Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: df1f4602 by Salvatore Bonaccorso at 2024-07-08T22:27:02+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,29 +1,29 @@ CVE-2024-6580 (The /n software IPWorks SSH library SFTPServer component can be induce ...) - TODO: check + NOT-FOR-US: /n software IPWorks SSH library SFTPServer component CVE-2024-6564 (Buffer overflow in "rcar_dev_init" due to using due to using untruste ...) TODO: check CVE-2024-6563 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...) TODO: check CVE-2024-6227 (A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to c ...) - TODO: check + NOT-FOR-US: aimhubio/aim CVE-2024-6163 (Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, < ...) TODO: check CVE-2024-4882 (The user may be redirected to an arbitrary site in Sitefinity 15.1.832 ...) - TODO: check + NOT-FOR-US: Sitefinity CVE-2024-4341 (Improper Privilege Management vulnerability in Ekstrem Bir Bilgisayar ...) - TODO: check + NOT-FOR-US: Ekstrem Bir Bilgisayar Danismanlik Ic Ve Dis Ticaret Ltd. Sti. Extreme XDS CVE-2024-39896 (Directus is a real-time API and App dashboard for managing SQL databas ...) - TODO: check + NOT-FOR-US: Directus CVE-2024-39895 (Directus is a real-time API and App dashboard for managing SQL databas ...) - TODO: check + NOT-FOR-US: Directus CVE-2024-39743 (IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to ...) NOT-FOR-US: IBM CVE-2024-39742 (IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to ...) NOT-FOR-US: IBM CVE-2024-39701 (Directus is a real-time API and App dashboard for managing SQL databas ...) - TODO: check + NOT-FOR-US: Directus CVE-2024-39699 (Directus is a real-time API and App dashboard for managing SQL databas ...) - TODO: check + NOT-FOR-US: Directus CVE-2024-39695 (Exiv2 is a command-line utility and C++ library for reading, writing, ...) TODO: check CVE-2024-39677 (NHibernate is an object-relational mapper for the .NET framework. A SQ ...) @@ -33,15 +33,15 @@ CVE-2024-39312 (Botan is a C++ cryptography library. X.509 certificates can iden CVE-2024-39308 (RailsAdmin is a Rails engine that provides an interface for managing d ...) TODO: check CVE-2024-39203 (A cross-site scripting (XSS) vulnerability in the Backend Theme Manage ...) - TODO: check + NOT-FOR-US: Backend Theme Management module of Z-BlogPHP CVE-2024-39202 (D-Link DIR-823X firmware - 240126 was discovered to contain a remote c ...) - TODO: check + NOT-FOR-US: D-Link CVE-2024-37999 (A vulnerability has been identified in Medicalis Workflow Orchestrator ...) - TODO: check + NOT-FOR-US: Medicalis Workflow Orchestrator CVE-2024-34702 (Botan is a C++ cryptography library. X.509 certificates can identify e ...) TODO: check CVE-2024-31504 (Buffer Overflow vulnerability in SILA Embedded Solutions GmbH freemodb ...) - TODO: check + NOT-FOR-US: SILA Embedded Solutions GmbH freemodbus CVE-2024-27903 (OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be lo ...) TODO: check CVE-2024-27459 (The interactive service in OpenVPN 2.6.9 and earlier allows an attacke ...) @@ -51,7 +51,7 @@ CVE-2024-25639 (Khoj is an application that creates personal AI agents. The Khoj CVE-2024-24974 (The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVP ...) TODO: check CVE-2024-23562 (A security vulnerability in HCL Domino could allow disclosure of sensi ...) - TODO: check + NOT-FOR-US: HCL Domino CVE-2024-21778 (A heap-based buffer overflow vulnerability exists in the configuration ...) TODO: check CVE-2024-1305 (tap-windows6 driver version 9.26 and earlier does not properly check ...) @@ -109,7 +109,7 @@ CVE-2024-37528 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19 CVE-2024-37389 (Apache NiFi 1.10.0 through 1.26.0 and 2.0.0-M1 through 2.0.0-M3 suppor ...) NOT-FOR-US: Apache NiFi CVE-2024-34603 (Improper access control in Samsung Message prior to SMR Jul-2024 Relea ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-34602 (Use of implicit intent for sensitive communication in Samsung Messages ...) NOT-FOR-US: Samsung CVE-2024-31897 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df1f4602c05ce4522b0568d712c5f49a672c1a28 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df1f4602c05ce4522b0568d712c5f49a672c1a28 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits