Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3ef0458a by Salvatore Bonaccorso at 2024-08-09T22:41:15+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -37,37 +37,37 @@ CVE-2024-7382 (The Linkify Text plugin for WordPress is
vulnerable to Full Path
CVE-2024-6562 (The affiliate-toolkit \u2013 WordPress Affiliate Plugin plugin
for Wor ...)
NOT-FOR-US: WordPress plugin
CVE-2024-42470 (openHAB, a provider of open-source home automation software,
has add-o ...)
- TODO: check
+ NOT-FOR-US: openHAB
CVE-2024-42469 (openHAB, a provider of open-source home automation software,
has add-o ...)
- TODO: check
+ NOT-FOR-US: openHAB
CVE-2024-42468 (openHAB, a provider of open-source home automation software,
has add-o ...)
- TODO: check
+ NOT-FOR-US: openHAB
CVE-2024-42467 (openHAB, a provider of open-source home automation software,
has add-o ...)
- TODO: check
+ NOT-FOR-US: openHAB
CVE-2024-42370 (Litestar is an Asynchronous Server Gateway Interface (ASGI)
framework. ...)
- TODO: check
+ NOT-FOR-US: litestar
CVE-2024-42367 (aiohttp is an asynchronous HTTP client/server framework for
asyncio an ...)
TODO: check
CVE-2024-41570 (An Unauthenticated Server-Side Request Forgery (SSRF) in demon
callbac ...)
- TODO: check
+ NOT-FOR-US: Havoc
CVE-2024-41476 (AMTT Hotel Broadband Operation System (HiBOS) V3.0.3.151204
and before ...)
- TODO: check
+ NOT-FOR-US: AMTT Hotel Broadband Operation System (HiBOS)
CVE-2024-41332 (Incorrect access control in the delete_category function of
Sourcecode ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Computer Laboratory Management System
CVE-2024-40480 (A Broken Access Control vulnerability was found in
/admin/update.php a ...)
- TODO: check
+ NOT-FOR-US: Kashipara Online Exam System
CVE-2024-40479 (A SQL injection vulnerability in "/admin/quizquestion.php" in
Kashipar ...)
- TODO: check
+ NOT-FOR-US: Kashipara Online Exam System
CVE-2024-40478 (A Stored Cross Site Scripting (XSS) vulnerability was found in
"/admin ...)
- TODO: check
+ NOT-FOR-US: Kashipara Online Exam System
CVE-2024-40472 (Sourcecodester Daily Calories Monitoring Tool v1.0 is
vulnerable to SQ ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Daily Calories Monitoring Tool
CVE-2024-39338 (axios 1.7.2 allows SSRF via unexpected behavior where requests
for pat ...)
TODO: check
CVE-2024-38989 (izatop bunt v0.29.19 was discovered to contain a prototype
pollution v ...)
- TODO: check
+ NOT-FOR-US: izatop bunt
CVE-2024-37826 (A NULL pointer dereference in vercot Serva v4.6.0 allows
attackers to ...)
- TODO: check
+ NOT-FOR-US: vercot Serva
CVE-2024-36462 (Uncontrolled resource consumption refers to a software
vulnerability w ...)
TODO: check
CVE-2024-36461 (Within Zabbix, users have the ability to directly modify
memory pointe ...)
@@ -75,7 +75,7 @@ CVE-2024-36461 (Within Zabbix, users have the ability to
directly modify memory
CVE-2024-36460 (The front-end audit log allows viewing of unprotected
plaintext passwo ...)
TODO: check
CVE-2024-32765 (A vulnerability has been reported to affect Network & Virtual
Switch. ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2024-22123 (Setting SMS media allows to set GSM modem file. Later this
file is use ...)
TODO: check
CVE-2024-22122 (Zabbix allows to configure SMS notifications. AT command
injection occ ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef0458a8c4df9a69c7d8f8e3e35d0b66bfe4cf1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef0458a8c4df9a69c7d8f8e3e35d0b66bfe4cf1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
