Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e2e94be4 by Salvatore Bonaccorso at 2024-05-09T11:18:04+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,11 +27,11 @@ CVE-2024-2651 (An issue has been discovered in GitLab CE/EE
affecting all versio
CVE-2024-2454 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
TODO: check
CVE-2024-28759 (A crafted network packet may cause a buffer overrun in Wind
River VxWo ...)
- TODO: check
+ NOT-FOR-US: Wind River
CVE-2024-27793 (The issue was addressed with improved checks. This issue is
fixed in i ...)
TODO: check
CVE-2024-26517 (SQL Injection vulnerability in School Task Manager v.1.0
allows a remo ...)
- TODO: check
+ NOT-FOR-US: School Task Manager
CVE-2023-6688 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
TODO: check
CVE-2023-6682 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
@@ -171,59 +171,59 @@ CVE-2024-31156 (A stored cross-site scripting (XSS)
vulnerability exists in an u
CVE-2024-30459 (Missing Authorization vulnerability in AIpost AI WP
Writer.This issue ...)
NOT-FOR-US: WordPress plugin
CVE-2024-28971 (Dell Update Manager Plugin, versions 1.4.0 through 1.5.0,
contains a P ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28889 (When an SSL profile with alert timeout is configured with a
non-defaul ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-28883 (An origin validation vulnerability exists in BIG-IP APM
browser netw ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-28132 (Exposure of Sensitive Information vulnerability exists in the
GSLB con ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-27202 (A DOM-based cross-site scripting (XSS) vulnerability exists in
an undi ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-26579 (Deserialization of Untrusted Data vulnerability in Apache
InLong.This ...)
TODO: check
CVE-2024-26026 (An SQL injection vulnerability exists in the BIG-IP Next
Central Manag ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-25560 (When BIG-IP AFM is licensed and provisioned, undisclosed DNS
traffic c ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-25533 (Error messages in RuvarOA v6.01 and v12.01 were discovered to
leak the ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25532 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25531 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25530 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25529 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25528 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25527 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25526 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25525 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25524 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25523 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25522 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25521 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25520 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25519 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25518 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25517 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25515 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-24908 (Dell PowerProtect DM5500 version 5.15.0.0 and prior contain an
Arbitra ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-24833 (Missing Authorization vulnerability in Leevio Happy Addons for
Element ...)
TODO: check
CVE-2024-22460 (Dell PowerProtect DM5500 version 5.15.0.0 and prior contains
an insecu ...)
@@ -515,37 +515,37 @@ CVE-2024-29889 (GLPI is a Free Asset and IT Management
Software package. Prior t
NOTE:
https://github.com/glpi-project/glpi/security/advisories/GHSA-8xvf-v6vv-r75g
NOTE:
https://github.com/glpi-project/glpi/commit/0a6b28be4c0f848106c60b554c703ec2e178d6c7
CVE-2024-29210 (A local privilege escalation (LPE) vulnerability has been
identified i ...)
- TODO: check
+ NOT-FOR-US: Phish Alert Button for Outlook (PAB)
CVE-2024-29209 (A medium severity vulnerability has been identified in the
update mech ...)
- TODO: check
+ NOT-FOR-US: Phish Alert Button for Outlook (PAB)
CVE-2024-29208 (An Unverified Password Change could allow a malicious actor
with API a ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2024-29207 (An Improper Certificate Validation could allow a malicious
actor with ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2024-29206 (An Improper Access Control could allow a malicious actor
authenticated ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2024-29150 (An issue was discovered in Alcatel-Lucent ALE NOE deskphones
through 8 ...)
- TODO: check
+ NOT-FOR-US: Alcatel-Lucent ALE NOE deskphones
CVE-2024-29149 (An issue was discovered in Alcatel-Lucent ALE NOE deskphones
through 8 ...)
- TODO: check
+ NOT-FOR-US: Alcatel-Lucent ALE NOE deskphones
CVE-2024-28148 (An authenticated user could potentially access metadata for a
datasour ...)
TODO: check
CVE-2024-25514 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25513 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25512 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25511 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25510 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25509 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25508 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2024-25507 (RuvarOA v6.01 and v12.01 were discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: RuvarOA
CVE-2023-7240 (An improper authorization level has been detected in the login
panel. ...)
TODO: check
CVE-2023-6810 (The ClickCease Click Fraud Protection plugin for WordPress is
vulnerab ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2e94be4581a13b4da63d36e39dd9b07b3c995a8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2e94be4581a13b4da63d36e39dd9b07b3c995a8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
