Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3ce5b033 by Salvatore Bonaccorso at 2024-07-10T11:38:23+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -21,19 +21,19 @@ CVE-2024-4866 (The UltraAddons \u2013 Elementor Addons (Header Footer Builder, C CVE-2024-39927 (Out-of-bounds write vulnerability exists in Ricoh MFPs and printers. I ...) NOT-FOR-US: Ricoh CVE-2024-39901 (OpenSearch Observability is collection of plugins and applications tha ...) - TODO: check + NOT-FOR-US: OpenSearch Observability collection of plugins and applications CVE-2024-39900 (OpenSearch Dashboards Reports allows \u2018Report Owner\u2019 export a ...) - TODO: check + NOT-FOR-US: OpenSearch Dashboards Reports CVE-2024-39886 (TONE store App version 3.4.2 and earlier contains an issue with unprot ...) - TODO: check + NOT-FOR-US: TONE CVE-2024-39883 (Delta Electronics CNCSoft-G2 lacks proper validation of the length of ...) - TODO: check + NOT-FOR-US: Delta Electronics CVE-2024-39882 (Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied ...) - TODO: check + NOT-FOR-US: Delta Electronics CVE-2024-39881 (Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied ...) - TODO: check + NOT-FOR-US: Delta Electronics CVE-2024-39880 (Delta Electronics CNCSoft-G2 lacks proper validation of the length of ...) - TODO: check + NOT-FOR-US: Delta Electronics CVE-2024-39614 (An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2. ...) - python-django 3:4.2.14-1 (bug #1076069) NOTE: https://www.djangoproject.com/weblog/2024/jul/09/security-releases/ @@ -47,31 +47,31 @@ CVE-2024-39329 (An issue was discovered in Django 5.0 before 5.0.7 and 4.2 befor NOTE: https://www.djangoproject.com/weblog/2024/jul/09/security-releases/ NOTE: https://github.com/django/django/commit/156d3186c96e3ec2ca73b8b25dc2ef366e38df14 (4.2.14) CVE-2024-39181 (Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered ...) - TODO: check + NOT-FOR-US: Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 CVE-2024-39072 (AMTT Hotel Broadband Operation System (HiBOS) v3.0.3.151204 is vulnera ...) - TODO: check + NOT-FOR-US: AMTT Hotel Broadband Operation System (HiBOS) CVE-2024-39071 (Fujian Kelixun <=7.6.6.4391 is vulnerable to SQL Injection in send_eve ...) - TODO: check + NOT-FOR-US: Fujian Kelixun CVE-2024-39069 (An issue in ifood Order Manager v3.35.5 'Gestor de Peddios.exe' allows ...) - TODO: check + NOT-FOR-US: ifood Order Manager CVE-2024-39031 (In Silverpeas Core <= 6.3.5, inside of mes agendas a user can create a ...) - TODO: check + NOT-FOR-US: Silverpeas Core CVE-2024-38963 (Nopcommerce 4.70.1 is vulnerable to Cross Site Scripting (XSS) via the ...) - TODO: check + NOT-FOR-US: Nopcommerce CVE-2024-38959 (Cross Site Scripting vulnerability in Creativeitem Academy LMS Learnin ...) - TODO: check + NOT-FOR-US: Creativeitem Academy LMS Learning Management System CVE-2024-38875 (An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0 ...) - python-django 3:4.2.14-1 (bug #1076069) NOTE: https://www.djangoproject.com/weblog/2024/jul/09/security-releases/ NOTE: https://github.com/django/django/commit/79f368764295df109a37192f6182fb6f361d85b5 (4.2.14) CVE-2024-38301 (Dell Alienware Command Center, version 5.7.3.0 and prior, contains an ...) - TODO: check + NOT-FOR-US: Dell Alienware Command Center CVE-2024-37865 (An issue in S3Browser v.11.4.5 and v.10.9.9 and fixed in v.11.5.7 allo ...) TODO: check CVE-2024-37829 (An issue in Outline <= v0.76.1 allows attackers to execute a session h ...) TODO: check CVE-2024-36676 (Incorrect access control in BookStack before v24.05.1 allows attackers ...) - TODO: check + NOT-FOR-US: bookstack CVE-2024-36453 (Cross-site scripting vulnerability exists in session_login.cgi of Webm ...) TODO: check CVE-2024-36452 (Cross-site request forgery vulnerability exists in ajaxterm module of ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ce5b033da4f29c7d04811d7a40e7198a284312b -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ce5b033da4f29c7d04811d7a40e7198a284312b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits