Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bcf0d3bc by Salvatore Bonaccorso at 2024-06-17T22:49:19+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,17 +31,17 @@ CVE-2024-37902 (DeepJavaLibrary(DJL) is an Engine-Agnostic
Deep Learning Framewo
CVE-2024-37896 (Gin-vue-admin is a backstage management system based on vue
and gin. G ...)
TODO: check
CVE-2024-37895 (Lobe Chat is an open-source LLMs/AI chat framework. In
affected versio ...)
- TODO: check
+ NOT-FOR-US: Lobe Chat
CVE-2024-37893 (Firefly III is a free and open source personal finance
manager. In aff ...)
- TODO: check
+ NOT-FOR-US: Firefly
CVE-2024-37891 (urllib3 is a user-friendly HTTP client library for Python.
When using ...)
TODO: check
CVE-2024-37890 (ws is an open source WebSocket client and server for Node.js.
A reques ...)
TODO: check
CVE-2024-37848 (SQL Injection vulnerability in Online-Bookstore-Project-In-PHP
v1.0 al ...)
- TODO: check
+ NOT-FOR-US: Online-Bookstore-Project-In-PHP
CVE-2024-37840 (SQL injection vulnerability in processscore.php in
Itsourcecode Learni ...)
- TODO: check
+ NOT-FOR-US: Itsourcecode Learning Management System Project In PHP With
Source Code
CVE-2024-37795 (A segmentation fault in CVC5 Solver v1.1.3 allows attackers to
cause a ...)
TODO: check
CVE-2024-37794 (Improper input validation in CVC5 Solver v1.1.3 allows
attackers to ca ...)
@@ -51,23 +51,23 @@ CVE-2024-37664 (Redmi router RB03 v1.0.57 is vulnerable to
TCP DoS or hijacking
CVE-2024-37663 (Redmi router RB03 v1.0.57 is vulnerable to forged ICMP
redirect messag ...)
TODO: check
CVE-2024-37662 (TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or
hijacking attac ...)
- TODO: check
+ NOT-FOR-US: TP-LINK
CVE-2024-37661 (TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP
redirect messa ...)
- TODO: check
+ NOT-FOR-US: TP-LINK
CVE-2024-37625 (zhimengzhe iBarn v1.5 was discovered to contain a reflected
cross-site ...)
- TODO: check
+ NOT-FOR-US: zhimengzhe iBarn
CVE-2024-37624 (Xinhu RockOA v2.6.3 was discovered to contain a reflected
cross-site s ...)
- TODO: check
+ NOT-FOR-US: Xinhu RockOA
CVE-2024-37623 (Xinhu RockOA v2.6.3 was discovered to contain a reflected
cross-site s ...)
- TODO: check
+ NOT-FOR-US: Xinhu RockOA
CVE-2024-37622 (Xinhu RockOA v2.6.3 was discovered to contain a reflected
cross-site s ...)
- TODO: check
+ NOT-FOR-US: Xinhu RockOA
CVE-2024-37621 (StrongShop v1.0 was discovered to contain a Server-Side
Template Injec ...)
- TODO: check
+ NOT-FOR-US: StrongShop
CVE-2024-37620 (PHPVOD v4.0 was discovered to contain a reflected cross-site
scripting ...)
- TODO: check
+ NOT-FOR-US: PHPVOD
CVE-2024-37619 (StrongShop v1.0 was discovered to contain a reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: StrongShop
CVE-2024-37305 (oqs-provider is a provider for the OpenSSL 3 cryptography
library that ...)
TODO: check
CVE-2024-37159 (Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos
Network. ...)
@@ -172,7 +172,7 @@ CVE-2024-38448 (htags in GNU Global through 6.6.12 allows
code execution in situ
[buster] - global <postponed> (Minor issue, -d/dbpath unlikely to be
untrusted)
NOTE:
https://lists.gnu.org/archive/html/bug-global/2024-05/msg00009.html
CVE-2024-38443 (C/sorting/binary_insertion_sort.c in The Algorithms - C
through e5dad3 ...)
- TODO: check
+ NOT-FOR-US: The Algorithms - C
CVE-2024-38441 (Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer ...)
TODO: check
CVE-2024-38440 (Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcf0d3bc0f37d85d4082c4c79eb6ed9ca2d00ffd
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcf0d3bc0f37d85d4082c4c79eb6ed9ca2d00ffd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
