Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
611c42fa by Moritz Muehlenhoff at 2024-09-11T14:35:30+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59,7 +59,7 @@ CVE-2024-40652 (In onCreate of SettingsHomepageActivity.java,
there is a possibl
CVE-2024-40650 (In wifi_item_edit_content of styles.xml , there is a possible
FRP bypa ...)
TODO: check
CVE-2024-3899 (The Gallery Plugin for WordPress WordPress plugin before
1.8.15 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39808 (Incorrect Calculation of Buffer Size (CWE-131) in the
Controller 6000 ...)
TODO: check
CVE-2024-31336 (Imagination PowerVR-GPU in Android before 2024-09-05 has a
High Severi ...)
@@ -73,7 +73,7 @@ CVE-2024-23716 (In DevmemIntPFNotify of devicemem_server.c,
there is a possible
CVE-2024-21529 (Versions of the package dset before 3.1.4 are vulnerable to
Prototype ...)
TODO: check
CVE-2024-1656 (Affected versions of Octopus Server had a weak content security
policy ...)
- TODO: check
+ NOT-FOR-US: Octopus Server
CVE-2024-8096 [OCSP stapling bypass with GnuTLS]
- curl <unfixed>
[bookworm] - curl <no-dsa> (Minor issue)
@@ -556,7 +556,7 @@ CVE-2024-38270 (An insufficient entropy vulnerability
caused by the improper use
CVE-2024-27365 (An issue was discovered in Samsung Mobile Processor Exynos
Exynos 980, ...)
NOT-FOR-US: Samsung
CVE-2024-21528 (All versions of the package node-gettext are vulnerable to
Prototype P ...)
- TODO: check
+ NOT-FOR-US: Node gettext (different from src:node-gettext.js)
CVE-2024-0067 (Marinus Pfund, member of the AXIS OS Bug Bounty Program, has
found th ...)
NOT-FOR-US: Axis
CVE-2024-8605 (A vulnerability classified as problematic was found in
code-projects I ...)
@@ -106745,9 +106745,9 @@ CVE-2023-30769 (Vulnerability discovered is related
to the peer-to-peer (p2p) co
CVE-2023-30757 (A vulnerability has been identified in Totally Integrated
Automation P ...)
NOT-FOR-US: Siemens
CVE-2023-30756 (A vulnerability has been identified in SIMATIC CP 1242-7 V2
(incl. SIP ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-30755 (A vulnerability has been identified in SIMATIC CP 1242-7 V2
(incl. SIP ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-30754 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
AdFoxly ...)
NOT-FOR-US: WordPress plugin
CVE-2023-30753 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Phan Chu ...)
@@ -112551,7 +112551,7 @@ CVE-2023-28829 (A vulnerability has been identified
in SIMATIC NET PC Software V
CVE-2023-28828 (A vulnerability has been identified in Polarion ALM (All
versions < V2 ...)
NOT-FOR-US: Siemens
CVE-2023-28827 (A vulnerability has been identified in SIMATIC CP 1242-7 V2
(incl. SIP ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-28379 (A memory corruption vulnerability exists in the HTTP Server
form bound ...)
NOT-FOR-US: Weston Embedded uC-HTTP
CVE-2023-27395 (A heap-based buffer overflow vulnerability exists in the
vpnserver Wpc ...)
@@ -141828,7 +141828,7 @@ CVE-2022-45858 (A use of a weak cryptographic
algorithm vulnerability [CWE-327]
CVE-2022-45857 (An incorrect user management vulnerability [CWE-286] in the
FortiManag ...)
NOT-FOR-US: Fortinet
CVE-2022-45856 (An improper certificate validation vulnerability [CWE-295] in
FortiCli ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2022-45855 (SpringEL injection in the metrics source in Apache Ambari
version 2.7. ...)
NOT-FOR-US: Apache Ambari
CVE-2022-45854 (An improper check for unusual conditions in Zyxel NWA110AX
firmware ve ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/611c42faa5d754bb4c6efbc5d27bbd6eb78b0088
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/611c42faa5d754bb4c6efbc5d27bbd6eb78b0088
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
