Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
92c77284 by Moritz Muehlenhoff at 2024-11-11T14:46:04+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -51,7 +51,7 @@ CVE-2024-51571 (Improper Neutralization of Input During Web
Page Generation (XSS
CVE-2024-48939 (Insufficient validation performed on the REST API License file
in Paxt ...)
NOT-FOR-US: Paxton Net2
CVE-2024-41992 (Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0
allows OS c ...)
- TODO: check
+ NOT-FOR-US: Wi-Fi Alliance wfa_dut
CVE-2024-38826 (Authenticated users can upload specifically crafted files to
leak serv ...)
NOT-FOR-US: Cloud Foundry
CVE-2024-11066 (The D-Link DSL6740C modem has an OS Command Injection
vulnerability, a ...)
@@ -73,19 +73,19 @@ CVE-2024-11059 (A vulnerability was found in Project Worlds
Free Download Online
CVE-2024-11058 (A vulnerability was found in CodeAstro Real Estate Management
System u ...)
NOT-FOR-US: CodeAstro Real Estate Management System
CVE-2024-11021 (Webopac from Grand Vice info has Stored Cross-site Scripting
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Webopac
CVE-2024-11020 (Webopac from Grand Vice info has a SQL Injection
vulnerability, allowi ...)
- TODO: check
+ NOT-FOR-US: Webopac
CVE-2024-11019 (Webopac from Grand Vice info has a Reflected Cross-site
Scripting vuln ...)
- TODO: check
+ NOT-FOR-US: Webopac
CVE-2024-11018 (Webopac from Grand Vice info does not properly validate
uploaded file ...)
- TODO: check
+ NOT-FOR-US: Webopac
CVE-2024-11017 (Webopac from Grand Vice info does not properly validate
uploaded file ...)
- TODO: check
+ NOT-FOR-US: Webopac
CVE-2024-11016 (Webopac from Grand Vice info has a SQL Injection
vulnerability, allowi ...)
- TODO: check
+ NOT-FOR-US: Webopac
CVE-2023-40457 (The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS)
30.7.1.1 allo ...)
- TODO: check
+ NOT-FOR-US: EXOS
CVE-2024-51584 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-51583 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
@@ -358343,11 +358343,11 @@ CVE-2020-10370 (Certain Cypress (and Broadcom)
Wireless Combo chips such as CYW4
- bluez-firmware <not-affected> (BCM4345C0.hcd introduced already in
fixed version in Debian with bluez-firmware/1.2-6)
NOTE:
https://github.com/RPi-Distro/bluez-firmware/commit/8445a53ce2c51a77472b908a0c8f6f8e1fa5c37a
CVE-2020-10369 (Certain Cypress (and Broadcom) Wireless Combo chips, when a
January 20 ...)
- TODO: check
+ NOT-FOR-US: Cypress (and Broadcom) Wireless Combo
CVE-2020-10368 (Certain Cypress (and Broadcom) Wireless Combo chips, when a
January 20 ...)
- TODO: check
+ NOT-FOR-US: Cypress (and Broadcom) Wireless Combo
CVE-2020-10367 (Certain Cypress (and Broadcom) Wireless Combo chips, when a
January 20 ...)
- TODO: check
+ NOT-FOR-US: Cypress (and Broadcom) Wireless Combo
CVE-2020-10366 (LogicalDoc before 8.3.3 allows /servlet.gupld Directory
Traversal, a d ...)
NOT-FOR-US: LogicalDoc
CVE-2020-10365 (LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc
populates the ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92c77284c4c97aaeabdc4d796e10f9d4c9d549fd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92c77284c4c97aaeabdc4d796e10f9d4c9d549fd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
