Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
06f883f6 by Moritz Muehlenhoff at 2024-06-18T11:17:56+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -47,23 +47,23 @@ CVE-2024-37079 (vCenter Server contains a heap-overflow
vulnerability in the imp
CVE-2024-34833 (Sourcecodester Payroll Management System v1.0 is vulnerable to
File Up ...)
NOT-FOR-US: Sourcecodester Payroll Management System
CVE-2024-34024 (Observable response discrepancy issue exists in ID Link
Manager and FU ...)
- TODO: check
+ NOT-FOR-US: FUJITSU
CVE-2024-33622 (Missing authentication for critical function vulnerability
exists in I ...)
- TODO: check
+ NOT-FOR-US: FUJITSU
CVE-2024-33620 (Absolute path traversal vulnerability exists in ID Link
Manager and FU ...)
- TODO: check
+ NOT-FOR-US: FUJITSU
CVE-2024-1634 (The Scheduling Plugin \u2013 Online Booking for WordPress
plugin for W ...)
NOT-FOR-US: WordPress plugin
CVE-2024-0845 (The PDF Viewer for Elementor plugin for WordPress is vulnerable
to Sto ...)
NOT-FOR-US: WordPress plugin
CVE-2024-0066 (Johan Fagerstr\xf6m, member of the AXIS OS Bug Bounty Program,
has fou ...)
- TODO: check
+ NOT-FOR-US: AXIS
CVE-2023-5527 (The Business Directory Plugin plugin for WordPress is
vulnerable to CS ...)
NOT-FOR-US: WordPress plugin
CVE-2023-37058 (Insecure Permissions vulnerability in JLINK Unionman
Technology Co. Lt ...)
- TODO: check
+ NOT-FOR-US: JLINK
CVE-2023-37057 (An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800
v.1.0 allow ...)
- TODO: check
+ NOT-FOR-US: JLINK
CVE-2024-6062 (A vulnerability was found in GPAC
2.5-DEV-rev228-g11067ea92-master and ...)
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/2872
@@ -79,7 +79,7 @@ CVE-2024-6058 (A vulnerability classified as problematic has
been found in LabVa
CVE-2024-6057 (Improper authentication in the vault password feature in
Devolutions R ...)
NOT-FOR-US: Devolutions Remote Desktop Manager
CVE-2024-6056 (A vulnerability was found in nasirkhan Laravel Starter up to
11.8.0. I ...)
- TODO: check
+ NOT-FOR-US: Laravel Starter
CVE-2024-6055 (Improper removal of sensitive information in data source export
featur ...)
NOT-FOR-US: Devolutions Remote Desktop Manager
CVE-2024-5741 (Stored XSS in inventory tree rendering in Checkmk before
2.3.0p7, 2.2. ...)
@@ -103,9 +103,9 @@ CVE-2024-38469 (zhimengzhe iBarn v1.5 was discovered to
contain a reflected cros
CVE-2024-38449 (A Directory Traversal vulnerability in KasmVNC
1.3.1.230e50f7b89663316 ...)
NOT-FOR-US: KasmVNC
CVE-2024-37902 (DeepJavaLibrary(DJL) is an Engine-Agnostic Deep Learning
Framework in ...)
- TODO: check
+ NOT-FOR-US: DeepJavaLibrary
CVE-2024-37896 (Gin-vue-admin is a backstage management system based on vue
and gin. G ...)
- TODO: check
+ NOT-FOR-US: Gin-vue-admin
CVE-2024-37895 (Lobe Chat is an open-source LLMs/AI chat framework. In
affected versio ...)
NOT-FOR-US: Lobe Chat
CVE-2024-37893 (Firefly III is a free and open source personal finance
manager. In aff ...)
@@ -156,9 +156,9 @@ CVE-2024-37619 (StrongShop v1.0 was discovered to contain a
reflected cross-site
CVE-2024-37305 (oqs-provider is a provider for the OpenSSL 3 cryptography
library that ...)
TODO: check
CVE-2024-37159 (Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos
Network. ...)
- TODO: check
+ NOT-FOR-US: Evmos
CVE-2024-37158 (Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos
Network. ...)
- TODO: check
+ NOT-FOR-US: Evmos
CVE-2024-36583 (A Prototype Pollution issue in byondreal accessor <= 1.0.0
allows an a ...)
TODO: check
CVE-2024-36582 (alexbinary object-deep-assign 1.0.11 is vulnerable to
Prototype Pollut ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f883f6d7221ddbf10c664814ab016b8ab80610
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f883f6d7221ddbf10c664814ab016b8ab80610
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
