Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cd9e49b5 by Salvatore Bonaccorso at 2024-06-12T11:04:37+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -39,25 +39,25 @@ CVE-2024-4315 (parisneo/lollms version 9.5 is vulnerable to
Local File Inclusion
CVE-2024-3925 (The Element Pack Elementor Addons (Header Footer, Template
Library, Dy ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3559 (The Custom Field Suite plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-36856 (RMQTT Broker 0.4.0 allows remote attackers to cause a Denial
of Servic ...)
TODO: check
CVE-2024-36454 (Use of uninitialized resource issue exists in IPCOM EX2 Series
(V01L0x ...)
- TODO: check
+ NOT-FOR-US: IPCOM
CVE-2024-36103 (OS command injection vulnerability in WRC-X5400GS-B v1.0.10
and earlie ...)
- TODO: check
+ NOT-FOR-US: WRC-X5400GS-B
CVE-2024-35225 (Jupyter Server Proxy allows users to run arbitrary external
processes ...)
TODO: check
CVE-2024-33606 (An attacker could retrieve sensitive files (medical images) as
well as ...)
- TODO: check
+ NOT-FOR-US: MicroDicom DICOM Viewer system
CVE-2024-28970 (Dell Client BIOS contains an Out-of-bounds Write
vulnerability. A loca ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28877 (MicroDicom DICOM Viewer is vulnerable to a stack-based buffer
overflow ...)
- TODO: check
+ NOT-FOR-US: MicroDicom DICOM Viewer
CVE-2024-0427 (The ARForms - Premium WordPress Form Builder Plugin WordPress
plugin b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0160 (Dell Client Platform contains an incorrect authorization
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25131
NOT-FOR-US: MustGather.managed.openshift.io Custom Defined Resource
(CRD)
CVE-2024-5847 (Use after free in PDFium in Google Chrome prior to
126.0.6478.54 allow ...)
@@ -175,7 +175,7 @@ CVE-2024-37161 (MeterSphere is an open source continuous
testing platform. Prior
CVE-2024-36821 (Insecure permissions in Linksys Velop WiFi 5 (WHW01v1)
1.1.13.202617 a ...)
NOT-FOR-US: Linksys
CVE-2024-36702 (libiec61850 v1.5 was discovered to contain a heap overflow via
the Ber ...)
- TODO: check
+ NOT-FOR-US: libIEC61850
CVE-2024-36650 (TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware
A3100R V4.1 ...)
NOT-FOR-US: TOTOLINK
CVE-2024-36266 (A vulnerability has been identified in PowerSys (All versions
< V3.11) ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd9e49b578850a53832cb135780819f74610c714
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd9e49b578850a53832cb135780819f74610c714
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
