Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 79711349 by Moritz Muehlenhoff at 2024-04-10T16:03:25+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -134,9 +134,9 @@ CVE-2024-22450 (Dell Alienware Command Center, versions prior to 6.2.7.0, contai CVE-2024-22448 (Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authe ...) NOT-FOR-US: Dell CVE-2024-21509 (Versions of the package mysql2 before 3.9.4 are vulnerable to Prototyp ...) - TODO: check + NOT-FOR-US: Node mysql2 CVE-2024-21507 (Versions of the package mysql2 before 3.9.3 are vulnerable to Improper ...) - TODO: check + NOT-FOR-US: Node mysql2 CVE-2024-1780 (The BizCalendar Web plugin for WordPress is vulnerable to Reflected Cr ...) NOT-FOR-US: WordPress plugin CVE-2024-1042 (The WP Radio \u2013 Worldwide Online Radio Stations Directory for Word ...) @@ -234,13 +234,13 @@ CVE-2024-31368 (Missing Authorization vulnerability in PenciDesign Soledad.This CVE-2024-31367 (Missing Authorization vulnerability in PenciDesign Soledad.This issue ...) NOT-FOR-US: WordPress plugin CVE-2024-30706 (An issue was discovered in ROS2 Dashing Diademata versions ROS_VERSION ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30704 (An insecure deserialization vulnerability has been identified in ROS2 ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30703 (An arbitrary file upload vulnerability has been discovered in ROS2 (Ro ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30702 (An issue was discovered in ROS2 Galactic Geochelone in ROS_VERSION 2 a ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30262 (Contao is an open source content management system. Prior to version 4 ...) NOT-FOR-US: Contao CMS CVE-2024-30191 (A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1 ...) @@ -926,43 +926,43 @@ CVE-2024-31047 (An issue in Academy Software Foundation openexr v.3.2.3 and befo NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/1681 NOTE: Fixed by: https://github.com/AcademySoftwareFoundation/openexr/commit/7aa89e1d09b09d9f5dbb96976ee083a331ab9d71 CVE-2024-30701 (An insecure logging vulnerability in ROS2 Galactic Geochelone ROS_VERS ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30699 (A buffer overflow vulnerability has been discovered in the C++ compone ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30697 (An issue was discovered in ROS2 Galactic Geochelone in ROS_VERSION 2 a ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30696 (OS command injection vulnerability in ROS2 Galactic Geochelone in ROS_ ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30695 (An issue was discovered in the default configurations of ROS2 Galactic ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30694 (A shell injection vulnerability was discovered in ROS2 (Robot Operatin ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30692 (A issue was discovered in ROS2 Galactic Geochelone versions ROS_VERSIO ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30691 (An issue was discovered in ROS2 Galactic Geochelone in version ROS_VER ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30690 (An unauthorized node injection vulnerability has been identified in RO ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30688 (An arbitrary file upload vulnerability has been discovered in ROS2 Iro ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30687 (An insecure deserialization vulnerability has been identified in ROS2 ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30686 (An issue was discovered in ROS2 Iron Irwini versions ROS_VERSION 2 and ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30684 (An insecure logging vulnerability has been identified within ROS2 Iron ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30683 (A buffer overflow vulnerability has been discovered in the C++ compone ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30681 (An OS command injection vulnerability has been discovered in ROS2 Iron ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30680 (Shell injection vulnerability was discovered in ROS2 (Robot Operating ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30679 (An issue was discovered in the default configurations of ROS2 Iron Irw ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30678 (An issue has been discovered in ROS2 Iron Irwini ROS_VERSION 2 and ROS ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30676 (A Denial-of-Service (DoS) vulnerability exists in ROS2 Iron Irwini ver ...) - TODO: check + NOTE: Bogus report on ROS, lacks all details and apparently never reported either CVE-2024-30218 (The ABAP Application Server of SAP NetWeaver as well as ABAP Platforma ...) NOT-FOR-US: SAP CVE-2024-30217 (Cash Management in SAP S/4 HANA does not perform necessary authorizati ...) @@ -984,11 +984,11 @@ CVE-2024-27899 (Self-Registrationand Modify your own profile in User Admin Appli CVE-2024-27898 (SAP NetWeaver application, due to insufficient input validation, allow ...) NOT-FOR-US: SAP CVE-2024-27632 (An issue in GNU Savane v.3.12 and before allows a remote attacker to e ...) - TODO: check + NOT-FOR-US: GNU Savane CVE-2024-27631 (Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and befo ...) - TODO: check + NOT-FOR-US: GNU Savane CVE-2024-27630 (Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and befor ...) - TODO: check + NOT-FOR-US: GNU Savane CVE-2024-25646 (Due to improper validation,SAP BusinessObject Business Intelligence La ...) NOT-FOR-US: SAP CVE-2024-23584 (The NMAP Importer service may expose data store credentials to authori ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7971134980ea7abc211a917ce44b4f75a70a593e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7971134980ea7abc211a917ce44b4f75a70a593e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits