Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f7dcb9db by Salvatore Bonaccorso at 2024-05-08T22:58:15+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -80,35 +80,35 @@ CVE-2024-34244 (libmodbus v3.1.10 is vulnerable to Buffer
Overflow via the modbu
- libmodbus <unfixed>
NOTE: https://github.com/stephane/libmodbus/issues/743
CVE-2024-33612 (An improper certificate validation vulnerability exists in
BIG-IP Next ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-33608 (When IPsec is configured on a virtual server, undisclosed
traffic can ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-33604 (A reflected cross-site scripting (XSS) vulnerability exist in
undisclo ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-33574 (Missing Authorization vulnerability in appsbd Vitepos.This
issue affec ...)
TODO: check
CVE-2024-33573 (Missing Authorization vulnerability in EPROLO EPROLO
Dropshipping.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33382 (An issue in Open5GS v.2.7.0 allows an attacker to cause a
denial of se ...)
- TODO: check
+ NOT-FOR-US: Open5GS
CVE-2024-32980 (Spin is the developer tool for building and running serverless
applica ...)
TODO: check
CVE-2024-32886 (Vitess is a database clustering system for horizontal scaling
of MySQL ...)
- TODO: check
+ NOT-FOR-US: Vitess
CVE-2024-32761 (Under certain conditions, a potential data leak may occur in
the Traff ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-32113 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: Apache OFBiz
CVE-2024-32049 (BIG-IP Next Central Manager (CM) may allow an unauthenticated,
remote ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-31961 (A SQL injection vulnerability in unit.php in Sonic
Shopfloor.guide bef ...)
- TODO: check
+ NOT-FOR-US: Sonic Shopfloor
CVE-2024-31270 (Missing Authorization vulnerability in Repute InfoSystems
ARForms Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31156 (A stored cross-site scripting (XSS) vulnerability exists in an
undiscl ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-30459 (Missing Authorization vulnerability in AIpost AI WP
Writer.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28971 (Dell Update Manager Plugin, versions 1.4.0 through 1.5.0,
contains a P ...)
TODO: check
CVE-2024-28889 (When an SSL profile with alert timeout is configured with a
non-defaul ...)
@@ -366,25 +366,25 @@ CVE-2024-34314 (CmsEasy v7.7.7.9 was discovered to
contain a local file inclusio
CVE-2024-34084 (Minder's `HandleGithubWebhook` is susceptible to a denial of
service a ...)
TODO: check
CVE-2024-33860 (An issue was discovered in Logpoint before 7.4.0. It allows
Local File ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-33859 (An issue was discovered in Logpoint before 7.4.0. HTML code
sent throu ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-33858 (An issue was discovered in Logpoint before 7.4.0. A path
injection vul ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-33857 (An issue was discovered in Logpoint before 7.4.0. Due to a
lack of inp ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-33856 (An issue was discovered in Logpoint before 7.4.0. An attacker
can enum ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-33783 (MP-SPDZ v0.3.8 was discovered to contain a segmentation
violation via ...)
- TODO: check
+ NOT-FOR-US: MP-SPDZ
CVE-2024-33782 (MP-SPDZ v0.3.8 was discovered to contain a stack overflow via
the func ...)
- TODO: check
+ NOT-FOR-US: MP-SPDZ
CVE-2024-33781 (MP-SPDZ v0.3.8 was discovered to contain a stack overflow via
the func ...)
- TODO: check
+ NOT-FOR-US: MP-SPDZ
CVE-2024-33780 (MP-SPDZ v0.3.8 was discovered to contain a segmentation
violation via ...)
- TODO: check
+ NOT-FOR-US: MP-SPDZ
CVE-2024-33748 (Cross-site scripting (XSS) vulnerability in the search
function in Mvn ...)
- TODO: check
+ NOT-FOR-US: MvnRepository MS Basic
CVE-2024-33434 (An issue in tiagorlampert CHAOS before
1b451cf62582295b7225caf5a7b506f ...)
TODO: check
CVE-2024-33164 (J2EEFAST v2.7.0 was discovered to contain a SQL injection
vulnerabilit ...)
@@ -420,11 +420,11 @@ CVE-2024-32664 (Suricata is a network Intrusion Detection
System, Intrusion Prev
CVE-2024-32663 (Suricata is a network Intrusion Detection System, Intrusion
Prevention ...)
TODO: check
CVE-2024-32371 (An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3
through 5.2.18 ...)
- TODO: check
+ NOT-FOR-US: HSC Cybersecurity HC Mailinspector
CVE-2024-32370 (An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3
through 5.2.18 ...)
- TODO: check
+ NOT-FOR-US: HSC Cybersecurity HC Mailinspector
CVE-2024-32369 (SQL Injection vulnerability in HSC Cybersecurity HC
Mailinspector 5.2. ...)
- TODO: check
+ NOT-FOR-US: HSC Cybersecurity HC Mailinspector
CVE-2024-31456 (GLPI is a Free Asset and IT Management Software package. Prior
to 10.0 ...)
TODO: check
CVE-2024-29889 (GLPI is a Free Asset and IT Management Software package. Prior
to 10.0 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7dcb9dbb13295bcf5e89f4878cbe715e86463ec
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7dcb9dbb13295bcf5e89f4878cbe715e86463ec
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
