Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ac65edf0 by Salvatore Bonaccorso at 2024-01-25T21:31:18+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,39 +1,39 @@ CVE-2024-23855 (A vulnerability has been reported in Cups Easy (Purchase & Inventory), ...) - TODO: check + NOT-FOR-US: Cups Easy (Purchase & Inventory) CVE-2024-23817 (Dolibarr is an enterprise resource planning (ERP) and customer relatio ...) TODO: check CVE-2024-23656 (Dex is an identity service that uses OpenID Connect to drive authentic ...) TODO: check CVE-2024-23655 (Tuta is an encrypted email service. Starting in version 3.118.12 and p ...) - TODO: check + NOT-FOR-US: Tuta CVE-2024-22749 (GPAC v2.3 was detected to contain a buffer overflow via the function g ...) TODO: check CVE-2024-22729 (NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command i ...) - TODO: check + NOT-FOR-US: NETIS SYSTEMS MW5360 CVE-2024-22529 (TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vuln ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-22432 (Networker 19.9 and all prior versions contains a Plain-text Password s ...) - TODO: check + NOT-FOR-US: Dell Networker CVE-2024-21630 (Zulip is an open-source team collaboration tool. A vulnerability in ve ...) - TODO: check + NOT-FOR-US: Zulip CVE-2024-0883 (A vulnerability was found in SourceCodester Online Tours & Travels Man ...) - TODO: check + NOT-FOR-US: SourceCodester Online Tours & Travels Management System CVE-2024-0882 (A vulnerability was found in qwdigital LinkWechat 5.1.0. It has been c ...) - TODO: check + NOT-FOR-US: qwdigital LinkWechat CVE-2024-0880 (A vulnerability was found in Qidianbang qdbcrm 1.1.0 and classified as ...) - TODO: check + NOT-FOR-US: Qidianbang qdbcrm CVE-2024-0879 (Authentication bypass in vector-admin allows a user to register to a v ...) TODO: check CVE-2023-7227 (SystemK NVR 504/508/516 versions 2.3.5SK.30084998 and prior are vulner ...) - TODO: check + NOT-FOR-US: SystemK NVR 504/508/516 CVE-2023-6282 (IceHrm 23.0.0.OS does not sufficiently encode user-controlled input, w ...) - TODO: check + NOT-FOR-US: IceHrm CVE-2023-52076 (Atril Document Viewer is the default document reader of the MATE deskt ...) - atril <unfixed> NOTE: https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37 NOTE: https://github.com/mate-desktop/atril/commit/e70b21c815418a1e6ebedf6d8d31b8477c03ba50 CVE-2023-41474 (Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2023-3181 (The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst ...) TODO: check CVE-2024-23985 (EzServer 6.4.017 allows a denial of service (daemon crash) via a long ...) @@ -118,7 +118,7 @@ CVE-2024-23646 (Pimcore's Admin Classic Bundle provides a backend user interface CVE-2024-23644 (Trillium is a composable toolkit for building internet applications wi ...) NOT-FOR-US: Trillium CVE-2024-23641 (SvelteKit is a web development kit. In SvelteKit 2, sending a GET requ ...) - TODO: check + NOT-FOR-US: SvelteKit CVE-2024-22725 (Orthanc versions before 1.12.2 are affected by a reflected cross-site ...) - orthanc 1.12.2+dfsg-1 NOTE: https://orthanc.uclouvain.be/hg/orthanc/rev/505416b269a0 @@ -60185,7 +60185,7 @@ CVE-2023-24678 (A vulnerability in Centralite Pearl Thermostat 0x04075010 allows CVE-2023-24677 RESERVED CVE-2023-24676 (An issue found in Processwire 3.0.210 allows attackers to execute arbi ...) - TODO: check + NOT-FOR-US: Processwire CVE-2023-24675 (Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attack ...) NOT-FOR-US: BluditCMS CVE-2023-24674 (Permissions vulnerability found in Bludit CMS v.4.0.0 allows local att ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac65edf0ccb12e4955fcc21039f02eee8b2b19c4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac65edf0ccb12e4955fcc21039f02eee8b2b19c4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits