Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c5032aa1 by Salvatore Bonaccorso at 2024-01-13T17:11:48+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6,7 +6,7 @@ CVE-2024-23301 (Relax-and-Recover (aka ReaR) through 2.7
creates a world-readabl
CVE-2024-22209 (Open edX Platform is a service-oriented platform for authoring
and del ...)
NOT-FOR-US: Open edX
CVE-2024-22206 (Clerk helps developers build user management. Unauthorized
access or p ...)
- TODO: check
+ NOT-FOR-US: Clerk
CVE-2024-22142 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: Cozmoslabs Profile Builder Pro
CVE-2024-22137 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -50,9 +50,9 @@ CVE-2024-0251 (The Advanced Woo Search plugin for WordPress
is vulnerable to Ref
CVE-2024-0230 (A session management issue was addressed with improved checks.
This is ...)
NOT-FOR-US: Magic Keyboard Firmware Update
CVE-2023-52289 (An issue was discovered in the flaskcode package through 0.0.8
for Pyt ...)
- TODO: check
+ NOT-FOR-US: flaskcode for Python
CVE-2023-52288 (An issue was discovered in the flaskcode package through 0.0.8
for Pyt ...)
- TODO: check
+ NOT-FOR-US: flaskcode for Python
CVE-2023-51805 (SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0
allows ...)
NOT-FOR-US: TDuckCLoud tduck-platform
CVE-2023-51804 (An issue in rymcu forest v.0.02 allows a remote attacker to
obtain sen ...)
@@ -95,9 +95,9 @@ CVE-2023-48297 (Discourse is a platform for community
discussion. The message se
CVE-2023-48166 (A directory traversal vulnerability in the SOAP Server
integrated in A ...)
NOT-FOR-US: Unify
CVE-2023-46943 (An issue was discovered in NPM's package @evershop/evershop
before ver ...)
- TODO: check
+ NOT-FOR-US: evershop Nodejs module
CVE-2023-46942 (Lack of authentication in NPM's package @evershop/evershop
before vers ...)
- TODO: check
+ NOT-FOR-US: evershop Nodejs module
CVE-2023-42463 (Wazuh is a free and open source platform used for threat
prevention, d ...)
NOT-FOR-US: Wazuh
CVE-2023-33472 (An issue was discovered in Scada-LTS v2.7.5.2 build 4551883606
and bef ...)
@@ -184,7 +184,7 @@ CVE-2023-49254 (Authenticated user can execute arbitrary
commands in the context
CVE-2023-49253 (Root user password is hardcoded into the device and cannot be
changed ...)
NOT-FOR-US: Hongdian
CVE-2023-48909 (An issue was discovered in Jave2 version 3.3.1, allows
attackers to ex ...)
- TODO: check
+ NOT-FOR-US: Jave2
CVE-2023-46805 (An authentication bypass vulnerability in the web component of
Ivanti ...)
NOT-FOR-US: Ivanti
CVE-2010-10011 (A vulnerability, which was classified as problematic, was
found in Acr ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5032aa17e7c8a24453d1876f62ac2278d7d9dcd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5032aa17e7c8a24453d1876f62ac2278d7d9dcd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
