Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0e96c73d by Salvatore Bonaccorso at 2024-08-13T05:55:29+02:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2024-7697 (Logical vulnerability in the mobile application
(com.transsion.ca
CVE-2024-6917 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
NOT-FOR-US: Veribilim Software Veribase Order Management
CVE-2024-6768 (A Denial of Service in CLFS.sys in Microsoft Windows 10,
Windows 11, W ...)
- TODO: check
+ NOT-FOR-US: CLFS.sys in Microsoft Windows
CVE-2024-6758 (Improper Privilege ManagementinSprecher Automation SPRECON-E
below ver ...)
NOT-FOR-US: Sprecher Automation
CVE-2024-6684 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
@@ -59,11 +59,11 @@ CVE-2024-42520 (TOTOLINK A3002R v4.0.0-B20230531.1404
contains a buffer overflow
CVE-2024-42489 (Pro Macros provides XWiki rendering macros. Missing escaping
in the Vi ...)
NOT-FOR-US: XWiki Pro Macros
CVE-2024-42485 (Filament Excel enables excel export for Filament admin
resources. The ...)
- TODO: check
+ NOT-FOR-US: Filament Excel
CVE-2024-42482 (fish-shop/syntax-check is a GitHub action for syntax checking
fish she ...)
- TODO: check
+ NOT-FOR-US: fish-shop/syntax-check
CVE-2024-42481 (Skyport Daemon (skyportd) is the daemon for the Skyport Panel.
By maki ...)
- TODO: check
+ NOT-FOR-US: Skyport Daemon (skyportd) in Skyport Panel
CVE-2024-42480 (Kamaji is the Hosted Control Plane Manager for Kubernetes. In
versions ...)
NOT-FOR-US: Kamaji
CVE-2024-42479 (llama.cpp provides LLM inference in C/C++. The unsafe `data`
pointer m ...)
@@ -73,53 +73,53 @@ CVE-2024-42478 (llama.cpp provides LLM inference in C/C++.
The unsafe `data` poi
CVE-2024-42477 (llama.cpp provides LLM inference in C/C++. The unsafe `type`
member in ...)
NOT-FOR-US: ggerganov/llama.cpp
CVE-2024-42474 (Streamlit is a data oriented application development framework
for pyt ...)
- TODO: check
+ NOT-FOR-US: Streamlit
CVE-2024-42167 (The function "generate_app_certificates" in
controllers/saml2/saml2.js ...)
- TODO: check
+ NOT-FOR-US: FIWARE Keyrock
CVE-2024-42166 (The function "generate_app_certificates" in
lib/app_certificates.js of ...)
- TODO: check
+ NOT-FOR-US: FIWARE Keyrock
CVE-2024-42165 (Insufficiently random values for generating activation token
in FIWARE ...)
- TODO: check
+ NOT-FOR-US: FIWARE Keyrock
CVE-2024-42164 (Insufficiently random values for generating password reset
token in FI ...)
- TODO: check
+ NOT-FOR-US: FIWARE Keyrock
CVE-2024-42163 (Insufficiently random values for generating password reset
token in FI ...)
- TODO: check
+ NOT-FOR-US: FIWARE Keyrock
CVE-2024-41909 (Like many other SSH implementations, Apache MINA SSHD suffered
from th ...)
- TODO: check
+ NOT-FOR-US: Apache Mina SSHD
CVE-2024-41710 (A vulnerability in the Mitel 6800 Series, 6900 Series, and
6900w Serie ...)
NOT-FOR-US: Mitel
CVE-2024-41651 (An issue in Prestashop v.8.1.7 and before allows a remote
attacker to ...)
NOT-FOR-US: Prestashop
CVE-2024-41475 (Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a
CORS mis ...)
- TODO: check
+ NOT-FOR-US: Gnuboard
CVE-2024-40893 (Multiple authenticated operating system (OS) command injection
vulnera ...)
- TODO: check
+ NOT-FOR-US: Firewalla Box Software
CVE-2024-40892 (A weak credential vulnerability exists in Firewalla Box
Software versi ...)
- TODO: check
+ NOT-FOR-US: Firewalla Box Software
CVE-2024-40500 (Cross Site Scripting vulnerability in Martin Kucej i-librarian
v.5.11. ...)
- TODO: check
+ NOT-FOR-US: mkucej/i-librarian-free
CVE-2024-39091 (An OS command injection vulnerability in the ccm_debug
component of MI ...)
- TODO: check
+ NOT-FOR-US: MIPC Camera firmware
CVE-2024-38530 (The Open eClass platform (formerly known as GUnet eClass) is a
complet ...)
- TODO: check
+ NOT-FOR-US: Open eClass platform
CVE-2024-36877 (Micro-Star International Z-series motherboards (Z590, Z490,
and Z790) ...)
- TODO: check
+ NOT-FOR-US: Micro-Star
CVE-2024-33536 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and
10.0. Th ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-33535 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and
10.0. Th ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-33533 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and
10.0, is ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-27443 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and
10.0. A ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-27442 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and
10.0. Th ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-21550 (SteVe is an open platform that implements different version of
the OCP ...)
- TODO: check
+ NOT-FOR-US: SteVe
CVE-2023-7249 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: OpenText OpenText Directory Services
CVE-2023-48171 (An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote
attacker ...)
- TODO: check
+ NOT-FOR-US: OWASP DefectDojo
CVE-2023-41884 (ZoneMinder is a free, open source Closed-circuit television
software a ...)
- zoneminder <unfixed> (unimportant)
NOTE: Only supported for trusted users/behind auth
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e96c73dc422c6c959b93b59129f018894149efb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e96c73dc422c6c959b93b59129f018894149efb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
