Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e670eb47 by Salvatore Bonaccorso at 2024-07-23T06:53:23+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,195 +1,195 @@
CVE-2024-6675 (A deserialization of untrusted data vulnerability exists in NI
VeriSta ...)
- TODO: check
+ NOT-FOR-US: NI VeriStand
CVE-2024-6638 (An integer overflow vulnerability due to improper input
validation whe ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-6542 (Improper neutralization of livestatus command delimiters in
mknotifyd ...)
- check-mk <removed>
CVE-2024-6122 (An incorrect permission in the installation directory for the
shared N ...)
- TODO: check
+ NOT-FOR-US: NI SystemLink Server KeyValueDatabase service
CVE-2024-6121 (An out-of-date version of Redis shipped with NI SystemLink
Server is s ...)
- TODO: check
+ NOT-FOR-US: Redis as shipped in NI SystemLink Server (not for src:redis)
CVE-2024-41880 (In veilid-core in Veilid before 0.3.4, the protocol's ping
function ca ...)
- TODO: check
+ NOT-FOR-US: Veilid
CVE-2024-41829 (In JetBrains TeamCity before 2024.07 an OAuth code for
JetBrains Space ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41828 (In JetBrains TeamCity before 2024.07 comparison of
authorization token ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41827 (In JetBrains TeamCity before 2024.07 access tokens could
continue work ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41826 (In JetBrains TeamCity before 2024.07 stored XSS was possible
on Show C ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41825 (In JetBrains TeamCity before 2024.07 stored XSS was possible
on the Co ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41824 (In JetBrains TeamCity before 2024.07 parameters of the
"password" type ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41320 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to
contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41318 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to
contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41317 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to
contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41316 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to
contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41315 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to
contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41314 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to
contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41132 (ImageSharp is a 2D graphics API. A vulnerability discovered in
the Ima ...)
- TODO: check
+ NOT-FOR-US: ImageSharp
CVE-2024-41131 (ImageSharp is a 2D graphics API. An Out-of-bounds Write
vulnerability ...)
- TODO: check
+ NOT-FOR-US: ImageSharp
CVE-2024-41130 (llama.cpp provides LLM inference in C/C++. Prior to b3427,
llama.cpp c ...)
- TODO: check
+ NOT-FOR-US: llama.cpp
CVE-2024-41129 (The ops library is a Python framework for developing and
testing Kuber ...)
TODO: check
CVE-2024-40634 (Argo CD is a declarative, GitOps continuous delivery tool for
Kubernet ...)
- TODO: check
+ NOT-FOR-US: Argo CD
CVE-2024-40075 (Laravel v11.x was discovered to contain an XML External Entity
(XXE) v ...)
TODO: check
CVE-2024-40051 (IP Guard v4.81.0307.0 was discovered to contain an arbitrary
file read ...)
- TODO: check
+ NOT-FOR-US: IP Guard
CVE-2024-39902 (Tuleap is an open source suite to improve management of
software devel ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2024-39688 (Bert-VITS2 is the VITS2 Backbone with multilingual bert. User
input su ...)
- TODO: check
+ NOT-FOR-US: Bert-VITS2
CVE-2024-39686 (Bert-VITS2 is the VITS2 Backbone with multilingual bert. User
input su ...)
- TODO: check
+ NOT-FOR-US: Bert-VITS2
CVE-2024-39685 (Bert-VITS2 is the VITS2 Backbone with multilingual bert. User
input su ...)
- TODO: check
+ NOT-FOR-US: Bert-VITS2
CVE-2024-39601 (A vulnerability has been identified in CPCI85 Central
Processing/Commu ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-39250 (EfroTech Timetrax v8.3 was discovered to contain an
unauthenticated SQ ...)
- TODO: check
+ NOT-FOR-US: EfroTech Timetrax
CVE-2024-38944 (An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6
allows a ...)
- TODO: check
+ NOT-FOR-US: Intelight X-1L Traffic controller Maxtime
CVE-2024-38788 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38773 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38759 (Deserialization of Untrusted Data vulnerability in WP MEDIA
SAS Search ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38755 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38730 (Server-Side Request Forgery (SSRF) vulnerability in Noor alam
Magical ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38728 (Server-Side Request Forgery (SSRF) vulnerability in
Seraphinite Soluti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38723 (Server-Side Request Forgery (SSRF) vulnerability in Bernhard
Kux JSON ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38708 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38701 (Authorization Bypass Through User-Controlled Key vulnerability
in Acad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38692 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38503 (When editing a user, group or any object in the Syncope
Console, HTML ...)
- TODO: check
+ NOT-FOR-US: Apache Syncope
CVE-2024-37998 (A vulnerability has been identified in CPCI85 Central
Processing/Commu ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-37942 (Server-Side Request Forgery (SSRF) vulnerability in Berqier
Ltd BerqWP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37445 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37436 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37434 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37433 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37432 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37429 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37428 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37422 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37416 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37414 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37409 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37380 (A misconfiguration on UniFi U6+ Access Point could cause an
incorrect ...)
- TODO: check
+ NOT-FOR-US: NI
CVE-2024-37278 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37275 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37271 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37267 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37265 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37264 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37263 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37262 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37261 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37259 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37258 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37257 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37246 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37245 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37244 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37239 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37229 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37223 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37221 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37219 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37217 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37216 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37215 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37211 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37206 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37199 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37122 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37121 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37120 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37117 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37116 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37114 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37101 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37100 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37097 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35656 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34457 (On versions before 2.1.4, after a regular user successfully
logs in, t ...)
- TODO: check
+ NOT-FOR-US: Apache StreamPark
CVE-2024-34329 (Insecure permissions in Entrust Datacard XPS Card Printer
Driver 8.4 a ...)
- TODO: check
+ NOT-FOR-US: Entrust Datacard XPS Card Printer Driver
CVE-2024-33933 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32484 (An reflected XSS vulnerability exists in the handling of
invalid paths ...)
TODO: check
CVE-2024-32152 (A blocklist bypass vulnerability exists in the LaTeX
functionality of ...)
@@ -227,7 +227,7 @@ CVE-2024-6962 (A vulnerability classified as critical was
found in Tenda O3 1.0.
CVE-2024-6961 (RAIL documents are an XML-based format invented by Guardrails
AI to en ...)
NOT-FOR-US: Guardrails
CVE-2024-6960 (The H2O machine learning platform uses "Iced" classes as the
primary m ...)
- TODO: check
+ NOT-FOR-US: H2O machine learning platform
CVE-2024-6958 (A vulnerability classified as critical was found in
itsourcecode Unive ...)
NOT-FOR-US: itsourcecode University Management System
CVE-2024-6957 (A vulnerability classified as critical has been found in
itsourcecode ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e670eb474e40f4306719a9481ca1f2f333a811de
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e670eb474e40f4306719a9481ca1f2f333a811de
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
