Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
79711349 by Moritz Muehlenhoff at 2024-04-10T16:03:25+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -134,9 +134,9 @@ CVE-2024-22450 (Dell Alienware Command Center, versions
prior to 6.2.7.0, contai
CVE-2024-22448 (Dell BIOS contains an Out-of-Bounds Write vulnerability. A
local authe ...)
NOT-FOR-US: Dell
CVE-2024-21509 (Versions of the package mysql2 before 3.9.4 are vulnerable to
Prototyp ...)
- TODO: check
+ NOT-FOR-US: Node mysql2
CVE-2024-21507 (Versions of the package mysql2 before 3.9.3 are vulnerable to
Improper ...)
- TODO: check
+ NOT-FOR-US: Node mysql2
CVE-2024-1780 (The BizCalendar Web plugin for WordPress is vulnerable to
Reflected Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2024-1042 (The WP Radio \u2013 Worldwide Online Radio Stations Directory
for Word ...)
@@ -234,13 +234,13 @@ CVE-2024-31368 (Missing Authorization vulnerability in
PenciDesign Soledad.This
CVE-2024-31367 (Missing Authorization vulnerability in PenciDesign
Soledad.This issue ...)
NOT-FOR-US: WordPress plugin
CVE-2024-30706 (An issue was discovered in ROS2 Dashing Diademata versions
ROS_VERSION ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30704 (An insecure deserialization vulnerability has been identified
in ROS2 ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30703 (An arbitrary file upload vulnerability has been discovered in
ROS2 (Ro ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30702 (An issue was discovered in ROS2 Galactic Geochelone in
ROS_VERSION 2 a ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30262 (Contao is an open source content management system. Prior to
version 4 ...)
NOT-FOR-US: Contao CMS
CVE-2024-30191 (A vulnerability has been identified in SCALANCE W1748-1 M12
(6GK5748-1 ...)
@@ -926,43 +926,43 @@ CVE-2024-31047 (An issue in Academy Software Foundation
openexr v.3.2.3 and befo
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/1681
NOTE: Fixed by:
https://github.com/AcademySoftwareFoundation/openexr/commit/7aa89e1d09b09d9f5dbb96976ee083a331ab9d71
CVE-2024-30701 (An insecure logging vulnerability in ROS2 Galactic Geochelone
ROS_VERS ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30699 (A buffer overflow vulnerability has been discovered in the C++
compone ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30697 (An issue was discovered in ROS2 Galactic Geochelone in
ROS_VERSION 2 a ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30696 (OS command injection vulnerability in ROS2 Galactic Geochelone
in ROS_ ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30695 (An issue was discovered in the default configurations of ROS2
Galactic ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30694 (A shell injection vulnerability was discovered in ROS2 (Robot
Operatin ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30692 (A issue was discovered in ROS2 Galactic Geochelone versions
ROS_VERSIO ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30691 (An issue was discovered in ROS2 Galactic Geochelone in version
ROS_VER ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30690 (An unauthorized node injection vulnerability has been
identified in RO ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30688 (An arbitrary file upload vulnerability has been discovered in
ROS2 Iro ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30687 (An insecure deserialization vulnerability has been identified
in ROS2 ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30686 (An issue was discovered in ROS2 Iron Irwini versions
ROS_VERSION 2 and ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30684 (An insecure logging vulnerability has been identified within
ROS2 Iron ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30683 (A buffer overflow vulnerability has been discovered in the C++
compone ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30681 (An OS command injection vulnerability has been discovered in
ROS2 Iron ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30680 (Shell injection vulnerability was discovered in ROS2 (Robot
Operating ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30679 (An issue was discovered in the default configurations of ROS2
Iron Irw ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30678 (An issue has been discovered in ROS2 Iron Irwini ROS_VERSION 2
and ROS ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30676 (A Denial-of-Service (DoS) vulnerability exists in ROS2 Iron
Irwini ver ...)
- TODO: check
+ NOTE: Bogus report on ROS, lacks all details and apparently never
reported either
CVE-2024-30218 (The ABAP Application Server of SAP NetWeaver as well as ABAP
Platforma ...)
NOT-FOR-US: SAP
CVE-2024-30217 (Cash Management in SAP S/4 HANA does not perform necessary
authorizati ...)
@@ -984,11 +984,11 @@ CVE-2024-27899 (Self-Registrationand Modify your own
profile in User Admin Appli
CVE-2024-27898 (SAP NetWeaver application, due to insufficient input
validation, allow ...)
NOT-FOR-US: SAP
CVE-2024-27632 (An issue in GNU Savane v.3.12 and before allows a remote
attacker to e ...)
- TODO: check
+ NOT-FOR-US: GNU Savane
CVE-2024-27631 (Cross Site Request Forgery vulnerability in GNU Savane v.3.12
and befo ...)
- TODO: check
+ NOT-FOR-US: GNU Savane
CVE-2024-27630 (Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12
and befor ...)
- TODO: check
+ NOT-FOR-US: GNU Savane
CVE-2024-25646 (Due to improper validation,SAP BusinessObject Business
Intelligence La ...)
NOT-FOR-US: SAP
CVE-2024-23584 (The NMAP Importer service may expose data store credentials to
authori ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7971134980ea7abc211a917ce44b4f75a70a593e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7971134980ea7abc211a917ce44b4f75a70a593e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
