Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
60bd2da5 by Salvatore Bonaccorso at 2024-03-22T22:28:16+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
CVE-2024-2828 (A vulnerability, which was classified as critical, was found in
lakern ...)
- TODO: check
+ NOT-FOR-US: lakernote EasyAdmin
CVE-2024-2827 (A vulnerability, which was classified as critical, has been
found in l ...)
- TODO: check
+ NOT-FOR-US: lakernote EasyAdmin
CVE-2024-2826 (A vulnerability classified as problematic was found in
lakernote EasyA ...)
- TODO: check
+ NOT-FOR-US: lakernote EasyAdmin
CVE-2024-2825 (A vulnerability classified as critical has been found in
lakernote Eas ...)
- TODO: check
+ NOT-FOR-US: lakernote EasyAdmin
CVE-2024-2824 (A vulnerability was found in Matthias-Wandel jhead 3.08 and
classified ...)
TODO: check
CVE-2024-2823 (A vulnerability has been found in DedeCMS 5.7 and classified as
proble ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-2822 (A vulnerability, which was classified as problematic, was found
in Ded ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-2821 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-2820 (A vulnerability classified as problematic was found in DedeCMS
5.7. Af ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-2728 (Information exposure vulnerability in the CIGESv2 system. This
vulnera ...)
- TODO: check
+ NOT-FOR-US: CIGESv2 system
CVE-2024-2727 (HTML injection vulnerability affecting the CIGESv2 system,
which allow ...)
- TODO: check
+ NOT-FOR-US: CIGESv2 system
CVE-2024-2726 (Stored Cross-Site Scripting (Stored-XSS) vulnerability
affecting the C ...)
- TODO: check
+ NOT-FOR-US: CIGESv2 system
CVE-2024-2725 (Information exposure vulnerability in the CIGESv2 system. A
remote att ...)
- TODO: check
+ NOT-FOR-US: CIGESv2 system
CVE-2024-2724 (SQL injection vulnerability in the CIGESv2 system,
through/ajaxServici ...)
- TODO: check
+ NOT-FOR-US: CIGESv2 system
CVE-2024-2723 (SQL injection vulnerability in the CIGESv2 system,
through/ajaxSubServ ...)
- TODO: check
+ NOT-FOR-US: CIGESv2 system
CVE-2024-2722 (SQL injection vulnerability in the CIGESv2 system,
through/ajaxConfigT ...)
- TODO: check
+ NOT-FOR-US: CIGESv2 system
CVE-2024-2449 (A cross-site request forgery vulnerability has been identified
in Load ...)
TODO: check
CVE-2024-2448 (An OS command injection vulnerability has been identified in
LoadMaste ...)
@@ -47,35 +47,35 @@ CVE-2024-29943 (An attacker was able to perform an
out-of-bounds read or write o
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/#CVE-2024-29943
CVE-2024-29865 (Logpoint before 7.1.0 allows Self-XSS on the LDAP
authentication page ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-29499 (Anchor CMS v0.12.7 was discovered to contain a Cross-Site
Request Forg ...)
- TODO: check
+ NOT-FOR-US: Anchor CMS
CVE-2024-29385 (DIR-845L router <= v1.01KRb03 has an Unauthenticated remote
code execu ...)
- TODO: check
+ NOT-FOR-US: DIR-845L router
CVE-2024-29366 (A command injection vulnerability exists in the cgibin binary
in DIR-8 ...)
- TODO: check
+ NOT-FOR-US: DIR-845L router
CVE-2024-29338 (Anchor CMS v0.12.7 was discovered to contain a Cross-Site
Request Forg ...)
- TODO: check
+ NOT-FOR-US: Anchor CMS
CVE-2024-29186 (Bref is an open-source project that helps users go serverless
on Amazo ...)
TODO: check
CVE-2024-29185 (FreeScout is a self-hosted help desk and shared mailbox.
Versions prio ...)
- TODO: check
+ NOT-FOR-US: FreeScout
CVE-2024-29184 (FreeScout is a self-hosted help desk and shared mailbox. A
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: FreeScout
CVE-2024-29042 (Translate is a package that allows users to convert text to
different ...)
TODO: check
CVE-2024-28861 (Symfony 1 is a community-driven fork of the 1.x branch of
Symfony, a P ...)
- TODO: check
+ NOT-FOR-US: Symfony1 (community fork of symfony 1.4 with some
enhancements)
CVE-2024-28824 (Least privilege violation and reliance on untrusted inputs in
the mk_i ...)
TODO: check
CVE-2024-28593 (The Chat activity in Moodle 4.3.3 allows students to insert a
potentia ...)
TODO: check
CVE-2024-28560 (SQL injection vulnerability in Niushop B2B2C v.5.3.3 and
before allows ...)
- TODO: check
+ NOT-FOR-US: Niushop B2B2C
CVE-2024-28559 (SQL injection vulnerability in Niushop B2B2C v.5.3.3 and
before allows ...)
- TODO: check
+ NOT-FOR-US: Niushop B2B2C
CVE-2024-25168 (SQL injection vulnerability in snow snow v.2.0.0 allows a
remote attac ...)
- TODO: check
+ NOT-FOR-US: snow snow
CVE-2024-1848 (Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds
Read, Out ...)
TODO: check
CVE-2024-1742 (Invocation of the sqlplus command with sensitive information in
the co ...)
@@ -83,9 +83,9 @@ CVE-2024-1742 (Invocation of the sqlplus command with
sensitive information in t
CVE-2024-0638 (Least privilege violation in the Checkmk agent plugins
mk_oracle, mk_o ...)
TODO: check
CVE-2023-4063 (Certain HP OfficeJet Pro printers are potentially vulnerable to
a Deni ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2023-41099 (In the Windows installer in Atos Eviden CardOS API before
5.5.5.2811, ...)
- TODO: check
+ NOT-FOR-US: Windows installer in Atos Eviden CardOS API
CVE-2024-2817 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: Tenda
CVE-2024-2816 (A vulnerability classified as problematic was found in Tenda
AC15 15.0 ...)
@@ -78271,7 +78271,7 @@ CVE-2023-23351
CVE-2023-23350
RESERVED
CVE-2023-23349 (Kaspersky has fixed a security issue in Kaspersky Password
Manager (KP ...)
- TODO: check
+ NOT-FOR-US: Kaspersky
CVE-2023-0229 (A flaw was found in github.com/openshift/apiserver-library-go,
used in ...)
NOT-FOR-US: OpenShift
CVE-2023-0228 (Improper Authentication vulnerability in ABB Symphony Plus S+
Operatio ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60bd2da56150490b275c7f37a02aaa210e386ac2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60bd2da56150490b275c7f37a02aaa210e386ac2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
