Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
627e1c96 by Salvatore Bonaccorso at 2024-06-27T22:40:13+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,59 +1,59 @@
CVE-2024-6388 (Marco Trevisan discovered that the Ubuntu Advantage Desktop
Daemon, be ...)
- TODO: check
+ NOT-FOR-US: ubuntu-advantage-desktop-daemon
CVE-2024-6374 (A vulnerability was found in lahirudanushka School Management
System 1 ...)
- TODO: check
+ NOT-FOR-US: lahirudanushka School Management System
CVE-2024-6373 (A vulnerability has been found in itsourcecode Online Food
Ordering Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Online Food Ordering System
CVE-2024-6372 (A vulnerability, which was classified as critical, was found in
itsour ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-6371 (A vulnerability, which was classified as critical, has been
found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Pool of Bethesda Online Reservation System
CVE-2024-6370 (A vulnerability classified as problematic was found in
LabVantage LIMS ...)
- TODO: check
+ NOT-FOR-US: LabVantage LIMS
CVE-2024-6369 (A vulnerability classified as problematic has been found in
LabVantage ...)
- TODO: check
+ NOT-FOR-US: LabVantage LIMS
CVE-2024-6368 (A vulnerability was found in LabVantage LIMS 2017. It has been
rated a ...)
- TODO: check
+ NOT-FOR-US: LabVantage LIMS
CVE-2024-6367 (A vulnerability was found in LabVantage LIMS 2017. It has been
declare ...)
- TODO: check
+ NOT-FOR-US: LabVantage LIMS
CVE-2024-6262 (The Portfolio Gallery \u2013 Image Gallery Plugin plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6250 (An absolute path traversal vulnerability exists in
parisneo/lollms-web ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms-webui
CVE-2024-6139 (A path traversal vulnerability exists in the XTTS server of the
parisn ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms
CVE-2024-6127 (BC Security Empire before 5.9.3 is vulnerable to a path
traversal issu ...)
- TODO: check
+ NOT-FOR-US: BC Security Empire
CVE-2024-6090 (A path traversal vulnerability exists in
gaizhenbiao/chuanhuchatgpt ve ...)
- TODO: check
+ NOT-FOR-US: gaizhenbiao/chuanhuchatgpt
CVE-2024-6086 (In version 1.2.7 of lunary-ai/lunary, any authenticated user,
regardle ...)
- TODO: check
+ NOT-FOR-US: lunary-ai/lunary
CVE-2024-6085 (A path traversal vulnerability exists in the XTTS server
included in t ...)
- TODO: check
+ NOT-FOR-US: lollms
CVE-2024-6038 (A Regular Expression Denial of Service (ReDoS) vulnerability
exists in ...)
- TODO: check
+ NOT-FOR-US: gaizhenbiao/chuanhuchatgpt
CVE-2024-5980 (A vulnerability in the /v1/runs API endpoint of
lightning-ai/pytorch-l ...)
- TODO: check
+ NOT-FOR-US: pytorch-lightning
CVE-2024-5979 (In h2oai/h2o-3 version 3.46.0, the `run_tool` command in the
`rapids` ...)
- TODO: check
+ NOT-FOR-US: h2oai/h2o-3
CVE-2024-5936 (An open redirect vulnerability exists in imartinez/privategpt
version ...)
- TODO: check
+ NOT-FOR-US: imartinez/privategpt
CVE-2024-5935 (A Cross-Site Request Forgery (CSRF) vulnerability in version
0.5.0 of ...)
- TODO: check
+ NOT-FOR-US: imartinez/privategpt
CVE-2024-5933 (A Cross-site Scripting (XSS) vulnerability exists in the chat
function ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms-webui
CVE-2024-5885 (stangirard/quivr version 0.0.236 contains a Server-Side Request
Forger ...)
- TODO: check
+ NOT-FOR-US: stangirard/quivr
CVE-2024-5826 (In the latest version of vanna-ai/vanna, the `vanna.ask`
function is v ...)
- TODO: check
+ NOT-FOR-US: vanna-ai/vanna
CVE-2024-5824 (A path traversal vulnerability in the `/set_personality_config`
endpoi ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms
CVE-2024-5822 (A Server-Side Request Forgery (SSRF) vulnerability exists in
the uploa ...)
- TODO: check
+ NOT-FOR-US: gaizhenbiao/ChuanhuChatGPT
CVE-2024-5820 (Missing Authorization in stitionai/devika)
- TODO: check
+ NOT-FOR-US: stitionai/devika
CVE-2024-5755 (In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass
email v ...)
- TODO: check
+ NOT-FOR-US: lunary-ai/lunary
CVE-2024-5751 (BerriAI/litellm version v1.35.8 contains a vulnerability where
an atta ...)
TODO: check
CVE-2024-5714 (In lunary-ai/lunary version 1.2.4, an improper access control
vulnerab ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/627e1c9658b70e944afec4807eed639fd09cc2f2
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/627e1c9658b70e944afec4807eed639fd09cc2f2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
