Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
83db5455 by Salvatore Bonaccorso at 2024-03-15T22:14:55+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -116,7 +116,7 @@ CVE-2024-2446 (Mattermost versions 8.1.x before 8.1.10,
9.2.x before 9.2.6, 9.3.
CVE-2024-2445 (Mattermost Jira plugin versions shipped with Mattermost
versions 8.1.x ...)
- mattermost-server <itp> (bug #823556)
CVE-2024-28854 (tls-listener is a rust lang wrapper around a connection
listener to su ...)
- TODO: check
+ NOT-FOR-US: tls-listener
CVE-2024-28851 (The Snowflake Hive metastore connector provides an easy way to
query H ...)
NOT-FOR-US: Snowflake Hive metastore connector
CVE-2024-28848 (OpenMetadata is a unified platform for discovery,
observability, and g ...)
@@ -192,23 +192,23 @@ CVE-2023-7248 (Certain functionality in OpenText Vertica
Management console migh
CVE-2023-7060 (Zephyr OS IP packet handling does not properly drop IP packets
arrivin ...)
NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2023-7017 (Sciener locks' firmware update mechanism do not authenticate or
valida ...)
- TODO: check
+ NOT-FOR-US: Sciener locks' firmware
CVE-2023-7009 (Some Sciener-based locks support plaintext message processing
over Blu ...)
- TODO: check
+ NOT-FOR-US: Sciener-based locks
CVE-2023-7007 (Sciener server does not validate connection requests from the
GatewayG ...)
- TODO: check
+ NOT-FOR-US: Sciener server
CVE-2023-7006 (The unlockKey character in a lock using Sciener firmware can be
brute ...)
- TODO: check
+ NOT-FOR-US: Sciener firmware
CVE-2023-7004 (The TTLock App does not employ proper verification procedures
to ensur ...)
- TODO: check
+ NOT-FOR-US: TTLock App
CVE-2023-7003 (The AES key utilized in the pairing process between a lock
using Scien ...)
- TODO: check
+ NOT-FOR-US: Sciener firmware
CVE-2023-6960 (TTLock App virtual keys and settings are only deleted client
side, and ...)
- TODO: check
+ NOT-FOR-US: TTLock App
CVE-2023-6725 (An access-control flaw was found in the OpenStack Designate
component ...)
TODO: check
CVE-2023-51699 (Fluid is an open source Kubernetes-native Distributed Dataset
Orchestr ...)
- TODO: check
+ NOT-FOR-US: Fluid
CVE-2023-51525 (Cross-Site Request Forgery (CSRF) vulnerability in Veribo,
Roland Murg ...)
NOT-FOR-US: WordPress plugin
CVE-2023-51522 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs
Paid Mem ...)
@@ -299,7 +299,7 @@ CVE-2024-1795 (The HUSKY \u2013 Products Filter for
WooCommerce Professional plu
CVE-2024-1713 (A user who can create objects in a database with plv8 3.2.1
installed ...)
TODO: check
CVE-2024-0860 (The affected product is vulnerable to a cleartext transmission
of sens ...)
- TODO: check
+ NOT-FOR-US: Softing
CVE-2024-0803 (Integer Overflow or Wraparound vulnerability in Mitsubishi
Electric Co ...)
NOT-FOR-US: Mitsubishi
CVE-2024-0802 (Incorrect Pointer Scaling vulnerability in Mitsubishi Electric
Corpora ...)
@@ -307,7 +307,7 @@ CVE-2024-0802 (Incorrect Pointer Scaling vulnerability in
Mitsubishi Electric Co
CVE-2023-50677 (An issue in NETGEAR-DGND4000 v.1.1.00.15_1.00.15 allows a
remote attac ...)
NOT-FOR-US: NETGEAR
CVE-2023-42286 (There is a PHP file inclusion vulnerability in the template
configurat ...)
- TODO: check
+ NOT-FOR-US: eyoucms
CVE-2024-28054
- amavisd-new 1:2.13.0-5
[bookworm] - amavisd-new <no-dsa> (Minor issue; will be fixed via point
release)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83db5455f2305449b7fd0817332ba7f29dd38b83
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83db5455f2305449b7fd0817332ba7f29dd38b83
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
