Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3b3a5ce1 by Moritz Muehlenhoff at 2024-02-09T14:37:02+01:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -305,7 +305,7 @@ CVE-2024-24815 (CKEditor4 is an open source what-you-see-is-what-you-get HTML ed CVE-2024-24812 (Frappe is a full-stack web application framework that uses Python and ...) NOT-FOR-US: Frappe Framework CVE-2024-24811 (SQLAlchemyDA is a generic database adapter for ZSQL methods. A vulnera ...) - TODO: check + NOT-FOR-US: SQLAlchemyDA CVE-2024-24771 (Open Forms allows users create and publish smart forms. Versions prior ...) NOT-FOR-US: Open Forms CVE-2024-24706 (Cross-Site Request Forgery (CSRF) vulnerability in Forum One WP-CFM wp ...) @@ -627,7 +627,7 @@ CVE-2024-24112 (xmall v1.1 was discovered to contain a SQL injection vulnerabili CVE-2024-23304 (Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthentica ...) NOT-FOR-US: Cybozu KUNAI for Android CVE-2024-23049 (An issue in symphony v.3.6.3 and before allows a remote attacker to ex ...) - TODO: check + NOT-FOR-US: symphony forum software CVE-2024-22853 (D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password fo ...) NOT-FOR-US: D-LINK CVE-2024-22852 (D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buff ...) @@ -783,7 +783,7 @@ CVE-2024-0244 (Buffer overflow in CPCA PCFAX number process of Office Multifunct CVE-2024-0221 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin ...) NOT-FOR-US: WordPress plugin CVE-2024-0202 (A security vulnerability has been identified in the cryptlib cryptogra ...) - TODO: check + NOT-FOR-US: cryptlib CVE-2023-7029 (The WordPress Button Plugin MaxButtons plugin for WordPress is vulnera ...) NOT-FOR-US: WordPress plugin CVE-2023-7014 (The Author Box, Guest Author and Co-Authors for Your Posts \u2013 Molo ...) @@ -962,7 +962,7 @@ CVE-2024-23109 (An improper neutralization of special elements used in an os com CVE-2024-23108 (An improper neutralization of special elements used in an os command ( ...) NOT-FOR-US: FortiGuard CVE-2024-23054 (An issue in Plone Docker Official Image 5.2.13 (5221) open-source soft ...) - TODO: check + NOT-FOR-US: official Plone Docker image CVE-2024-22567 (File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arb ...) NOT-FOR-US: MCMS CVE-2024-22202 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, ...) @@ -982,9 +982,9 @@ CVE-2023-6874 (Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service CVE-2023-6028 (A reflected cross-site scripting (XSS) vulnerability exists in the SVG ...) NOT-FOR-US: B&R Automation Runtime CVE-2023-5643 (Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver ...) - TODO: check + NOT-FOR-US: Arm CVE-2023-5249 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm ...) - TODO: check + NOT-FOR-US: Arm CVE-2023-52138 (Engrampa is an archive manager for the MATE environment. Engrampa is f ...) - engrampa <unfixed> (bug #1063494) NOTE: https://github.com/mate-desktop/engrampa/security/advisories/GHSA-c98h-v39w-3r7v @@ -1693,7 +1693,7 @@ CVE-2024-21626 (runc is a CLI tool for spawning and running containers on Linux NOTE: https://github.com/opencontainers/runc/commit/ee73091a8d28692fa4868bac81aa40a0b05f9780 NOTE: https://github.com/opencontainers/runc/commit/d8edada9f252873b88043279a71099db71941dea CVE-2024-24579 (stereoscope is a go library for processing container images and simula ...) - TODO: check + NOT-FOR-US: stereoscope CVE-2024-24566 (Lobe Chat is a chatbot framework that supports speech synthesis, multi ...) NOT-FOR-US: Lobe Chat CVE-2024-23637 (OctoPrint is a web interface for 3D printer.s OctoPrint versions up un ...) @@ -56231,7 +56231,7 @@ CVE-2023-27003 CVE-2023-27002 RESERVED CVE-2023-27001 (An issue discovered in Egerie Risk Manager v4.0.5 allows attackers to ...) - TODO: check + NOT-FOR-US: Egerie Risk Manager CVE-2023-27000 (Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 ...) NOT-FOR-US: NetScoutnGeniusOne CVE-2023-26999 (An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker ...) @@ -61193,7 +61193,7 @@ CVE-2023-25367 (Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS allows unfiltered u CVE-2023-25366 (In Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS, insecure SCPI interfa ...) NOT-FOR-US: Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS CVE-2023-25365 (Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows ...) - TODO: check + NOT-FOR-US: October CMS CVE-2023-25364 RESERVED CVE-2023-25363 (A use-after-free vulnerability in WebCore::RenderLayer::updateDescenda ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b3a5ce1c8545722c8dc7d5bb50c267b3af3f6cc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b3a5ce1c8545722c8dc7d5bb50c267b3af3f6cc You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits