Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
210e00e9 by Moritz Muehlenhoff at 2024-04-16T09:51:41+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -173,89 +173,89 @@ CVE-2024-30840 (A Stack Overflow vulnerability in Tenda
AC15 v15.03.05.18 allows
CVE-2024-30546 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelite
Login With ...)
NOT-FOR-US: WordPress plugin
CVE-2024-30220 (Command injection vulnerability in MZK-MF300N all firmware
versions al ...)
- TODO: check
+ NOT-FOR-US: MZK-MF300N
CVE-2024-30219 (Active debug code vulnerability exists in MZK-MF300N all
firmware vers ...)
- TODO: check
+ NOT-FOR-US: MZK-MF300N
CVE-2024-2659 (A command injection vulnerability was identified in SMM/SMM2
and FPC t ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2024-29219 (Out-of-bounds read vulnerability exists in KV STUDIO Ver.11.64
and ear ...)
- TODO: check
+ NOT-FOR-US: KEYENCE KV STUDIO
CVE-2024-29218 (Out-of-bounds write vulnerability exists in KV STUDIO
Ver.11.64 and ea ...)
- TODO: check
+ NOT-FOR-US: KEYENCE KV STUDIO
CVE-2024-28957 (Generation of predictable identifiers issue exists in Cente
middleware ...)
- TODO: check
+ NOT-FOR-US: Cente
CVE-2024-28894 (Out-of-bounds read vulnerability caused by improper checking
of the op ...)
- TODO: check
+ NOT-FOR-US: Cente
CVE-2024-28558 (SQL Injection vulnerability in sourcecodester Petrol pump
management s ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2024-28557 (SQL Injection vulnerability in Sourcecodester php task
management syst ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2024-28556 (SQL Injection vulnerability in Sourcecodester php task
management syst ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2024-28099 (VT STUDIO Ver.8.32 and earlier contains an issue with the DLL
search p ...)
- TODO: check
+ NOT-FOR-US: VT Studio
CVE-2024-28056 (Amazon AWS Amplify CLI before 12.10.1 incorrectly configures
the role ...)
- TODO: check
+ NOT-FOR-US: Amazon AWS Amplify CLI
CVE-2024-26023 (OS command injection vulnerability in BUFFALO wireless LAN
routers all ...)
- TODO: check
+ NOT-FOR-US: BUFFALO
CVE-2024-24898 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
TODO: check
CVE-2024-24891 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
TODO: check
CVE-2024-24487 (An issue discovered in silex technology DS-600 Firmware
v.1.4.1 allows ...)
- TODO: check
+ NOT-FOR-US: silex
CVE-2024-24486 (An issue discovered in silex technology DS-600 Firmware
v.1.4.1 allows ...)
- TODO: check
+ NOT-FOR-US: silex
CVE-2024-24485 (An issue discovered in silex technology DS-600 Firmware
v.1.4.1 allows ...)
- TODO: check
+ NOT-FOR-US: silex
CVE-2024-23911 (Out-of-bounds read vulnerability caused by improper checking
of the op ...)
- TODO: check
+ NOT-FOR-US: Cente
CVE-2024-23594 (A buffer overflow vulnerability was reported in a system
recovery boo ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2024-23593 (A vulnerability was reported in a system recovery bootloader
that was ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2024-23560 (HCL DevOps Deploy / HCL Launch could be vulnerable to
incomplete revoc ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-23559 (HCL DevOps Deploy / Launch is generating an obsolete HTTP
header.)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-23486 (Plaintext storage of a password issue exists in BUFFALO
wireless LAN r ...)
- TODO: check
+ NOT-FOR-US: BUFFALO
CVE-2024-22439 (A potential security vulnerability has been identified in HPE
FlexFabr ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2024-22438 (A potential security vulnerability has been identified in
Hewlett Pack ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2024-22437 (A potential security vulnerability has been identified in VSS
Provider ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2024-22435 (A potential security vulnerability has been identified in Web
ViewPoin ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2024-22014 (An issue discovered in 360 Total Security Antivirus through
11.0.0.106 ...)
- TODO: check
+ NOT-FOR-US: 360 Total Security Antivirus
CVE-2023-4857 (An authentication bypass vulnerability was identified in
SMM/SMM2 and ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-4856 (A format string vulnerability was identified in SMM/SMM2 and
FPC that ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-4855 (A command injection vulnerability was identified in SMM/SMM2
and FPC t ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-48710 (iTop is an IT service management platform. Files from the
`env-produc ...)
- TODO: check
+ NOT-FOR-US: iTop
CVE-2023-48709 (iTop is an IT service management platform. When exporting
data from b ...)
- TODO: check
+ NOT-FOR-US: iTop
CVE-2023-47626 (iTop is an IT service management platform. When
displaying/editing th ...)
- TODO: check
+ NOT-FOR-US: iTop
CVE-2023-47622 (iTop is an IT service management platform. When dashlet are
refreshed ...)
- TODO: check
+ NOT-FOR-US: iTop
CVE-2023-47123 (iTop is an IT service management platform. By filling
malicious code ...)
- TODO: check
+ NOT-FOR-US: iTop
CVE-2023-45808 (iTop is an IT service management platform. When creating or
updating ...)
- TODO: check
+ NOT-FOR-US: iTop
CVE-2023-45503 (SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows
remote ...)
- TODO: check
+ NOT-FOR-US: Macrob7 Macs CMS
CVE-2023-44396 (iTop is an IT service management platform. Dashlet edits ajax
endpoin ...)
- TODO: check
+ NOT-FOR-US: iTop
CVE-2023-43790 (iTop is an IT service management platform. By manipulating
HTTP queri ...)
- TODO: check
+ NOT-FOR-US: iTop
CVE-2023-38511 (iTop is an IT service management platform. Dashboard editor :
can loa ...)
- TODO: check
+ NOT-FOR-US: iTop
CVE-2024-XXXX [validate a server certificate in a TLS-based server-server
connection]
- ngircd 27~rc1-1
NOTE: https://github.com/ngircd/ngircd/issues/120
@@ -297,7 +297,7 @@ CVE-2024-3763 (A vulnerability was found in Emlog Pro
2.2.10. It has been rated
CVE-2024-3762 (A vulnerability was found in Emlog Pro 2.2.10. It has been
declared as ...)
NOT-FOR-US: Emlog Pro
CVE-2024-3701 (The system application (com.transsion.kolun.aiservice)
component does ...)
- TODO: check
+ NOT-FOR-US: TECNO Mobile Limited
CVE-2024-3505 (JFrog Artifactory Self-Hosted versions below 7.77.3, are
vulnerable to ...)
NOT-FOR-US: JFrog Artifactory Self-Hosted
CVE-2024-32489 (TCPDF before 6.7.4 mishandles calls that use HTML syntax.)
@@ -399,23 +399,23 @@ CVE-2024-2836 (The Social Share, Social Login and Social
Comments Plugin WordPr
CVE-2024-2739 (The Advanced Search WordPress plugin through 1.1.6 does not
have CSRF ...)
NOT-FOR-US: WordPress plugin
CVE-2024-29844 (Default credentials on the Web Interface of Evolution
Controller 2.x ( ...)
- TODO: check
+ NOT-FOR-US: Evolution Controller
CVE-2024-29843 (The Web interface of Evolution Controller Versions
2.04.560.31.03.2024 ...)
- TODO: check
+ NOT-FOR-US: Evolution Controller
CVE-2024-29842 (The Web interface of Evolution Controller Versions
2.04.560.31.03.2024 ...)
- TODO: check
+ NOT-FOR-US: Evolution Controller
CVE-2024-29841 (The Web interface of Evolution Controller Versions
2.04.560.31.03.2024 ...)
- TODO: check
+ NOT-FOR-US: Evolution Controller
CVE-2024-29840 (The Web interface of Evolution Controller Versions
2.04.560.31.03.2024 ...)
- TODO: check
+ NOT-FOR-US: Evolution Controller
CVE-2024-29839 (The Web interface of Evolution Controller Versions
2.04.560.31.03.2024 ...)
- TODO: check
+ NOT-FOR-US: Evolution Controller
CVE-2024-29838 (The Web interface of Evolution Controller Versions
2.04.560.31.03.2024 ...)
- TODO: check
+ NOT-FOR-US: Evolution Controller
CVE-2024-29837 (The Web interface of Evolution Controller Versions
2.04.560.31.03.2024 ...)
- TODO: check
+ NOT-FOR-US: Evolution Controller
CVE-2024-29836 (The Web interface of Evolution Controller Versions
2.04.560.31.03.2024 ...)
- TODO: check
+ NOT-FOR-US: Evolution Controller
CVE-2024-27462
REJECTED
CVE-2024-1849 (The WP Customer Reviews WordPress plugin before 3.7.1 does not
validat ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/210e00e9ea3983ffc2d23069ffc18be627343c3b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/210e00e9ea3983ffc2d23069ffc18be627343c3b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
