Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
598f50d2 by Salvatore Bonaccorso at 2024-11-21T16:21:28+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,9 +11,9 @@ CVE-2024-9653 (The Restaurant Menu \u2013 Food Ordering
System \u2013 Table Rese
CVE-2024-9600 (The Ditty WordPress plugin before 3.1.47 does not sanitise and
escape ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9479 (Improper Privilege Management vulnerability in upKeeper
Solutions upKe ...)
- TODO: check
+ NOT-FOR-US: upKeeper
CVE-2024-9478 (Improper Privilege Management vulnerability in upKeeper
Solutions upKe ...)
- TODO: check
+ NOT-FOR-US: upKeeper
CVE-2024-9442 (The F4 Improvements plugin for WordPress is vulnerable to
Stored Cross ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9371 (The Branda \u2013 White Label & Branding, Custom Login Page
Customizer ...)
@@ -27,13 +27,13 @@ CVE-2024-8726 (The MailChimp Forms by MailMunch plugin for
WordPress is vulnerab
CVE-2024-8157 (The Alphabetical List WordPress plugin through 1.0.3 does not
have CSR ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7517 (A command injection vulnerability in Brocade Fabric OS before
9.2.0c, ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade Fabric OS
CVE-2024-5029 (The CM Table Of Contents WordPress plugin before 1.2.4 does
not have ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52797 (Opencast is free and open source software for automated video
capture ...)
- TODO: check
+ NOT-FOR-US: Opencast
CVE-2024-52796 (Password Pusher, an open source application to communicate
sensitive i ...)
- TODO: check
+ NOT-FOR-US: Password Pusher
CVE-2024-52771 (DedeBIZ v6.3.0 was discovered to contain an arbitrary file
deletion vu ...)
NOT-FOR-US: DedeBIZ
CVE-2024-52770 (An arbitrary file upload vulnerability in the component
/admin/file_ma ...)
@@ -59,7 +59,7 @@ CVE-2024-52739 (D-LINK DI-8400 v16.07.26A1 was discovered to
contain multiple re
CVE-2024-52725 (SemCms v4.8 was discovered to contain a SQL injection
vulnerability. T ...)
NOT-FOR-US: SemCms
CVE-2024-52702 (A stored cross-site scripting (XSS) vulnerability in the
component ins ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2024-52701 (A stored cross-site scripting (XSS) vulnerability in the
Configuration ...)
TODO: check
CVE-2024-52677 (HkCms <= v2.3.2.240702 is vulnerable to file upload in the
getFileName ...)
@@ -67,9 +67,9 @@ CVE-2024-52677 (HkCms <= v2.3.2.240702 is vulnerable to file
upload in the getFi
CVE-2024-52614 (Use of hard-coded cryptographic key issue exists in "Kura
Sushi Offici ...)
NOT-FOR-US: "Kura Sushi Official App Produced by EPARK" for Android
CVE-2024-52598 (2FAuth is a web app to manage Two-Factor Authentication (2FA)
accounts ...)
- TODO: check
+ NOT-FOR-US: Bubka 2FAuth
CVE-2024-52597 (2FAuth is a web app to manage Two-Factor Authentication (2FA)
accounts ...)
- TODO: check
+ NOT-FOR-US: Bubka 2FAuth
CVE-2024-52595 (lxml_html_clean is a project for HTML cleaning functionalities
copied ...)
TODO: check
CVE-2024-52581 (Litestar is an Asynchronous Server Gateway Interface (ASGI)
framework. ...)
@@ -119,47 +119,47 @@ CVE-2024-52033 (Exposure of sensitive system information
to an unauthorized cont
CVE-2024-51669 (Cross-Site Request Forgery (CSRF) vulnerability in Vivwebs
Dynamic Wid ...)
NOT-FOR-US: WordPress plugin
CVE-2024-51209 (Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's
Client Mana ...)
- TODO: check
+ NOT-FOR-US: Anuj Kumar's Client Management System
CVE-2024-51208 (File Upload vulnerability in change-image.php in Anuj Kumar's
Boat Boo ...)
- TODO: check
+ NOT-FOR-US: Anuj Kumar's Boat Booking System
CVE-2024-51163 (Local File Inclusion vulnerability in Vegam Solutions Vegam 4i
v.6.3.4 ...)
- TODO: check
+ NOT-FOR-US: Vegam Solutions Vegam 4i
CVE-2024-51162 (An issue in Audimex EE v.15.1.20 and before allows a remote
attacker t ...)
- TODO: check
+ NOT-FOR-US: Audimex EE
CVE-2024-51151 (D-Link DI-8200 16.07.26A1 is vulnerable to remote command
execution in ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-49203 (Querydsl 5.1.0 allows SQL/HQL injection in orderBy in
JPAQuery.)
- TODO: check
+ NOT-FOR-US: Querydsl
CVE-2024-48986 (An issue was discovered in MBed OS 6.16.0. Its hci parsing
software dy ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48985 (An issue was discovered in MBed OS 6.16.0. During processing
of HCI pa ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48984 (An issue was discovered in MBed OS 6.16.0. When parsing hci
reports, t ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48983 (An issue was discovered in MBed OS 6.16.0. During processing
of HCI pa ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48982 (An issue was discovered in MBed OS 6.16.0. Its hci parsing
software dy ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48981 (An issue was discovered in MBed OS 6.16.0. During processing
of HCI pa ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48899 (A vulnerability was found in Moodle. Additional checks are
required to ...)
TODO: check
CVE-2024-48895 (Improper neutralization of special elements used in an OS
command ('OS ...)
- TODO: check
+ NOT-FOR-US: Rakuten Turbo 5G firmware
CVE-2024-48536 (Incorrect access control in eSoft Planner 3.24.08271-USA allow
attacke ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48535 (A stored cross-site scripting (XSS) vulnerability in eSoft
Planner 3.2 ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48534 (A reflected cross-site scripting (XSS) vulnerability on the
Camp Detai ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48533 (A discrepancy between responses for valid and invalid e-mail
accounts ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48531 (A reflected cross-site scripting (XSS) vulnerability on the
Rental Ava ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48530 (An issue in the Instructor Appointment Availability module of
eSoft Pl ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-47865 (Missing authentication for critical function vulnerability
exists in R ...)
- TODO: check
+ NOT-FOR-US: Rakuten Turbo 5G firmware
CVE-2024-45691 (A flaw was found in Moodle. When restricting access to a
lesson activi ...)
TODO: check
CVE-2024-45690 (A flaw was found in Moodle. Additional checks were required to
ensure ...)
@@ -169,9 +169,9 @@ CVE-2024-45689 (A flaw was found in Moodle. Dynamic tables
did not enforce capab
CVE-2024-45663 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 11.1 ...)
NOT-FOR-US: IBM
CVE-2024-45511 (An issue was discovered in Zimbra Collaboration (ZCS) through
10.1. A ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-45510 (An issue was discovered in Zimbra Collaboration (ZCS) through
10.0. Zi ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-44309 (A cookie management issue was addressed with improved state
management ...)
TODO: check
CVE-2024-44308 (The issue was addressed with improved checks. This issue is
fixed in S ...)
@@ -181,167 +181,167 @@ CVE-2024-44307 (A buffer overflow issue was addressed
with improved memory handl
CVE-2024-44306 (A buffer overflow issue was addressed with improved memory
handling. T ...)
TODO: check
CVE-2024-33439 (An issue in Kasda LinkSmart Router KW5515 v1.7 and before
allows an au ...)
- TODO: check
+ NOT-FOR-US: Kasda LinkSmart Router KW5515
CVE-2024-30896 (InfluxDB through 2.7.10 allows allAccess administrators to
retrieve al ...)
TODO: check
CVE-2024-30424 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29292 (Multiple OS Command Injection vulnerabilities affecting Kasda
LinkSmar ...)
- TODO: check
+ NOT-FOR-US: Kasda LinkSmart Router KW6512
CVE-2024-11495 (Buffer overflow vulnerability in OllyDbg, version 1.10, which
could al ...)
- TODO: check
+ NOT-FOR-US: OllyDbg
CVE-2024-11494 (**UNSUPPORTED WHEN ASSIGNED** The improper authentication
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2024-11493 (A vulnerability classified as problematic was found in 115cms
up to 20 ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11492 (A vulnerability classified as problematic has been found in
115cms up ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11491 (A vulnerability was found in 115cms up to 20240807. It has
been rated ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11490 (A vulnerability was found in 115cms up to 20240807. It has
been declar ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11489 (A vulnerability was found in 115cms up to 20240807. It has
been classi ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11488 (A vulnerability was found in 115cms up to 20240807 and
classified as p ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11487 (A vulnerability has been found in Code4Berry Decoration
Management Sys ...)
- TODO: check
+ NOT-FOR-US: Code4Berry Decoration Management System
CVE-2024-11486 (A vulnerability, which was classified as problematic, was
found in Cod ...)
- TODO: check
+ NOT-FOR-US: Code4Berry Decoration Management System
CVE-2024-11485 (A vulnerability, which was classified as critical, has been
found in C ...)
- TODO: check
+ NOT-FOR-US: Code4Berry Decoration Management System
CVE-2024-11484 (A vulnerability classified as critical was found in Code4Berry
Decorat ...)
- TODO: check
+ NOT-FOR-US: Code4Berry Decoration Management System
CVE-2024-11455 (The Include Mastodon Feed plugin for WordPress is vulnerable
to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11447 (The Community by PeepSo \u2013 Download from PeepSo.com plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11440 (The Grey Owl Lightbox plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11438 (The StreamWeasels Online Status Bar plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11435 (The salavat counter Plugin plugin for WordPress is vulnerable
to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11432 (The SuevaFree Essential Kit plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11428 (The Lazy load videos and sticky control plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11424 (The Slick Sitemap plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11416 (The WIP Incoming Lite plugin for WordPress is vulnerable to
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11414 (The RecipePress Reloaded plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11412 (The Shine PDF Embeder plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11409 (The Grid View Gallery plugin for WordPress is vulnerable to
PHP Object ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11406 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2024-11404 (Unrestricted Upload of File with Dangerous Type, Improper
Input Valida ...)
TODO: check
CVE-2024-11400 (The HUSKY \u2013 Products Filter Professional for WooCommerce
plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11388 (The Dino Game \u2013 Embed Google Chrome Dinosaur Game in
WordPress pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11385 (The Pure CSS Circle Progress bar plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11370 (The Subaccounts for WooCommerce plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11365 (The Crypto and DeFi Widgets \u2013 Web3 Cryptocurrency
Shortcodes plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11360 (The Page Parts plugin for WordPress is vulnerable to Reflected
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11354 (The Ultimate YouTube Video & Shorts Player With Vimeo plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11334 (The My Contador lesr plugin for WordPress is vulnerable to
unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11278 (The GD bbPress Attachments plugin for WordPress is vulnerable
to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11277 (The 404 Solution plugin for WordPress is vulnerable to
Reflected Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11197 (The Lock User Account plugin for WordPress is vulnerable to
user lock ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11179 (The MStore API \u2013 Create Native Android & iOS Apps On The
Cloud pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11176 (Improper access control vulnerability in M-Files Aino in
versions befo ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2024-11154 (The PublishPress Revisions: Duplicate Posts, Submit, Approve
and Sched ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11086
REJECTED
CVE-2024-11081
REJECTED
CVE-2024-10913 (The Clone plugin for WordPress is vulnerable to PHP Object
Injection i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10900 (The ProfileGrid \u2013 User Profiles, Groups and Communities
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10899 (The The WooCommerce Product Table Lite plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10898 (The Contact Form 7 Email Add on plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10891 (The Save as PDF Plugin by Pdfcrowd plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10890 (The WPAdverts \u2013 Classifieds Plugin plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10872 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10855 (The Image Optimizer, Resizer and CDN \u2013 Sirv plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10796 (The If-So Dynamic Content Personalization plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10788 (The Activity Log \u2013 Monitor & Record User Changes plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10785 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder
Feature ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10782 (The Theme Builder For Elementor plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10726 (The Friendly Functions for Welcart plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10696 (The UltraAddons \u2013 Elementor Addons (Header Footer
Builder, Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10682 (The Announcement & Notification Banner \u2013 Bulletin plugin
for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10671 (The Button Block \u2013 Get fully customizable &
multi-functional butt ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10665 (The Yaad Sarig Payment Gateway For WC plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10623 (The ForumEngine theme for WordPress is vulnerable to Reflected
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-10532 (The Bard Extra plugin for WordPress is vulnerable to
unauthorized modi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10528 (The Ultimate Member \u2013 User Profile, Registration, Login,
Member D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10522 (The Co-marquage service-public.fr plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10520 (The WP Project Manager plugin for WordPress is vulnerable to
unauthori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10515 (In the process of testing the SEO Plugin by Squirrly SEO
WordPress plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10482 (The Media File Rename, Find Unused File, Add Alt text,
Caption, Desc F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10403 (Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0
through 9.2 ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade Fabric OS
CVE-2024-10400 (The Tutor LMS plugin for WordPress is vulnerable to SQL
Injection via ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10393 (The Tutor LMS plugin for WordPress is vulnerable to bypass to
user reg ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10382 (There exists a code execution vulnerability in the Car App
Android Jet ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-10365 (The The Plus Addons for Elementor \u2013 Elementor Addons,
Page Templa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10177 (The Beds24 Online Booking plugin for WordPress is vulnerable
to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10172 (The WPBakery Visual Composer WHMCS Elements plugin for
WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10164 (The Premium Packages \u2013 Sell Digital Products Securely
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10127 (Authentication bypass condition in LDAP authentication in
M-Files serv ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2024-10126 (Local File Inclusion vulnerability in M-Files Server in
versions befor ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2024-10094 (Pega Platform versions 6.x to Infinity 24.1.1 are affected by
an issue ...)
- TODO: check
+ NOT-FOR-US: Pega Platform
CVE-2024-11477
- 7zip 24.07+dfsg-1
- p7zip 16.02+transitional.1
@@ -136602,7 +136602,7 @@ CVE-2023-27611 (Cross-Site Request Forgery (CSRF)
vulnerability in audrasjb Reus
CVE-2023-27610 (Auth. (admin+) SQL Injection (SQLi) vulnerability in
TransbankDevelope ...)
NOT-FOR-US: TransbankDevelopers Transbank Webpay
CVE-2023-27609 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27608 (Missing Authorization vulnerability in WP Swings Points and
Rewards fo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27607 (Missing Authorization vulnerability in WP Swings Points and
Rewards fo ...)
@@ -170010,15 +170010,15 @@ CVE-2022-43939 (Hitachi Vantara Pentaho Business
Analytics Server versions befor
CVE-2022-43938 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 9. ...)
NOT-FOR-US: Hitachi
CVE-2022-43937 (Possible information exposure through log file vulnerability
where sen ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-43936 (Brocade SANnav versions before 2.2.2 log Brocade Fabric OS
switch pass ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-43935 (An information exposure through log file vulnerability exists
in Broca ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-43934 (Brocade SANnav before Brocade SANnav 2.2.2 supports key
exchange algor ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-43933 (An information exposure through log file vulnerability exists
in Broca ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-3713 (A code injection vulnerability allows adjacent attackers to
execute co ...)
NOT-FOR-US: Sophos
CVE-2022-3712
@@ -472926,7 +472926,7 @@ CVE-2018-9476 (In avrc_pars_browsing_cmd of
avrc_pars_tg.cc, there is a possible
CVE-2018-9475 (In HeadsetInterface::ClccResponse of btif_hf.cc, there is a
possible o ...)
NOT-FOR-US: Android
CVE-2018-9474 (In writeToParcel of MediaPlayer.java, there is a possible
serializatio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9473 (In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is
a poss ...)
NOT-FOR-US: Android Media Framework
CVE-2018-9472 (In xmlMemStrdupLoc of xmlmemory.c, there is a possible
out-of-bounds w ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/598f50d2b4c1c6d65ccc649ef46a0036de39a808
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/598f50d2b4c1c6d65ccc649ef46a0036de39a808
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
