Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ff5df8f1 by Salvatore Bonaccorso at 2024-10-03T22:58:53+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,61 +17,61 @@ CVE-2024-5803 (The AVGUI.exe of AVG/Avast Antivirus before
versions before 24.1
CVE-2024-47762 (Backstage is an open framework for building developer portals.
Configu ...)
TODO: check
CVE-2024-47618 (Sulu is a PHP content management system. Sulu is vulnerable
against XS ...)
- TODO: check
+ NOT-FOR-US: Sulu
CVE-2024-47617 (Sulu is a PHP content management system. This vulnerability
allows an ...)
- TODO: check
+ NOT-FOR-US: Sulu
CVE-2024-47614 (async-graphql is a GraphQL server library implemented in Rust.
async-g ...)
TODO: check
CVE-2024-47561 (Schema parsing in the Java SDK of Apache Avro 1.11.3 and
previous vers ...)
- TODO: check
+ NOT-FOR-US: Apache Avro
CVE-2024-47554 (Uncontrolled Resource Consumption vulnerability in Apache
Commons IO. ...)
TODO: check
CVE-2024-45872 (Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via
sub_0x41 ...)
- TODO: check
+ NOT-FOR-US: Bandisoft BandiView
CVE-2024-45871 (Bandisoft BandiView 7.05 is Incorrect Access Control via
sub_0x232bd8 ...)
- TODO: check
+ NOT-FOR-US: Bandisoft BandiView
CVE-2024-45870 (Bandisoft BandiView 7.05 is vulnerable to Incorrect Access
Control in ...)
- TODO: check
+ NOT-FOR-US: Bandisoft BandiView
CVE-2024-42415 (An integer overflow vulnerability exists in the Compound
Document Bina ...)
TODO: check
CVE-2024-41988 (TEM Opera Plus FM Family Transmitter allows access to an
unprotected e ...)
- TODO: check
+ NOT-FOR-US: TEM Opera Plus FM Family Transmitter
CVE-2024-41987 (The TEM Opera Plus FM Family Transmitter application interface
allows ...)
- TODO: check
+ NOT-FOR-US: TEM Opera Plus FM Family Transmitter
CVE-2024-41922 (A directory traversal vulnerability exists in the log files
download f ...)
- TODO: check
+ NOT-FOR-US: Veertu Anka
CVE-2024-41596 (Buffer Overflow vulnerabilities exist in DrayTek Vigor310
devices thro ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41595 (DrayTek Vigor310 devices through 4.3.2.6 allow a remote
attacker to ch ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41594 (An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an
attacke ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41593 (DrayTek Vigor310 devices through 4.3.2.6 allow a remote
attacker to ex ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41592 (DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based
overflow ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41591 (DrayTek Vigor3910 devices through 4.3.2.6 allow
unauthenticated DOM-ba ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41590 (Several CGI endpoints are vulnerable to buffer overflows, by
authentic ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41589 (DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP
for auth ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41588 (The CGI endpoints v2x00.cgi and cgiwcg.cgi of DrayTek
Vigor3910 device ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41587 (Stored XSS, by authenticated users, is caused by poor
sanitization of ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41586 (A stack-based Buffer Overflow vulnerability in DrayTek
Vigor310 device ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41585 (DrayTek Vigor3910 devices through 4.3.2.6 are affected by an
OS comman ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41584 (DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to
reflected ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41583 (DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to
stored Cro ...)
- TODO: check
+ NOT-FOR-US: DrayTek Vigor310 devices
CVE-2024-41163 (A directory traversal vulnerability exists in the archive
download fun ...)
- TODO: check
+ NOT-FOR-US: Veertu Anka
CVE-2024-39755 (A privilege escalation vulnerability exists in the Veertu Anka
Build 1 ...)
- TODO: check
+ NOT-FOR-US: Veertu Anka
CVE-2024-36474 (An integer overflow vulnerability exists in the Compound
Document Bina ...)
TODO: check
CVE-2024-34535 (In Mastodon 4.1.6, API endpoint rate limiting can be bypassed
by setti ...)
@@ -83,7 +83,7 @@ CVE-2024-0124 (NVIDIA CUDA Toolkit for Windows and Linux
contains a vulnerabilit
CVE-2024-0123 (NVIDIA CUDA toolkit for Windows and Linux contains a
vulnerability in ...)
TODO: check
CVE-2023-37822 (Eufy HomeBase 2 model T8010X v3.2.8.3h was discovered to use
the depre ...)
- TODO: check
+ NOT-FOR-US: Eufy HomeBase 2 model T8010X
CVE-2024-8508 (NLnet Labs Unbound up to and including version 1.21.0 contains
a vulne ...)
- unbound <unfixed> (bug #1083282)
NOTE: Advisory: https://nlnetlabs.nl/downloads/unbound/CVE-2024-8508.txt
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff5df8f1cde8f0a19e1f153e299aa84200e7bfc6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff5df8f1cde8f0a19e1f153e299aa84200e7bfc6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
