Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c0f5fd8d by Moritz Muehlenhoff at 2024-09-05T14:06:42+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2024-8178 (The ctl_write_buffer and ctl_read_buffer functions allocated
memory to ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2024-7627 (The Bit File Manager plugin for WordPress is vulnerable to
Remote Code ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6846 (The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not
valida ...)
@@ -9,29 +9,29 @@ CVE-2024-6835 (The Ivory Search \u2013 WordPress Search
Plugin plugin for WordPr
CVE-2024-45692 (Webmin before 2.202 and Virtualmin before 7.20.2 allow a
network traff ...)
- webmin <removed>
CVE-2024-45429 (Cross-site scripting vulnerability exists in Advanced Custom
Fields ve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-45399 (Indico is an event management system that uses
Flask-Multipass, a mult ...)
- TODO: check
+ NOT-FOR-US: Indico
CVE-2024-45395 (sigstore-go, a Go library for Sigstore signing and
verification, is su ...)
- TODO: check
+ NOT-FOR-US: sigstore-go
CVE-2024-45288 (A missing null-termination character in the last element of an
nvlist ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2024-45287 (A malicious value of size in a structure of packed libnv can
cause an ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2024-45063 (The function ctl_write_buffer incorrectly set a flag which
resulted in ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2024-43110 (The ctl_request_sense function could expose up to three bytes
of the k ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2024-43102 (Concurrent removals of certain anonymous shared memory
mappings by usi ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2024-42416 (The ctl_report_supported_opcodes function did not sufficiently
validat ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2024-41928 (Malicious software running in a guest VM can exploit the
buffer overfl ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2024-32668 (An insufficient boundary validation in the USB code could lead
to an o ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2024-2166 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Forcepoint Email Security
CVE-2024-20506 (A vulnerability in the ClamD service module of Clam AntiVirus
(ClamAV) ...)
TODO: check
CVE-2024-20505 (A vulnerability in the PDF parsing module of Clam AntiVirus
(ClamAV) v ...)
@@ -51,17 +51,17 @@ CVE-2024-8413 (Cross Site Scripting (XSS) vulnerability
through the action param
CVE-2024-8412 (A vulnerability, which was classified as problematic, was found
in Lin ...)
NOT-FOR-US: LinuxOSsk Shakal-NG
CVE-2024-8411 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: ABCD
CVE-2024-8410 (A vulnerability classified as problematic was found in ABCD
ABCD2 up t ...)
- TODO: check
+ NOT-FOR-US: ABCD
CVE-2024-8409 (A vulnerability classified as problematic has been found in
ABCD ABCD2 ...)
- TODO: check
+ NOT-FOR-US: ABCD
CVE-2024-8408 (A vulnerability was found in Linksys WRT54G 4.21.5. It has been
rated ...)
NOT-FOR-US: Linksys
CVE-2024-8407 (A vulnerability was found in alwindoss akademy up to
35caccea888ed63d5 ...)
- TODO: check
+ NOT-FOR-US: alwindoss akademy
CVE-2024-8399 (Websites could utilize Javascript links to spoof URL addresses
in the ...)
- TODO: check
+ NOT-FOR-US: Mozilla Firefox Focus
CVE-2024-8391 (In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does
not lim ...)
NOT-FOR-US: Eclipse Vertx
CVE-2024-8325 (The Blockspare: Gutenberg Blocks & Patterns for Blogs,
Magazines, Busi ...)
@@ -93,17 +93,17 @@ CVE-2024-7923 (An authentication bypass vulnerability has
been identified in Pul
CVE-2024-7870 (The PixelYourSite \u2013 Your smart PIXEL (TAG) & API Manager
and the ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7834 (A local privilege escalation is caused by Overwolf loading and
executi ...)
- TODO: check
+ NOT-FOR-US: Overwolf
CVE-2024-7821
REJECTED
CVE-2024-7786 (The Sensei LMS WordPress plugin before 4.24.2 does not
properly prote ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7078 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Semtek Sempos
CVE-2024-7077 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Semtek Sempos
CVE-2024-7076 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Semtek Sempos
CVE-2024-7012 (An authentication bypass vulnerability has been identified in
Foreman ...)
- foreman <itp> (bug #663101)
CVE-2024-6926 (The Viral Signup WordPress plugin through 2.1 does not
properly sanit ...)
@@ -117,7 +117,7 @@ CVE-2024-6722 (The Chatbot Support AI: Free ChatGPT
Chatbot, Woocommerce Chatbot
CVE-2024-6020 (The Sign-up Sheets WordPress plugin before 2.2.13 does not
escape some ...)
NOT-FOR-US: WordPress plugin
CVE-2024-45507 (Server-Side Request Forgery (SSRF), Improper Control of
Generation of ...)
- TODO: check
+ NOT-FOR-US: Apache OFBiz
CVE-2024-45450 (Permission control vulnerability in the software update
module. Impact ...)
TODO: check
CVE-2024-45449 (Access permission verification vulnerability in the ringtone
setting m ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0f5fd8dd9ef436acf15efbab391641c3c3d836e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0f5fd8dd9ef436acf15efbab391641c3c3d836e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
