Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4f65015a by Salvatore Bonaccorso at 2024-07-24T08:01:32+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30,19 +30,19 @@ CVE-2024-41663 (Canarytokens help track activity and
actions on a network. A Cr
CVE-2024-41661 (reNgine is an automated reconnaissance framework for web
applications. ...)
NOT-FOR-US: reNgine
CVE-2024-41655 (TF2 Item Format helps users format TF2 items to the community
standard ...)
- TODO: check
+ NOT-FOR-US: TF2 Item Format
CVE-2024-41319 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to
contain a comm ...)
NOT-FOR-US: TOTOLINK
CVE-2024-41178 (Exposure of temporary credentials in logsin Apache Arrow Rust
Object S ...)
NOT-FOR-US: Apache Arrow Rust Object Store
CVE-2024-40060 (go-chart v2.1.1 was discovered to contain an infinite loop via
the dra ...)
- TODO: check
+ NOT-FOR-US: go-chart
CVE-2024-39702 (In lj_str_hash.c in OpenResty 1.19.3.1 through 1.25.3.1, the
string ha ...)
- TODO: check
+ NOT-FOR-US: OpenResty fork specific issue
CVE-2024-34128 (Adobe Experience Manager versions 6.5.20 and earlier are
affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-29070 (On versions before 2.1.4,session is not invalidated after
logout. When ...)
- TODO: check
+ NOT-FOR-US: Apache StreamPark
CVE-2024-1975 (If a server hosts a zone containing a "KEY" Resource Record, or
a reso ...)
- bind9 1:9.20.0-1
NOTE: https://kb.isc.org/docs/cve-2024-1975
@@ -704,7 +704,7 @@ CVE-2024-41122 (Woodpecker is a simple yet powerful CI/CD
engine with great exte
CVE-2024-41121 (Woodpecker is a simple yet powerful CI/CD engine with great
extensibil ...)
NOT-FOR-US: Woodpecker
CVE-2024-41107 (The CloudStack SAML authentication (disabled by default) does
not enfo ...)
- TODO: check
+ NOT-FOR-US: Apache CloudStack
CVE-2024-40400 (An arbitrary file upload vulnerability in the image upload
function of ...)
NOT-FOR-US: automad
CVE-2024-39963 (AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and
AX3000 Du ...)
@@ -326658,9 +326658,9 @@ CVE-2020-11642 (The local file inclusion
vulnerability present in B&R SiteManage
CVE-2020-11641 (A local file inclusion vulnerability in B&R SiteManager
versions <9.2. ...)
NOT-FOR-US: B&R GateManager
CVE-2020-11640 (AdvaBuild uses a command queue to launch certain operations.
An attack ...)
- TODO: check
+ NOT-FOR-US: AdvaBuild
CVE-2020-11639 (An attacker could exploit the vulnerability by injecting
garbage data ...)
- TODO: check
+ NOT-FOR-US: ABB
CVE-2020-11638
RESERVED
CVE-2020-11637 (A memory leak in the TFTP service in B&R Automation Runtime
versions < ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f65015a2e66c403b2eb1570e3f5b7f9cfbbd585
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f65015a2e66c403b2eb1570e3f5b7f9cfbbd585
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
