Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f27cc17a by Moritz Muehlenhoff at 2024-06-12T18:39:08+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -133,7 +133,7 @@ CVE-2024-5830 (Type Confusion in V8 in Google Chrome prior
to 126.0.6478.54 allo
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2024-5851 (A vulnerability classified as problematic has been found in
playSMS up ...)
- TODO: check
+ NOT-FOR-US: playSMS
CVE-2024-5829 (A vulnerability classified as problematic was found in
smallweigit Avu ...)
NOT-FOR-US: smallweigit Avue
CVE-2024-5825
@@ -159,17 +159,17 @@ CVE-2024-4190 (Stored Cross-Site Scripting (XSS)
vulnerabilities have been ident
CVE-2024-4155
REJECTED
CVE-2024-37325 (Azure Science Virtual Machine (DSVM) Elevation of Privilege
Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Azure
CVE-2024-37301 (Document Merge Service is a document template merge service
providing ...)
- TODO: check
+ NOT-FOR-US: Document Merge Service
CVE-2024-37296 (The Aimeos HTML client provides Aimeos HTML components for
e-commerce ...)
- TODO: check
+ NOT-FOR-US: Aimeos
CVE-2024-37295 (Aimeos is an Open Source e-commerce framework for online
shops. Starti ...)
- TODO: check
+ NOT-FOR-US: Aimeos
CVE-2024-37294 (Aimeos is an Open Source e-commerce framework for online
shops. All Sa ...)
- TODO: check
+ NOT-FOR-US: Aimeos
CVE-2024-37293 (The AWS Deployment Framework (ADF) is a framework to manage
and deploy ...)
- TODO: check
+ NOT-FOR-US: AWS Deployment Framework
CVE-2024-37161 (MeterSphere is an open source continuous testing platform.
Prior to ve ...)
NOT-FOR-US: MeterSphere
CVE-2024-36821 (Insecure permissions in Linksys Velop WiFi 5 (WHW01v1)
1.1.13.202617 a ...)
@@ -221,7 +221,7 @@ CVE-2024-35249 (Microsoft Dynamics 365 Business Central
Remote Code Execution Vu
CVE-2024-35248 (Microsoft Dynamics 365 Business Central Elevation of Privilege
Vulnera ...)
NOT-FOR-US: Microsoft
CVE-2024-35213 (An improper input validation vulnerability in the SGI Image
Codec of Q ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2024-35212 (A vulnerability has been identified in SINEC Traffic Analyzer
(6GK8822 ...)
NOT-FOR-US: Siemens
CVE-2024-35211 (A vulnerability has been identified in SINEC Traffic Analyzer
(6GK8822 ...)
@@ -530,7 +530,7 @@ CVE-2024-37169 (@jmondi/url-to-png is a self-hosted URL to
PNG utility. Versions
CVE-2024-37168 (@grpc/grps-js implements the core functionality of gRPC purely
in Java ...)
NOT-FOR-US: @grpc/grps-js
CVE-2024-37166 (ghtml is software that uses tagged templates for template
engine funct ...)
- TODO: check
+ NOT-FOR-US: ghtml
CVE-2024-37130 (Dell OpenManage Server Administrator, versions 11.0.1.0 and
prior, con ...)
NOT-FOR-US: Dell
CVE-2024-36473 (Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is
vulnerabl ...)
@@ -1374,17 +1374,17 @@ CVE-2024-3380
CVE-2024-3133
REJECTED
CVE-2024-37388 (An XML External Entity (XXE) vulnerability in the
ebookmeta.get_metada ...)
- TODO: check
+ NOT-FOR-US: ebookmeta
CVE-2024-37163 (SkyScrape is a GUI Dashboard for AWS Infrastructure and
Managing Resou ...)
NOT-FOR-US: SkyScrape
CVE-2024-37162 (zsa is a library for building typesafe server actions in
Next.js. All ...)
- TODO: check
+ NOT-FOR-US: zsa
CVE-2024-37160 (Formwork is a flat file-based Content Management System (CMS).
An atta ...)
NOT-FOR-US: Formwork CMS
CVE-2024-36827 (An XML External Entity (XXE) vulnerability in the
ebookmeta.get_metada ...)
- TODO: check
+ NOT-FOR-US: ebookmeta
CVE-2024-36811 (An arbitrary file upload vulnerability in the image upload
function of ...)
- TODO: check
+ NOT-FOR-US: Aimeos
CVE-2024-36792 (An issue in the implementation of the WPS in Netgear WNR614
JNR1010V2/ ...)
NOT-FOR-US: Netgear
CVE-2024-36790 (Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered
to store ...)
@@ -158027,7 +158027,7 @@ CVE-2022-32899 (The issue was addressed with improved
memory handling. This issu
CVE-2022-32898 (The issue was addressed with improved memory handling. This
issue is f ...)
NOT-FOR-US: Apple
CVE-2022-32897 (A memory corruption issue was addressed with improved
validation. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-32896 (This issue was addressed by enabling hardened runtime. This
issue is f ...)
NOT-FOR-US: Apple
CVE-2022-32895 (A race condition was addressed with improved state handling.
This issu ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f27cc17a08a7a2485b476cb2fce60c7633a57735
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f27cc17a08a7a2485b476cb2fce60c7633a57735
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
