Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
77ff416d by Salvatore Bonaccorso at 2024-01-10T16:35:57+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,13 +15,13 @@ CVE-2024-0359 (A vulnerability was found in code-projects
Simple Online Hotel Re
CVE-2024-0358 (A vulnerability was found in DeShang DSO2O up to 4.1.0. It has
been cl ...)
NOT-FOR-US: DeShang DSO2O
CVE-2024-0357 (A vulnerability was found in coderd-repos Eva 1.0.0 and
classified as ...)
- TODO: check
+ NOT-FOR-US: coderd-repos Eva
CVE-2024-0356 (A vulnerability has been found in Mandelo ssm_shiro_blog 1.0
and class ...)
NOT-FOR-US: Mandelo ssm_shiro_blog
CVE-2024-0355 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
NOT-FOR-US: PHPGurukul Dairy Farm Shop Management System
CVE-2024-0354 (A vulnerability, which was classified as critical, has been
found in u ...)
- TODO: check
+ NOT-FOR-US: unknown-o download-station
CVE-2024-0352 (A vulnerability classified as critical was found in Likeshop up
to 2.5 ...)
NOT-FOR-US: Likeshop
CVE-2024-0351 (A vulnerability classified as problematic has been found in
SourceCode ...)
@@ -39,7 +39,7 @@ CVE-2024-0346 (A vulnerability has been found in CodeAstro
Vehicle Booking Syste
CVE-2024-0345 (A vulnerability, which was classified as problematic, was found
in Cod ...)
NOT-FOR-US: CodeAstro Vehicle Booking System
CVE-2024-0344 (A vulnerability, which was classified as critical, has been
found in s ...)
- TODO: check
+ NOT-FOR-US: soxft TimeMail
CVE-2023-5770 (Proofpoint Enterprise Protection contains a vulnerability in
the email ...)
NOT-FOR-US: Proofpoint Enterprise Protection
CVE-2023-50136 (Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0
allows att ...)
@@ -243,7 +243,7 @@ CVE-2023-51439 (A vulnerability has been identified in
JT2Go (All versions < V14
CVE-2023-51438 (A vulnerability has been identified in SIMATIC IPC1047E (All
versions ...)
NOT-FOR-US: Siemens
CVE-2023-50974 (In Appwrite CLI before 3.0.0, when using the login command,
the creden ...)
- TODO: check
+ NOT-FOR-US: Appwrite CLI
CVE-2023-50585 (Tenda A18 v15.13.07.09 was discovered to contain a stack
overflow via ...)
NOT-FOR-US: Tenda
CVE-2023-49722 (Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50
product ...)
@@ -293,7 +293,7 @@ CVE-2023-41056 [Buffer overflow in certain payloads may
lead to remote code exec
[bullseye] - redis <not-affected> (Vulnerable code not present)
[buster] - redis <not-affected> (Vulnerable code not present)
NOTE: Introduced with changes from:
https://github.com/redis/redis/pull/11766 (which landed
- NOTE: in 7.2, but which also got backported to the 7.0. branch)
+ NOTE: in 7.2, but which also got backported to the 7.0. branch)
NOTE:
https://github.com/redis/redis/commit/e351099e1119fb89496be578f5232c61ce300224
(7.0.15)
CVE-2024-22125 (Under certain conditions the Microsoft Edge browser extension
(SAP GUI ...)
NOT-FOR-US: SAP
@@ -356,11 +356,11 @@ CVE-2023-51408 (Exposure of Sensitive Information to an
Unauthorized Actor vulne
CVE-2023-51406 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
NOT-FOR-US: WordPress plugin
CVE-2023-50932 (An issue was discovered in savignano S/Notify before 4.0.2 for
Conflue ...)
- TODO: check
+ NOT-FOR-US: savignano S/Notify
CVE-2023-50931 (An issue was discovered in savignano S/Notify before 2.0.1 for
Bitbuck ...)
- TODO: check
+ NOT-FOR-US: savignano S/Notify
CVE-2023-50930 (An issue was discovered in savignano S/Notify before 4.0.2 for
Jira. W ...)
- TODO: check
+ NOT-FOR-US: savignano S/Notify
CVE-2023-50643 (An issue in Evernote Evernote for MacOS v.10.68.2 allows a
remote atta ...)
NOT-FOR-US: Evernote
CVE-2023-50162 (SQL injection vulnerability in EmpireCMS v7.5, allows remote
attackers ...)
@@ -368,7 +368,7 @@ CVE-2023-50162 (SQL injection vulnerability in EmpireCMS
v7.5, allows remote att
CVE-2023-49961 (WALLIX Bastion 7.x, 8.x, 9.x and 10.x and WALLIX Access
Manager 3.x an ...)
NOT-FOR-US: WALLIX Access Manager
CVE-2023-49238 (In Gradle Enterprise before 2023.1, a remote attacker may be
able to g ...)
- TODO: check
+ NOT-FOR-US: Gradle Enterprise
CVE-2023-46906 (juzaweb <= 3.4 is vulnerable to Incorrect Access Control,
resulting in ...)
NOT-FOR-US: juzaweb
CVE-2023-39336 (An unspecified SQL Injection vulnerability in Ivanti Endpoint
Manager ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77ff416de977dbc33061f213e26f701fd56290ba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77ff416de977dbc33061f213e26f701fd56290ba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
