Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
03b55615 by Salvatore Bonaccorso at 2024-09-24T21:54:03+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -81,7 +81,7 @@ CVE-2024-7018 (Heap buffer overflow in PDF in Google Chrome
prior to 124.0.6367.
- chromium 124.0.6367.78-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2024-46957 (Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response
spoofing ...)
- TODO: check
+ NOT-FOR-US: Mellium mellium.im/xmpp
CVE-2024-39928 (In Apache Linkis <= 1.5.0, a Random string security
vulnerability in S ...)
NOT-FOR-US: Apache Linkis
CVE-2024-38269 (An improper restriction of operations within the bounds of a
memory bu ...)
@@ -168,15 +168,15 @@ CVE-2024-23933 (Sony XAV-AX5500 CarPlay TLV Stack-based
Buffer Overflow Remote C
CVE-2024-23922 (Sony XAV-AX5500 Insufficient Firmware Update Validation Remote
Code Ex ...)
NOT-FOR-US: Sony XAV-AX5500
CVE-2024-0005 (A condition exists in FlashArray and FlashBlade Purity whereby
a malic ...)
- TODO: check
+ NOT-FOR-US: FlashArray and FlashBlade Purity
CVE-2024-0004 (A condition exists in FlashArray Purity whereby an user with
array adm ...)
- TODO: check
+ NOT-FOR-US: FlashArray Purity
CVE-2024-0003 (A condition exists in FlashArray Purity whereby a malicious
user could ...)
- TODO: check
+ NOT-FOR-US: FlashArray Purity
CVE-2024-0002 (A condition exists in FlashArray Purity whereby an attacker can
employ ...)
- TODO: check
+ NOT-FOR-US: FlashArray Purity
CVE-2024-0001 (A condition exists in FlashArray Purity whereby a local account
intend ...)
- TODO: check
+ NOT-FOR-US: FlashArray Purity
CVE-2023-46948 (A reflected Cross-Site Scripting (XSS) vulnerability was found
on Teme ...)
NOT-FOR-US: Temenos T24 Browser
CVE-2022-48945 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
@@ -175082,7 +175082,7 @@ CVE-2022-2441 (The ImageMagick Engine plugin for
WordPress is vulnerable to remo
CVE-2022-2440 (The Theme Editor plugin for WordPress is vulnerable to
deserialization ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2439 (The Easy Digital Downloads \u2013 Simple eCommerce for Selling
Digital ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2438 (The Broken Link Checker plugin for WordPress is vulnerable to
deserial ...)
NOT-FOR-US: Broken Link Checker plugin for WordPress
CVE-2022-2437 (The Feed Them Social \u2013 for Twitter feed, Youtube and more
plugin ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03b55615057e5c3d67042a927507d61035a4ca6e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03b55615057e5c3d67042a927507d61035a4ca6e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
