Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a05de6d0 by Salvatore Bonaccorso at 2024-04-03T22:32:15+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -83,7 +83,7 @@ CVE-2024-2653 (amphp/http will collect CONTINUATION frames in
an unbounded buffe
CVE-2024-29477 (Lack of sanitization during Installation Process in Dolibarr
ERP CRM u ...)
TODO: check
CVE-2024-28782 (IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM
Cloud Pa ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-28275 (Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was
discovere ...)
TODO: check
CVE-2024-27972 (Improper Neutralization of Special Elements used in a Command
('Comman ...)
@@ -119,7 +119,7 @@ CVE-2024-27336 (Kofax Power PDF PNG File Parsing
Out-Of-Bounds Read Information
CVE-2024-27335 (Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote
Code Execut ...)
TODO: check
CVE-2024-27254 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 10.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-27201 (An improper input validation vulnerability exists in the OAS
Engine Us ...)
TODO: check
CVE-2024-27191 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
@@ -131,9 +131,9 @@ CVE-2024-25918 (Unrestricted Upload of File with Dangerous
Type vulnerability in
CVE-2024-25096 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
TODO: check
CVE-2024-25046 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 11.1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-25030 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 11.1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-24976 (A denial of service vulnerability exists in the OAS Engine
File Data S ...)
TODO: check
CVE-2024-24707 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
@@ -141,7 +141,7 @@ CVE-2024-24707 (Improper Control of Generation of Code
('Code Injection') vulner
CVE-2024-23540 (The HCL BigFix Inventory server is vulnerable to path
traversal which ...)
TODO: check
CVE-2024-22360 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 11.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-22178 (A file write vulnerability exists in the OAS Engine Save
Security Conf ...)
TODO: check
CVE-2024-21870 (A file write vulnerability exists in the OAS Engine Tags
Configuration ...)
@@ -183,7 +183,7 @@ CVE-2024-0172 (Dell PowerEdge Server BIOS and Dell
Precision Rack BIOS contain a
CVE-2023-5755
REJECTED
CVE-2023-52296 (IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 11.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-45552 (In VeridiumID before 3.5.0, a stored cross-site scripting
(XSS) vulner ...)
TODO: check
CVE-2023-44040 (In VeridiumID before 3.5.0, the identity provider page is
susceptible ...)
@@ -193,7 +193,7 @@ CVE-2023-44039 (In VeridiumID before 3.5.0, the WebAuthn
API allows an internal
CVE-2023-44038 (In VeridiumID before 3.5.0, the identity provider page allows
an unaut ...)
TODO: check
CVE-2023-38729 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server)10.5, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-35812 (An issue was discovered in the Amazon Linux packages of
OpenSSH 7.4 fo ...)
TODO: check
CVE-2024-26779 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a05de6d0f16446ec6ba3a32c719227a15f224aa0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a05de6d0f16446ec6ba3a32c719227a15f224aa0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
