnerability classified as problematic was found in SourceCodester ...) NOT-FOR-US: SourceCodester Prison Management System CVE-2024-3442 (A vulnerability classified as critical has been found in SourceCodeste ...) @@ -67,7 +67,7 @@ CVE-2024-31205 (Saleor is an e-commerce platform. Starting in version 3.10.0 and CVE-2024-30269 (DataEase, an open source data visualization and analysis tool, has a d ...) NOT-FOR-US: DataEase CVE-2024-2834 (A Stored Cross-Site Scripting (XSS) vulnerability has been identified ...) - TODO: check + NOT-FOR-US: OpenText CVE-2024-28732 (An issue was discovered in OFPMatch in parser.py in Faucet SDN Ryu ver ...) NOT-FOR-US: Faucet SDN Ryu CVE-2024-28270 (An issue discovered in web-flash v3.0 allows attackers to reset passwo ...) @@ -87,69 +87,69 @@ CVE-2024-26574 (Insecure Permissions vulnerability in Wondershare Filmora v.13.0 CVE-2024-24279 (An issue in secdiskapp 1.5.1 (management program for NewQ Fingerprint ...) TODO: check CVE-2024-23192 (RSS feeds that contain malicious data- attributes could be abused to i ...) - TODO: check + NOT-FOR-US: Open-Xchange CVE-2024-23191 (Upsell advertisement information of an account can be manipulated to e ...) - TODO: check + NOT-FOR-US: Open-Xchange CVE-2024-23190 (Upsell shop information of an account can be manipulated to execute sc ...) - TODO: check + NOT-FOR-US: Open-Xchange CVE-2024-23189 (Embedded content references at tasks could be used to temporarily exec ...) - TODO: check + NOT-FOR-US: Open-Xchange CVE-2024-23086 (Apfloat v1.10.1 was discovered to contain a stack overflow via the com ...) - TODO: check + NOT-FOR-US: Apfloat CVE-2024-23085 (Apfloat v1.10.1 was discovered to contain a NullPointerException via t ...) - TODO: check + NOT-FOR-US: Apfloat CVE-2024-23082 (ThreeTen Backport v1.6.8 was discovered to contain an integer overflow ...) - TODO: check + NOT-FOR-US: ThreeTen Backport CVE-2024-23078 (JGraphT Core v1.5.2 was discovered to contain a NullPointerException v ...) - TODO: check + NOT-FOR-US: JGraphT Core CVE-2023-7164 (The BackWPup WordPress plugin before 4.0.4 does not prevent visitors f ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-52554 (Permission control vulnerability in the Bluetooth module. Impact: Succ ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52553 (Race condition vulnerability in the Wi-Fi module. Impact: Successful e ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52552 (Input verification vulnerability in the power module. Impact: Successf ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52551 (Vulnerability of data verification errors in the kernel module. Impact ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52550 (Vulnerability of data verification errors in the kernel module. Impact ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52549 (Vulnerability of data verification errors in the kernel module. Impact ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52546 (Vulnerability of package name verification being bypassed in the Calen ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52545 (Vulnerability of undefined permissions in the Calendar app. Impact: Su ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52544 (Vulnerability of file path verification being bypassed in the email mo ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52543 (Permission verification vulnerability in the system module. Impact: Su ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52542 (Permission verification vulnerability in the system module. Impact: Su ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52541 (Authentication vulnerability in the API for app pre-loading. Impact: S ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52540 (Vulnerability of improper authentication in the Iaware module. Impact: ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52539 (Permission verification vulnerability in the Settings module. Impact: ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52538 (Vulnerability of package name verification being bypassed in the HwIms ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52537 (Vulnerability of package name verification being bypassed in the HwIms ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52388 (Permission control vulnerability in the clock module. Impact: Successf ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52386 (Out-of-bounds write vulnerability in the RSMC module. Impact: Successf ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52385 (Out-of-bounds write vulnerability in the RSMC module. Impact: Successf ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52364 (Vulnerability of input parameters being not strictly verified in the R ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-52359 (Vulnerability of permission verification in some APIs in the ActivityT ...) - TODO: check + NOT-FOR-US: Huawei CVE-2014-125111 (A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and c ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2011-10006 (A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-26811 (In the Linux kernel, the following vulnerability has been resolved: k ...) - linux <unfixed> NOTE: https://git.kernel.org/linus/a677ebd8ca2f2632ccdecbad7b87641274e15aac (6.9-rc3) @@ -106069,7 +106069,7 @@ CVE-2022-43218 CVE-2022-43217 RESERVED CVE-2022-43216 (AbrhilSoft Employee's Portal before v5.6.2 was discovered to contain a ...) - TODO: check + NOT-FOR-US: AbrhilSoft Employee's Portal CVE-2022-43215 (Billing System Project v1.0 was discovered to contain a SQL injection ...) NOT-FOR-US: Billing System Project CVE-2022-43214 (Billing System Project v1.0 was discovered to contain a SQL injection ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/831fa0635506b41d0adb1266a2032ab317479072 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/831fa0635506b41d0adb1266a2032ab317479072 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits