Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e4835588 by Salvatore Bonaccorso at 2024-06-25T21:05:58+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -175,57 +175,57 @@ CVE-2024-36682 (In the module "Theme settings"
(pk_themesettings) <= 1.8.8 from
CVE-2024-36681 (SQL Injection vulnerability in the module "Isotope"
(pk_isotope) <=1.7 ...)
NOT-FOR-US: PrestaShop module
CVE-2024-34992 (SQL Injection vulnerability in the module "Help Desk -
Customer Suppor ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2024-34991 (In the module "Axepta" (axepta) before 1.3.4 from Quadra
Informatique ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2024-34988 (SQL injection vulnerability in the module "Complete for Create
a Quote ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2024-33898 (Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 has
Incorre ...)
- TODO: check
+ NOT-FOR-US: Axiros AXESS Auto Configuration Server (ACS)
CVE-2024-32855 (Dell Client Platform BIOS contains an Out-of-bounds Write
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-23159 (A maliciously crafted STP file, when parsed in
stp_aim_x64_vc15d.dll t ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23158 (A maliciously crafted IGES file, when parsed in
ASMImport229A.dll thro ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23157 (A maliciously crafted SLDASM or SLDPRT file, when parsed in
ODXSW_DLL. ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23156 (A maliciously crafted 3DM file, when parsed in opennurbs.dll
and ASMke ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23155 (A maliciously crafted MODEL file, when parsed in
atf_asm_interface.dll ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23154 (A maliciously crafted SLDPRT file, when parsed in
ODXSW_DLL.dll throug ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23153 (A maliciously crafted MODEL file, when parsed in libodx.dll
through Au ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23152 (A maliciously crafted 3DM file, when parsed in opennurbs.dll
through A ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23151 (A maliciously crafted 3DM file, when parsed in ASMkern229A.dll
through ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23150 (A maliciously crafted PRT file, when parsed in odxug_dll.dll
through A ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23149 (A maliciously crafted SLDDRW file, when parsed in
ODXSW_DLL.dll throug ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23148 (A maliciously crafted CATPRODUCT file, when parsed in
CC5Dll.dll throu ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23147 (A maliciously crafted CATPART, X_B and STEP, when parsed in
ASMKERN228 ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23146 (A maliciously crafted X_B and X_T file, when parsed in
pskernel.DLL th ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23145 (A maliciously crafted PRT file, when parsed in opennurbs.dll
through A ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23144 (A maliciously crafted CATPART file, when parsed in CC5Dll.dll
and ASMB ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23143 (A maliciously crafted 3DM, MODEL and X_B file, when parsed in
ASMkern2 ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23142 (A maliciously crafted CATPART, STP, and MODEL file, when
parsed in atf ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23141 (A maliciously crafted MODEL file, when parsed in libodxdll
through Aut ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-23140 (A maliciously crafted 3DM and MODEL file, when parsed in
opennurbs.dll ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-22385 (Incorrect Default Permissions vulnerability in Hitachi Storage
Provide ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-22168 (A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My
Cloud H ...)
TODO: check
CVE-2023-6198 (Use of Hard-coded Credentials vulnerability in Baicells Snap
Router Ba ...)
@@ -259,7 +259,7 @@ CVE-2024-6287 (Incorrect Calculation vulnerability in
Renesas arm-trusted-firmwa
CVE-2024-6285 (Integer Underflow (Wrap or Wraparound) vulnerability in Renesas
arm-tr ...)
TODO: check
CVE-2024-6160 (SQL Injection vulnerability in MegaBIP software allows attacker
to dis ...)
- TODO: check
+ NOT-FOR-US: MegaBIP
CVE-2024-6104 (go-retryablehttp prior to 0.7.7 did not sanitize urls when
writing the ...)
TODO: check
CVE-2024-5862 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
@@ -271,11 +271,11 @@ CVE-2024-4839 (A Cross-Site Request Forgery (CSRF)
vulnerability exists in the '
CVE-2024-4754 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: Next4Biz CRM & BPM Software Business Process Manangement
(BPM)
CVE-2024-4748 (The CRUDDIY project is vulnerable to shell command injection
via sendi ...)
- TODO: check
+ NOT-FOR-US: CRUDDIY project
CVE-2024-3264 (Use of a Broken or Risky Cryptographic Algorithm vulnerability
in Mia ...)
TODO: check
CVE-2024-38373 (FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS.
FreeRTOS ...)
- TODO: check
+ NOT-FOR-US: FreeRTOS-Plus-TCP
CVE-2024-38369 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
NOT-FOR-US: XWiki
CVE-2024-37825 (An issue in EnvisionWare Computer Access & Reservation Control
SelfChe ...)
@@ -311,27 +311,27 @@ CVE-2024-37091 (Improper Neutralization of Special
Elements used in a Command ('
CVE-2024-37089 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
NOT-FOR-US: WordPress plugin
CVE-2024-36497 (The decrypted configuration file contains the password in
cleartext w ...)
- TODO: check
+ NOT-FOR-US: WINSelect
CVE-2024-36496 (The configuration file is encrypted with a static key derived
from a ...)
- TODO: check
+ NOT-FOR-US: WINSelect
CVE-2024-36495 (The application Faronics WINSelect (Standard +
Enterprise)saves its co ...)
- TODO: check
+ NOT-FOR-US: WINSelect
CVE-2024-36038 (Zoho ManageEngine ITOM products versions from128234 to 128248
are affe ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2024-34313 (An issue in VPL Jail System up to v4.0.2 allows attackers to
execute a ...)
- TODO: check
+ NOT-FOR-US: VPL Jail System
CVE-2024-34312 (Virtual Programming Lab for Moodle up to v4.2.3 was discovered
to cont ...)
- TODO: check
+ NOT-FOR-US: Virtual Programming Lab for Moodle
CVE-2024-33881 (An issue was discovered in VirtoSoftware Virto Bulk File
Download 5.5. ...)
- TODO: check
+ NOT-FOR-US: VirtoSoftware Virto Bulk File Download for SharePoint
CVE-2024-33880 (An issue was discovered in VirtoSoftware Virto Bulk File
Download 5.5. ...)
- TODO: check
+ NOT-FOR-US: VirtoSoftware Virto Bulk File Download for SharePoint
CVE-2024-33879 (An issue was discovered in VirtoSoftware Virto Bulk File
Download 5.5. ...)
- TODO: check
+ NOT-FOR-US: VirtoSoftware Virto Bulk File Download for SharePoint
CVE-2024-33687 (Insufficient verification of data authenticity issue exists in
NJ Seri ...)
TODO: check
CVE-2024-33278 (Buffer Overflow vulnerability in ASUS router RT-AX88U with
firmware ve ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2023-49793 (CodeChecker is an analyzer tooling, defect database and viewer
extensi ...)
TODO: check
CVE-2024-39292 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e48355888f10156192a077030be8d3175118ce20
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e48355888f10156192a077030be8d3175118ce20
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
