Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2462b1de by Moritz Muehlenhoff at 2024-09-01T14:32:09+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2024-8368 (A vulnerability was found in code-projects Hospital Management
System ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2024-8367 (A vulnerability was found in HM Courts & Tribunals Service
Probate Bac ...)
- TODO: check
+ NOT-FOR-US: HM Courts & Tribunals Service
CVE-2024-8366 (A vulnerability was found in code-projects Pharmacy Management
System ...)
NOT-FOR-US: code-projects Pharmacy Management System
CVE-2024-8108 (The Share This Image plugin for WordPress is vulnerable to
Stored Cros ...)
@@ -248,7 +248,7 @@ CVE-2024-5622 (An untrusted search path vulnerability in
the AprolConfigureCCSer
CVE-2024-5057 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: Wordpress plugin
CVE-2024-45056 (zksolc is a Solidity compiler for ZKsync. All LLVM versions
since 2015 ...)
- TODO: check
+ NOT-FOR-US: zksolc
CVE-2024-45045 (Collabora Online is a collaborative online office suite based
on Libre ...)
NOT-FOR-US: Collabora Online
CVE-2024-44930 (Serilog before v2.1.0 was discovered to contain a Client IP
Spoofing v ...)
@@ -336,7 +336,7 @@ CVE-2024-43918 (Improper Neutralization of Special Elements
used in an SQL Comma
CVE-2024-43917 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: Wordpress plugin
CVE-2024-43804 (Roxy-WI is a web interface for managing Haproxy, Nginx, Apache
and Kee ...)
- TODO: check
+ NOT-FOR-US: Roxy-WI
CVE-2024-43144 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2024-43132 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -939,11 +939,14 @@ CVE-2024-43802 (Vim is an improved version of the unix vi
text editor. When flus
NOTE: https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh
NOTE:
https://github.com/vim/vim/commit/322ba9108612bead5eb7731ccb66763dec69ef1b
(v9.1.0697)
CVE-2024-43444 (Passwords of agents and customers are displayed in plain text
in the O ...)
- TODO: check
+ NOT-FOR-US: OTRS
+ NOTE: Could possibly affect Znuny, we'll let their security team figure
it out
CVE-2024-43443 (Improper Neutralization of Input done by an attacker with
admin privil ...)
- TODO: check
+ NOT-FOR-US: OTRS
+ NOTE: Could possibly affect Znuny, we'll let their security team figure
it out
CVE-2024-43442 (Improper Neutralization of Input done by an attacker with
admin privil ...)
- TODO: check
+ NOT-FOR-US: OTRS
+ NOTE: Could possibly affect Znuny, we'll let their security team figure
it out
CVE-2024-43319 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
NOT-FOR-US: WordPress plugin
CVE-2024-43289 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
@@ -955,9 +958,9 @@ CVE-2024-42913 (RuoYi CMS v4.7.9 was discovered to contain
a SQL injection vulne
CVE-2024-42906 (TestLink before v.1.9.20 is vulnerable to Cross Site Scripting
(XSS) v ...)
NOT-FOR-US: TestLink
CVE-2024-42818 (A cross-site scripting (XSS) vulnerability in the
Config-Create functi ...)
- TODO: check
+ NOT-FOR-US: fastapi-admin pro
CVE-2024-42816 (A cross-site scripting (XSS) vulnerability in the Create
Product funct ...)
- TODO: check
+ NOT-FOR-US: fastapi-admin pro
CVE-2024-42792 (A Cross-Site Request Forgery (CSRF) vulnerability was found in
Kashipa ...)
NOT-FOR-US: Kashipara Music Management System
CVE-2024-42791 (A Cross-Site Request Forgery (CSRF) vulnerability was found in
Kashipa ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2462b1de10b95957f78d303b4a5d4807af0dcdce
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2462b1de10b95957f78d303b4a5d4807af0dcdce
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
