Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a3a83c6a by Moritz Muehlenhoff at 2024-11-06T13:38:18+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -220,7 +220,7 @@ CVE-2024-51379 (Stored Cross-Site Scripting (XSS)
vulnerability discovered in JA
CVE-2024-51362 (The LSC Smart Connect Indoor IP Camera V7.6.32 is vulnerable
to an inf ...)
NOT-FOR-US: LSC Smart Connect Indoor IP Camera
CVE-2024-51240 (An issue in the luci-mod-rpc package in OpenWRT Luci LTS
allows for pr ...)
- TODO: check
+ NOT-FOR-US: OpenWRT package
CVE-2024-51132 (An XML External Entity (XXE) vulnerability in HAPI FHIR before
v6.4.0 ...)
NOT-FOR-US: HAPI FHIR
CVE-2024-51024 (D-Link DIR_823G 1.0.2B05 was discovered to contain a command
injection ...)
@@ -334,7 +334,7 @@ CVE-2024-10263 (The Tickera \u2013 WordPress Event
Ticketing plugin for WordPres
CVE-2024-10114 (The WooCommerce - Social Login plugin for WordPress is
vulnerable to a ...)
NOT-FOR-US: WordPress plugin
CVE-2024-0134 (NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux
contain a U ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-50138 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.11.6-1
[bookworm] - linux 6.1.115-1
@@ -574,19 +574,19 @@ CVE-2024-5578 (The Table of Contents Plus WordPress
plugin through 2408 does not
CVE-2024-51734 (Zope AccessControl provides a general security framework for
use in Zo ...)
NOT-FOR-US: Zope
CVE-2024-51502 (loona is an experimental, HTTP/1.1 and HTTP/2 implementation
in Rust o ...)
- TODO: check
+ NOT-FOR-US: loona
CVE-2024-51501 (Refit is an automatic type-safe REST library for .NET Core,
Xamarin an ...)
- TODO: check
+ NOT-FOR-US: Refit
CVE-2024-51500 (Meshtastic firmware is a device firmware for the Meshtastic
project. T ...)
NOT-FOR-US: Meshtastic firmware
CVE-2024-51498 (cobalt is a media downloader that doesn't piss you off. A
malicious co ...)
- TODO: check
+ NOT-FOR-US: cobalt
CVE-2024-50346 (WebFeed is a lightweight web feed reader extension for
Firefox/Chrome. ...)
- TODO: check
+ NOT-FOR-US: WebFeed
CVE-2024-48463 (Bruno before 1.29.1 uses Electron shell.openExternal without
validatio ...)
- TODO: check
+ NOT-FOR-US: Bruno
CVE-2024-48061 (langflow <=1.0.18 is vulnerable to Remote Code Execution (RCE)
as any ...)
- TODO: check
+ NOT-FOR-US: langflow
CVE-2024-48059 (gaizhenbiao/chuanhuchatgpt project, version <=20240802 is
vulnerable t ...)
NOT-FOR-US: gaizhenbiao/chuanhuchatgpt
CVE-2024-48057 (localai <=2.20.1 is vulnerable to Cross Site Scripting (XSS).
When cal ...)
@@ -594,7 +594,7 @@ CVE-2024-48057 (localai <=2.20.1 is vulnerable to Cross
Site Scripting (XSS). Wh
CVE-2024-48052 (In gradio <=4.42.0, the gr.DownloadButton function has a
hidden server ...)
NOT-FOR-US: Gradio
CVE-2024-48050 (In agentscope <=v0.0.4, the file
agentscope\web\workstation\workflow_u ...)
- TODO: check
+ NOT-FOR-US: agentscope
CVE-2024-47797 (in OpenHarmony v4.1.0 and prior versions allow a local
attacker cause ...)
NOT-FOR-US: OpenHarmony
CVE-2024-47404 (in OpenHarmony v4.1.0 and prior versions allow a local
attacker cause ...)
@@ -104268,7 +104268,7 @@ CVE-2023-2453 (There is insufficient sanitization of
tainted file names that are
NOT-FOR-US: PHP-Fusion
CVE-2023-51441 (** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation
vulnerabilit ...)
- axis <unfixed> (bug #1060169)
- [bookworm] - axis <no-dsa> (Minor issue)
+ [bookworm] - axis <ignored> (Minor issue)
[bullseye] - axis <no-dsa> (Minor issue)
[buster] - axis <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2024/01/05/2
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3a83c6af9ac801b8fde562fd9e3dbcf0672dcba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3a83c6af9ac801b8fde562fd9e3dbcf0672dcba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
