Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3dd3e771 by Moritz Muehlenhoff at 2024-05-27T13:44:02+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -81,7 +81,7 @@ CVE-2024-30657 CVE-2024-27314 (Zoho ManageEngineServiceDesk Plus versions below14730,ServiceDesk Plus ...) NOT-FOR-US: Zoho CVE-2024-26289 (Deserialization of Untrusted Data vulnerability in PMB Services PMB al ...) - TODO: check + NOT-FOR-US: PMB Services PMB CVE-2024-5375 (A vulnerability has been found in Kashipara College Management System ...) NOT-FOR-US: Kashipara College Management System CVE-2024-5374 (A vulnerability, which was classified as problematic, was found in Kas ...) @@ -163,7 +163,7 @@ CVE-2024-5337 (A vulnerability was found in Ruijie RG-UAC up to 20240516 and cla CVE-2024-5336 (A vulnerability has been found in Ruijie RG-UAC up to 20240516 and cla ...) NOT-FOR-US: Ruijie RG-UAC CVE-2024-30056 (Microsoft Edge (Chromium-based) Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2024-5229 (The Primary Addon for Elementor plugin for WordPress is vulnerable to ...) NOT-FOR-US: WordPress plugin CVE-2024-5220 (The ND Shortcodes plugin for WordPress is vulnerable to Stored Cross-S ...) @@ -181,7 +181,7 @@ CVE-2024-35374 (Mocodo Mocodo Online 4.2.6 and below does not properly sanitize CVE-2024-35373 (Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Exec ...) NOT-FOR-US: Mocodo Mocodo Online CVE-2024-35232 (github.com/huandu/facebook is a Go package that fully supports the Fac ...) - TODO: check + NOT-FOR-US: Huando/Facebook CVE-2024-5318 (An issue has been discovered in GitLab CE/EE affecting all versions st ...) - gitlab <not-affected> (Vulnerable code introduced later) CVE-2024-5315 (Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and al ...) @@ -238,7 +238,7 @@ CVE-2024-33427 CVE-2024-31510 (An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker t ...) TODO: check CVE-2024-22588 (Kwik commit 745fd4e2 does not discard unused encryption keys.) - TODO: check + NOT-FOR-US: Kwik CVE-2023-49575 (A vulnerability has been discovered in VX Search Enterprise affecting ...) NOT-FOR-US: VX Search Enterprise CVE-2023-49574 (A vulnerability has been discovered in VX Search Enterprise affecting ...) @@ -250,7 +250,7 @@ CVE-2023-49572 (A vulnerability has been discovered in VX Search Enterprise affe CVE-2023-47710 (IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site ...) NOT-FOR-US: IBM CVE-2023-46442 (An infinite loop in the retrieveActiveBody function of Soot before v4. ...) - TODO: check + NOT-FOR-US: Soot CVE-2023-52880 (In the Linux kernel, the following vulnerability has been resolved: t ...) - linux 6.6.8-1 [bookworm] - linux 6.1.85-1 @@ -7015,9 +7015,9 @@ CVE-2024-34706 (Valtimo is an open source business process and case management p CVE-2024-34704 (era-compiler-solidity is the ZKsync compiler for Solidity. The proble ...) NOT-FOR-US: era-compiler-solidity CVE-2024-34701 (CreateWiki is Miraheze's MediaWiki extension for requesting & creating ...) - TODO: check + NOT-FOR-US: CreateWiki MediaWiki extension CVE-2024-34699 (GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged ...) - TODO: check + NOT-FOR-US: GZ::CTF CVE-2024-34698 (FreeScout is a free, self-hosted help desk and shared mailbox. Version ...) NOT-FOR-US: FreeScout CVE-2024-34697 (FreeScout is a free, self-hosted help desk and shared mailbox. A store ...) @@ -7037,7 +7037,7 @@ CVE-2024-34416 (Unrestricted Upload of File with Dangerous Type vulnerability in CVE-2024-34411 (Unrestricted Upload of File with Dangerous Type vulnerability in Thoma ...) NOT-FOR-US: WordPress plugin CVE-2024-34353 (The matrix-sdk-crypto crate, part of the Matrix Rust SDK project, is a ...) - TODO: check + NOT-FOR-US: matrix-sdk-crypto Rust crate CVE-2024-34340 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m @@ -90576,7 +90576,7 @@ CVE-2023-27298 (Uncontrolled search path in the WULT software maintained by Inte CVE-2023-25772 (Improper input validation in the Intel(R) Retail Edge Mobile Android a ...) NOT-FOR-US: Intel CVE-2023-24460 (Incorrect default permissions in some Intel(R) GPA software installers ...) - TODO: check + NOT-FOR-US: Intel CVE-2023-23572 (Cross-site scripting vulnerability in SEIKO EPSON printers/network int ...) NOT-FOR-US: Epson CVE-2023-1151 (A vulnerability was found in SourceCodester Electronic Medical Records ...) @@ -90898,7 +90898,7 @@ CVE-2023-1113 (A vulnerability was found in SourceCodester Simple Payroll System CVE-2023-1112 (A vulnerability was found in Drag and Drop Multiple File Upload Contac ...) NOT-FOR-US: Drag and Drop Multiple File Upload Contact Form CVE-2023-1111 (A vulnerability was found in FastCMS up to 0.1.5 and classified as pro ...) - TODO: check + NOT-FOR-US: FastCMS CVE-2023-1110 (The Yellow Yard Searchbar WordPress plugin before 2.8.12 does not vali ...) NOT-FOR-US: WordPress plugin CVE-2022-4926 (Insufficient policy enforcement in Intents in Google Chrome on Android ...) @@ -92839,7 +92839,7 @@ CVE-2023-26568 (Unauthenticated SQL injection in the GetStudentGroupStudents met CVE-2023-26567 (Sangoma FreePBX 1805 through 2302 (when obtained as a ,.ISO file) plac ...) NOT-FOR-US: Sangoma CVE-2023-26566 (Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credenti ...) - TODO: check + NOT-FOR-US: Sangoma CVE-2023-26565 RESERVED CVE-2023-26564 (The Syncfusion EJ2 ASPCore File Provider 3ac357f is vulnerable to Mode ...) @@ -93005,7 +93005,7 @@ CVE-2023-26542 (Cross-Site Request Forgery (CSRF) vulnerability in Exeebit phpin CVE-2023-26541 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex ...) NOT-FOR-US: WordPress plugin CVE-2023-26540 (Improper Privilege Management vulnerability in Favethemes Houzez allow ...) - TODO: check + NOT-FOR-US: Favethemes Houzez CVE-2023-26539 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Max ...) NOT-FOR-US: WordPress plugin CVE-2023-26538 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kamy ...) @@ -93033,7 +93033,7 @@ CVE-2023-26528 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-26527 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPIn ...) NOT-FOR-US: WordPress plugin CVE-2023-26526 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-26525 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) NOT-FOR-US: WordPress plugin CVE-2023-26524 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz An ...) @@ -93117,7 +93117,7 @@ CVE-2023-1003 (A vulnerability, which was classified as critical, was found in T CVE-2023-1002 (A vulnerability, which was classified as problematic, has been found i ...) NOT-FOR-US: MuYuCMS CVE-2023-1001 (A vulnerability, which was classified as problematic, has been found i ...) - TODO: check + NOT-FOR-US: xuliangzhan vxe-table CVE-2023-1000 (A vulnerability was found in cyanomiko dcnnt-py up to 0.9.0. It has be ...) NOT-FOR-US: dcnnt-py CVE-2023-0999 (A vulnerability classified as problematic was found in SourceCodester ...) @@ -94633,7 +94633,7 @@ CVE-2023-26011 (Cross-Site Request Forgery (CSRF) vulnerability in Tim Eckel Rea CVE-2023-26010 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPMo ...) NOT-FOR-US: WordPress plugin CVE-2023-26009 (Improper Privilege Management vulnerability in favethemes Houzez Login ...) - TODO: check + NOT-FOR-US: Favethemes Houzez CVE-2023-26008 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ajay ...) NOT-FOR-US: WordPress plugin CVE-2023-26007 @@ -95601,7 +95601,7 @@ CVE-2023-25703 CVE-2023-25702 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Full ...) NOT-FOR-US: WordPress plugin CVE-2023-25701 (Improper Privilege Management vulnerability in WhatArmy WatchTowerHQ a ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25700 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) NOT-FOR-US: WordPress plugin CVE-2023-25699 (Improper Neutralization of Special Elements used in an OS Command ('OS ...) @@ -96712,7 +96712,7 @@ CVE-2023-25446 CVE-2023-25445 RESERVED CVE-2023-25444 (Unrestricted Upload of File with Dangerous Type vulnerability in JS He ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25443 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button ...) NOT-FOR-US: WordPress plugin CVE-2023-25442 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Marc ...) @@ -97698,7 +97698,7 @@ CVE-2023-25052 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-25051 (Cross-Site Request Forgery (CSRF) vulnerability in Denishua Comment Re ...) NOT-FOR-US: WordPress plugin CVE-2023-25050 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25049 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in impl ...) NOT-FOR-US: WordPress plugin CVE-2023-25048 @@ -99871,7 +99871,7 @@ CVE-2023-24381 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-24380 (Cross-Site Request Forgery (CSRF) vulnerability in Webbjocke Simple Wp ...) NOT-FOR-US: WordPress plugin CVE-2023-24379 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-24378 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2023-24377 (Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecw ...) @@ -100322,9 +100322,9 @@ CVE-2023-24206 (Davinci v0.3.0-rc was discovered to contain a SQL injection vuln CVE-2023-24205 (Clash for Windows v0.20.12 was discovered to contain a remote code exe ...) NOT-FOR-US: Clash for Windows CVE-2023-24204 (SQL injection vulnerability in SourceCodester Simple Customer Relation ...) - TODO: check + NOT-FOR-US: SourceCodester CVE-2023-24203 (Cross Site Scripting vulnerability in SourceCodester Simple Customer R ...) - TODO: check + NOT-FOR-US: SourceCodester CVE-2023-24202 (Raffle Draw System v1.0 was discovered to contain a local file inclusi ...) NOT-FOR-US: Raffle Draw System CVE-2023-24201 (Raffle Draw System v1.0 was discovered to contain a SQL injection vuln ...) @@ -100822,11 +100822,11 @@ CVE-2023-23992 (Cross-Site Request Forgery (CSRF) vulnerability in AutomatorWP p CVE-2023-23991 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) NOT-FOR-US: WordPress plugin CVE-2023-23990 (Improper Privilege Management vulnerability in Qube One Ltd. Redirecti ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23989 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) NOT-FOR-US: WordPress plugin CVE-2023-23988 (Missing Authorization vulnerability in Joseph C Dolson My Tickets.This ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23987 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEv ...) NOT-FOR-US: WordPress plugin CVE-2023-23986 @@ -101136,7 +101136,7 @@ CVE-2023-23890 (Cross-Site Request Forgery (CSRF) vulnerability in LJ Apps WP Ai CVE-2023-23889 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2023-23888 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23887 RESERVED CVE-2023-23886 @@ -101168,7 +101168,7 @@ CVE-2023-23874 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi CVE-2023-23873 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2023-23872 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23871 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Webd ...) NOT-FOR-US: WordPress plugin CVE-2023-23870 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpde ...) @@ -101726,7 +101726,7 @@ CVE-2023-23702 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-23701 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2023-23700 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23699 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2023-0342 (MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM k ...) @@ -101883,7 +101883,7 @@ CVE-2023-23647 (Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability CVE-2023-23646 (Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gal ...) NOT-FOR-US: WordPress plugin CVE-2023-23645 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23644 RESERVED CVE-2023-23643 @@ -103911,7 +103911,7 @@ CVE-2023-22926 CVE-2023-22925 RESERVED CVE-2023-22656 (Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL soft ...) - TODO: check + NOT-FOR-US: Intel CVE-2023-22433 RESERVED CVE-2023-22426 @@ -116862,7 +116862,7 @@ CVE-2022-45376 (Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side C CVE-2022-45375 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2022-45374 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45373 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) NOT-FOR-US: WordPress plugin CVE-2022-45372 (Cross-Site Request Forgery (CSRF) vulnerability in Codeixer Product Ga ...) @@ -116874,7 +116874,7 @@ CVE-2022-45370 (Improper Neutralization of Formula Elements in a CSV File vulner CVE-2022-45369 (Auth. (subscriber+) Broken Access Control vulnerability in Plugin for ...) NOT-FOR-US: WordPress plugin CVE-2022-45368 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45367 (Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Cus ...) NOT-FOR-US: WordPress plugin CVE-2022-45366 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jason Cr ...) @@ -117677,7 +117677,7 @@ CVE-2022-45072 (Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilin CVE-2022-45071 (Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual C ...) NOT-FOR-US: WordPress plugin CVE-2022-45070 (Missing Authorization vulnerability in FmeAddons Conditional Checkout ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45069 (Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal ...) NOT-FOR-US: WordPress plugin CVE-2022-45068 (Cross-Site Request Forgery (CSRF) vulnerability in Mercado Pago Mercad ...) @@ -120201,7 +120201,7 @@ CVE-2022-44583 (Unauth. Arbitrary File Download vulnerability in WatchTowerHQ pl CVE-2022-44582 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Appt ...) NOT-FOR-US: WordPress plugin CVE-2022-44581 (Insecure Storage of Sensitive Information vulnerability in WPMU DEV De ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-44580 (SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Google Re ...) NOT-FOR-US: WordPress plugin CVE-2022-44579 @@ -122965,7 +122965,6 @@ CVE-2023-20240 (Multiple vulnerabilities in Cisco Secure Client Software, former NOT-FOR-US: Cisco CVE-2023-20239 REJECTED - TODO: check CVE-2023-20238 (A vulnerability in the single sign-on (SSO) implementation of Cisco Br ...) NOT-FOR-US: Cisco CVE-2023-20237 (A vulnerability in Cisco Intersight Virtual Appliance could allow an u ...) @@ -129842,7 +129841,7 @@ CVE-2022-40207 (Improper access control in the Intel(R) SUR software before vers CVE-2022-38101 (Uncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update ...) NOT-FOR-US: Intel CVE-2022-37410 (Improper access control for some Intel(R) Thunderbolt driver software ...) - TODO: check + NOT-FOR-US: Intel CVE-2022-37409 (Insufficient control flow management for the Intel(R) IPP Cryptography ...) NOT-FOR-US: Intel CVE-2022-41743 (NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in t ...) @@ -141843,7 +141842,7 @@ CVE-2022-37348 (Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to a CVE-2022-37347 (Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out- ...) NOT-FOR-US: Trend Micro CVE-2022-37341 (Improper access control in some Intel(R) Ethernet Adapters and Intel(R ...) - TODO: check + NOT-FOR-US: Intel CVE-2022-37340 (Uncontrolled search path in some Intel(R) QAT drivers for Windows befo ...) NOT-FOR-US: Intel CVE-2022-37326 (Docker Desktop for Windows before 4.6.0 allows attackers to delete (or ...) @@ -168089,7 +168088,7 @@ CVE-2022-28134 (Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier do CVE-2022-28133 (Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not ...) NOT-FOR-US: Jenkins plugin CVE-2022-28132 (The T-Soft E-Commerce 4 web application is susceptible to SQL injectio ...) - TODO: check + NOT-FOR-US: T-Soft E-Commerce 4 web application CVE-2022-28131 (Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17. ...) - golang-1.18 1.18.4-1 - golang-1.15 <removed> @@ -225973,17 +225972,17 @@ CVE-2021-33164 (Improper access control in BIOS firmware for some Intel(R) NUCs CVE-2021-33163 REJECTED CVE-2021-33162 (Improper access control in some Intel(R) Ethernet Adapters and Intel(R ...) - TODO: check + NOT-FOR-US: Intel CVE-2021-33161 (Improper input validation in some Intel(R) Ethernet Adapters and Intel ...) - TODO: check + NOT-FOR-US: Intel CVE-2021-33160 REJECTED CVE-2021-33159 (Improper authentication in subsystem for Intel(R) AMT before versions ...) NOT-FOR-US: Intel CVE-2021-33158 (Improper neutralization in some Intel(R) Ethernet Adapters and Intel(R ...) - TODO: check + NOT-FOR-US: Intel CVE-2021-33157 (Insufficient control flow management in some Intel(R) Ethernet Adapter ...) - TODO: check + NOT-FOR-US: Intel CVE-2021-33156 REJECTED CVE-2021-33155 (Improper input validation in firmware for some Intel(R) Wireless Bluet ...) @@ -226005,17 +226004,17 @@ CVE-2021-33148 CVE-2021-33147 (Improper conditions check in the Intel(R) IPP Crypto library before ve ...) NOT-FOR-US: Intel CVE-2021-33146 (Improper input validation in some Intel(R) Ethernet Adapters and Intel ...) - TODO: check + NOT-FOR-US: Intel CVE-2021-33145 (Uncaught exception in some Intel(R) Ethernet Adapters and Intel(R) Eth ...) - TODO: check + NOT-FOR-US: Intel CVE-2021-33144 REJECTED CVE-2021-33143 REJECTED CVE-2021-33142 (Improper input validation in some Intel(R) Ethernet Adapters and Intel ...) - TODO: check + NOT-FOR-US: Intel CVE-2021-33141 (Improper input validation in some Intel(R) Ethernet Adapters and Intel ...) - TODO: check + NOT-FOR-US: Intel CVE-2021-33140 REJECTED CVE-2021-33139 (Improper conditions check in firmware for some Intel(R) Wireless Bluet ...) @@ -253122,7 +253121,7 @@ CVE-2021-22510 (Reflected XSS vulnerability in Micro Focus Application Automatio CVE-2021-22509 RESERVED CVE-2021-22508 (A potential vulnerability has been identified for OpenText Operations ...) - TODO: check + NOT-FOR-US: OpenText Operations Bridge Reporter CVE-2021-22507 (Authentication bypass vulnerability in Micro Focus Operations Bridge M ...) NOT-FOR-US: Micro Focus CVE-2021-22506 (Advance configuration exposing Information Leakage vulnerability in Mi ...) @@ -253578,7 +253577,7 @@ CVE-2021-22282 (Improper Control of Generation of Code ('Code Injection') vulner CVE-2021-22281 (: Relative Path Traversal vulnerability in B&R Industrial Automation A ...) NOT-FOR-US: B&R Industrial Automation Automation Studio CVE-2021-22280 (Improper DLL loading algorithms in B&R Automation Studio versions >=4. ...) - TODO: check + NOT-FOR-US: B&R Industrial Automation Automation Studio CVE-2021-22279 (A Missing Authentication vulnerability in RobotWare for the OmniCore r ...) NOT-FOR-US: ABB / OmniCore robot controller CVE-2021-22278 (A certificate validation vulnerability in PCM600 Update Manager allows ...) @@ -261965,7 +261964,7 @@ CVE-2020-35167 (Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and De CVE-2020-35166 (Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSA ...) NOT-FOR-US: Dell CVE-2020-35165 (Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSA ...) - TODO: check + NOT-FOR-US: Dell CVE-2020-35164 (Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSA ...) NOT-FOR-US: Dell CVE-2020-35163 (Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSA ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3dd3e7712e90de8203011bb1ec2e7b4d1e53e925 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3dd3e7712e90de8203011bb1ec2e7b4d1e53e925 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits