Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
831fa063 by Salvatore Bonaccorso at 2024-04-08T22:33:11+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2024-3455 (A vulnerability was found in Netentsec NS-ASG
Application Securit
CVE-2024-3445 (A vulnerability was found in SourceCodester Laundry Management
System ...)
NOT-FOR-US: SourceCodester Laundry Management System
CVE-2024-3444 (A vulnerability was found in Wangshen SecGate 3600 up to
20240408. It ...)
- TODO: check
+ NOT-FOR-US: Wangshen SecGate 3600
CVE-2024-3443 (A vulnerability classified as problematic was found in
SourceCodester ...)
NOT-FOR-US: SourceCodester Prison Management System
CVE-2024-3442 (A vulnerability classified as critical has been found in
SourceCodeste ...)
@@ -67,7 +67,7 @@ CVE-2024-31205 (Saleor is an e-commerce platform. Starting in
version 3.10.0 and
CVE-2024-30269 (DataEase, an open source data visualization and analysis tool,
has a d ...)
NOT-FOR-US: DataEase
CVE-2024-2834 (A Stored Cross-Site Scripting (XSS) vulnerability has been
identified ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2024-28732 (An issue was discovered in OFPMatch in parser.py in Faucet SDN
Ryu ver ...)
NOT-FOR-US: Faucet SDN Ryu
CVE-2024-28270 (An issue discovered in web-flash v3.0 allows attackers to
reset passwo ...)
@@ -87,69 +87,69 @@ CVE-2024-26574 (Insecure Permissions vulnerability in
Wondershare Filmora v.13.0
CVE-2024-24279 (An issue in secdiskapp 1.5.1 (management program for NewQ
Fingerprint ...)
TODO: check
CVE-2024-23192 (RSS feeds that contain malicious data- attributes could be
abused to i ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2024-23191 (Upsell advertisement information of an account can be
manipulated to e ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2024-23190 (Upsell shop information of an account can be manipulated to
execute sc ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2024-23189 (Embedded content references at tasks could be used to
temporarily exec ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2024-23086 (Apfloat v1.10.1 was discovered to contain a stack overflow via
the com ...)
- TODO: check
+ NOT-FOR-US: Apfloat
CVE-2024-23085 (Apfloat v1.10.1 was discovered to contain a
NullPointerException via t ...)
- TODO: check
+ NOT-FOR-US: Apfloat
CVE-2024-23082 (ThreeTen Backport v1.6.8 was discovered to contain an integer
overflow ...)
- TODO: check
+ NOT-FOR-US: ThreeTen Backport
CVE-2024-23078 (JGraphT Core v1.5.2 was discovered to contain a
NullPointerException v ...)
- TODO: check
+ NOT-FOR-US: JGraphT Core
CVE-2023-7164 (The BackWPup WordPress plugin before 4.0.4 does not prevent
visitors f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52554 (Permission control vulnerability in the Bluetooth module.
Impact: Succ ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52553 (Race condition vulnerability in the Wi-Fi module. Impact:
Successful e ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52552 (Input verification vulnerability in the power module. Impact:
Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52551 (Vulnerability of data verification errors in the kernel
module. Impact ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52550 (Vulnerability of data verification errors in the kernel
module. Impact ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52549 (Vulnerability of data verification errors in the kernel
module. Impact ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52546 (Vulnerability of package name verification being bypassed in
the Calen ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52545 (Vulnerability of undefined permissions in the Calendar app.
Impact: Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52544 (Vulnerability of file path verification being bypassed in the
email mo ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52543 (Permission verification vulnerability in the system module.
Impact: Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52542 (Permission verification vulnerability in the system module.
Impact: Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52541 (Authentication vulnerability in the API for app pre-loading.
Impact: S ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52540 (Vulnerability of improper authentication in the Iaware module.
Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52539 (Permission verification vulnerability in the Settings module.
Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52538 (Vulnerability of package name verification being bypassed in
the HwIms ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52537 (Vulnerability of package name verification being bypassed in
the HwIms ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52388 (Permission control vulnerability in the clock module. Impact:
Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52386 (Out-of-bounds write vulnerability in the RSMC module. Impact:
Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52385 (Out-of-bounds write vulnerability in the RSMC module. Impact:
Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52364 (Vulnerability of input parameters being not strictly verified
in the R ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52359 (Vulnerability of permission verification in some APIs in the
ActivityT ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2014-125111 (A vulnerability was found in namithjawahar Wp-Insert up to
2.0.8 and c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2011-10006 (A vulnerability was found in GamerZ WP-PostRatings up to 1.64.
It has ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-26811 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/a677ebd8ca2f2632ccdecbad7b87641274e15aac (6.9-rc3)
@@ -106069,7 +106069,7 @@ CVE-2022-43218
CVE-2022-43217
RESERVED
CVE-2022-43216 (AbrhilSoft Employee's Portal before v5.6.2 was discovered to
contain a ...)
- TODO: check
+ NOT-FOR-US: AbrhilSoft Employee's Portal
CVE-2022-43215 (Billing System Project v1.0 was discovered to contain a SQL
injection ...)
NOT-FOR-US: Billing System Project
CVE-2022-43214 (Billing System Project v1.0 was discovered to contain a SQL
injection ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/831fa0635506b41d0adb1266a2032ab317479072
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/831fa0635506b41d0adb1266a2032ab317479072
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
