Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8066c189 by Salvatore Bonaccorso at 2024-03-05T21:20:00+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,27 +11,27 @@ CVE-2024-2053 (The Artica Proxy administrative web
application will deserialize
CVE-2024-2005 (Blue Planet\xae has released software updates that address this
vulner ...)
TODO: check
CVE-2024-27931 (Deno is a JavaScript, TypeScript, and WebAssembly runtime with
secure ...)
- TODO: check
+ NOT-FOR-US: Deno
CVE-2024-27929 (ImageSharp is a managed, cross-platform, 2D graphics library.
A heap-u ...)
- TODO: check
+ NOT-FOR-US: ImageSharp
CVE-2024-27627 (A reflected cross-site scripting (XSS) vulnerability exists in
SuperCa ...)
- TODO: check
+ NOT-FOR-US: SuperCali
CVE-2024-27626 (A Reflected Cross-Site Scripting (XSS) vulnerability has been
identifi ...)
TODO: check
CVE-2024-27625 (CMS Made Simple Version 2.2.19 is vulnerable to Cross Site
Scripting ( ...)
- TODO: check
+ NOT-FOR-US: CMS Made Simple
CVE-2024-27623 (CMS Made Simple version 2.2.19 is vulnerable to Server-Side
Template I ...)
- TODO: check
+ NOT-FOR-US: CMS Made Simple
CVE-2024-27622 (A remote code execution vulnerability has been identified in
the User ...)
- TODO: check
+ NOT-FOR-US: CMS Made Simple
CVE-2024-27565 (A Server-Side Request Forgery (SSRF) in weixin.php of
ChatGPT-wechat-p ...)
- TODO: check
+ NOT-FOR-US: ChatGPT-wechat-personal
CVE-2024-27564 (A Server-Side Request Forgery (SSRF) in pictureproxy.php of
ChatGPT co ...)
- TODO: check
+ NOT-FOR-US: ChatGPT
CVE-2024-27563 (A Server-Side Request Forgery (SSRF) in the getFileFromRepo
function o ...)
- TODO: check
+ NOT-FOR-US: WonderCMS
CVE-2024-27561 (A Server-Side Request Forgery (SSRF) in the
installUpdateThemePluginAc ...)
- TODO: check
+ NOT-FOR-US: WonderCMS
CVE-2024-26339 (swftools v0.9.2 was discovered to contain a strcpy parameter
overlap v ...)
TODO: check
CVE-2024-26337 (swftools v0.9.2 was discovered to contain a segmentation
violation via ...)
@@ -41,7 +41,7 @@ CVE-2024-26335 (swftools v0.9.2 was discovered to contain a
segmentation violati
CVE-2024-26334 (swftools v0.9.2 was discovered to contain a segmentation
violation via ...)
TODO: check
CVE-2024-24098 (Code-projects Scholars Tracking System 1.0 is vulnerable to
SQL Inject ...)
- TODO: check
+ NOT-FOR-US: Code-projects Scholars Tracking System
CVE-2024-23296 (A memory corruption issue was addressed with improved
validation. This ...)
TODO: check
CVE-2024-23256 (A logic issue was addressed with improved state management.
This issue ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8066c1899f1acb03dfd6e2185249e4d9ee686f79
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8066c1899f1acb03dfd6e2185249e4d9ee686f79
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
