Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7b2601b4 by Salvatore Bonaccorso at 2024-07-29T22:44:34+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2024-7195 (A vulnerability was found in itsourcecode
Society Management Syst
CVE-2024-7194 (A vulnerability was found in itsourcecode Society Management
System 1. ...)
NOT-FOR-US: itsourcecode Society Management System
CVE-2024-7193 (A vulnerability has been found in Mp3tag up to 3.26d and
classified as ...)
- TODO: check
+ NOT-FOR-US: Mp3tag
CVE-2024-7192 (A vulnerability, which was classified as critical, was found in
itsour ...)
NOT-FOR-US: itsourcecode Society Management System
CVE-2024-7191 (A vulnerability, which was classified as critical, has been
found in i ...)
@@ -27,21 +27,21 @@ CVE-2024-6761
CVE-2024-6748 (Zohocorp ManageEngineOpManager, OpManager Plus, OpManager MSP
and RMM ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2024-6727 (A flaw in versions of Delphix Data Control Tower (DCT) prior to
19.0.0 ...)
- TODO: check
+ NOT-FOR-US: Delphix Data Control Tower (DCT)
CVE-2024-6726 (Versions of Delphix Engine prior to Release 25.0.0.0 contain a
flaw wh ...)
- TODO: check
+ NOT-FOR-US: Delphix Engine
CVE-2024-6578 (A stored cross-site scripting (XSS) vulnerability exists in
aimhubio/a ...)
- TODO: check
+ NOT-FOR-US: aimhubio/aim
CVE-2024-6576 (Improper Authentication vulnerability in Progress MOVEit
Transfer (SFT ...)
- TODO: check
+ NOT-FOR-US: Progress MOVEit Transfer
CVE-2024-6124 (Reflected XSS in M-Files Hubshare before version 5.0.6.0
allowsan atta ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2024-4848
REJECTED
CVE-2024-41881 (SDoP versions prior to 1.11 fails to handle appropriately some
paramet ...)
TODO: check
CVE-2024-41819 (Note Mark is a web-based Markdown notes app. A stored
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: Note Mark
CVE-2024-41818 (fast-xml-parser is an open source, pure javascript xml parser.
a ReDOS ...)
TODO: check
CVE-2024-41817 (ImageMagick is a free and open-source software suite, used for
editing ...)
@@ -49,37 +49,37 @@ CVE-2024-41817 (ImageMagick is a free and open-source
software suite, used for e
CVE-2024-41810 (Twisted is an event-based framework for internet applications,
support ...)
TODO: check
CVE-2024-41799 (tgstation-server is a production scale tool for BYOND server
managemen ...)
- TODO: check
+ NOT-FOR-US: tgstation-server
CVE-2024-41726 (Path traversal vulnerability exists in SKYSEA Client View
Ver.3.013.00 ...)
- TODO: check
+ NOT-FOR-US: SKYSEA Client View
CVE-2024-41676 (Magento-lts is a long-term support alternative to Magento
Community Ed ...)
- TODO: check
+ NOT-FOR-US: Magento LTS (alternative to Magento Community Edition)
CVE-2024-41671 (Twisted is an event-based framework for internet applications,
support ...)
TODO: check
CVE-2024-41640 (Cross Site Scripting (XSS) vulnerability in AML Surety Eco up
to 3.5 a ...)
- TODO: check
+ NOT-FOR-US: AML Surety Eco
CVE-2024-41631 (Buffer Overflow vulnerability in host-host NEUQ_board v.1.0
allows a r ...)
- TODO: check
+ NOT-FOR-US: host-host NEUQ_board
CVE-2024-41624 (Incorrect access control in Himalaya Xiaoya nano smart speaker
rom_ver ...)
- TODO: check
+ NOT-FOR-US: Himalaya Xiaoya nano smart speaker
CVE-2024-41143 (Origin validation error vulnerability exists in SKYSEA Client
View Ver ...)
- TODO: check
+ NOT-FOR-US: SKYSEA Client View
CVE-2024-41139 (Incorrect privilege assignment vulnerability exists in SKYSEA
Client V ...)
- TODO: check
+ NOT-FOR-US: SKYSEA Client View
CVE-2024-40576 (Cross Site Scripting vulnerability in Best House Rental
Management Sys ...)
- TODO: check
+ NOT-FOR-US: Best House Rental Management System
CVE-2024-38529 (Admidio is a free, open source user management system for
websites of ...)
- TODO: check
+ NOT-FOR-US: Admidio
CVE-2024-37906 (Admidio is a free, open source user management system for
websites of ...)
- TODO: check
+ NOT-FOR-US: Admidio
CVE-2024-37859 (Cross Site Scripting vulnerability in Lost and Found
Information Syste ...)
- TODO: check
+ NOT-FOR-US: Lost and Found Information System
CVE-2024-37858 (SQL Injection vulnerability in Lost and Found Information
System 1.0 a ...)
- TODO: check
+ NOT-FOR-US: Lost and Found Information System
CVE-2024-37857 (SQL Injection vulnerability in Lost and Found Information
System 1.0 a ...)
- TODO: check
+ NOT-FOR-US: Lost and Found Information System
CVE-2024-37856 (Cross Site Scripting vulnerability in Lost and Found
Information Syste ...)
- TODO: check
+ NOT-FOR-US: Lost and Found Information System
CVE-2024-33365 (Buffer Overflow vulnerability in Tenda AC10 v4
US_AC10V4.0si_V16.03.10 ...)
TODO: check
CVE-2024-28806 (An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215.
Remote u ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b2601b42e15636eefe0d1fa9cebffbd87d673d0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b2601b42e15636eefe0d1fa9cebffbd87d673d0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
