Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1024c9b7 by Salvatore Bonaccorso at 2024-08-05T22:33:52+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
CVE-2024-7397 (Improper filering of special characters result in a command
('command ...)
- TODO: check
+ NOT-FOR-US: Korenix JetPort
CVE-2024-7396 (Missing encryption of sensitive data in Korenix JetPort 5601v3
allows ...)
- TODO: check
+ NOT-FOR-US: Korenix JetPort
CVE-2024-7395 (An authentication bypass vulnerability in Korenix JetPort
5601v3 allow ...)
- TODO: check
+ NOT-FOR-US: Korenix JetPort
CVE-2024-6915 (JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14,
7.71.23, 7. ...)
- TODO: check
+ NOT-FOR-US: JFrog Artifactory
CVE-2024-6865
REJECTED
CVE-2024-6361 (Improper Neutralization vulnerability (XSS) has been discovered
in Ope ...)
- TODO: check
+ NOT-FOR-US: OpenText ALM Octane
CVE-2024-4607 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel
Driver, Arm ...)
TODO: check
CVE-2024-42350 (Biscuit is an authorization token with decentralized
verification, off ...)
- TODO: check
+ NOT-FOR-US: Biscuit
CVE-2024-41960 (mailcow: dockerized is an open source groupware/email suite
based on d ...)
- TODO: check
+ NOT-FOR-US: Mailcow
CVE-2024-41959 (mailcow: dockerized is an open source groupware/email suite
based on d ...)
- TODO: check
+ NOT-FOR-US: Mailcow
CVE-2024-41958 (mailcow: dockerized is an open source groupware/email suite
based on d ...)
- TODO: check
+ NOT-FOR-US: Mailcow
CVE-2024-41381 (microweber 2.0.16 was discovered to contain a Cross Site
Scripting (XS ...)
- TODO: check
+ NOT-FOR-US: microweber
CVE-2024-41380 (microweber 2.0.16 was discovered to contain a Cross Site
Scripting (XS ...)
- TODO: check
+ NOT-FOR-US: microweber
CVE-2024-41376 (dzzoffice 2.02.1 is vulnerable to Directory Traversal via
user/space/a ...)
- TODO: check
+ NOT-FOR-US: dzzoffice
CVE-2024-41200 (A segmentation fault in KMPlayer v4.2.2.65 allows attackers to
cause a ...)
- TODO: check
+ NOT-FOR-US: KMPlayer (different from src:kmplayer)
CVE-2024-40531 (An issue in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM
CMS v.4 ...)
- TODO: check
+ NOT-FOR-US: UAB Lexita PanteraCRM CMS
CVE-2024-40530 (Insecure Permissions vulnerability in UAB Lexita PanteraCRM
CMS v.401. ...)
- TODO: check
+ NOT-FOR-US: UAB Lexita PanteraCRM CMS
CVE-2024-40498 (SQL Injection vulnerability in PuneethReddyHC Online Shopping
sysstem ...)
- TODO: check
+ NOT-FOR-US: PuneethReddyHC Online Shopping sysstem
CVE-2024-40096 (The com.cascadialabs.who (aka Who - Caller ID, Spam Block)
application ...)
- TODO: check
+ NOT-FOR-US: com.cascadialabs.who (aka Who - Caller ID, Spam Block)
application
CVE-2024-33034 (Memory corruption can occur if VBOs hold outdated or invalid
GPU SMMU ...)
TODO: check
CVE-2024-33028 (Memory corruption as fence object may still be accessed in
timeline de ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1024c9b7f1b4be1a6d132e55447d322500b7a001
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1024c9b7f1b4be1a6d132e55447d322500b7a001
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
