Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bc923ef3 by Moritz Muehlenhoff at 2024-12-10T10:51:09+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -228,11 +228,11 @@ CVE-2024-40582 (Pentaminds CuroVMS v2.0.1 was discovered
to contain exposed sens
CVE-2024-38485 (Dell ECS, versions prior to 3.8.0, contain(s) a Host Header
Injection ...)
NOT-FOR-US: Dell
CVE-2024-12307 (A function-level access control vulnerability in
Unifiedtransform vers ...)
- TODO: check
+ NOT-FOR-US: Unifiedtransform
CVE-2024-12306 (Multiple access control vulnerabilities in Unifiedtransform
version 2. ...)
- TODO: check
+ NOT-FOR-US: Unifiedtransform
CVE-2024-12305 (An object-level access control vulnerability in
Unifiedtransform versi ...)
- TODO: check
+ NOT-FOR-US: Unifiedtransform
CVE-2024-12057 (User credentials (login & password) are inserted into log
files when a ...)
NOT-FOR-US: PcVue
CVE-2024-11991 (Motoko's incremental garbage collector is impacted by an
uninitialized ...)
@@ -437,7 +437,7 @@ CVE-2024-55566 (ColPack 1.0.10 through 9a7293a has a
predictable temporary file
- colpack <unfixed>
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1225617
CVE-2024-55565 (nanoid (aka Nano ID) before 5.0.9 mishandles non-integer
values. 3.3.8 ...)
- TODO: check
+ NOT-FOR-US: nanoid
CVE-2024-55564 (The POSIX::2008 package before 0.24 for Perl has a potential
_execve50 ...)
- libposix-2008-perl 0.24-1
CVE-2024-55563 (Bitcoin Core through 27.2 allows transaction-relay jamming via
an off- ...)
@@ -485,7 +485,7 @@ CVE-2024-12348 (A vulnerability was found in Guizhou Xiaoma
Technology jpress 5.
CVE-2024-12347 (A vulnerability was found in Guangzhou Huayi Intelligent
Technology Je ...)
NOT-FOR-US: Guangzhou Huayi Intelligent Technology Jeewms
CVE-2024-12346 (A vulnerability has been found in Talentera up to 20241128 and
classif ...)
- TODO: check
+ NOT-FOR-US: Talentera
CVE-2024-12344 (A vulnerability, which was classified as critical, was found
in TP-Lin ...)
NOT-FOR-US: TP-Link
CVE-2024-12343 (A vulnerability classified as critical has been found in
TP-Link VN020 ...)
@@ -533,45 +533,45 @@ CVE-2024-7875 (Tungsten Automation(Kofax) TotalAgility in
versions all through7.
CVE-2024-7874 (Tungsten Automation (Kofax) TotalAgility in versions all
through7.9.0. ...)
NOT-FOR-US: Tungsten Automation
CVE-2024-54138 (NuGet Gallery is a package repository that powers nuget.org.
The NuGet ...)
- TODO: check
+ NOT-FOR-US: NuGet Gallery
CVE-2024-44856 (Open Robotics Robotic Operating System 2 ROS2 navigation2
v.humble was ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-44855 (Open Robotics Robotic Operating System 2 ROS2 navigation2
v.humble was ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-44854 (Open Robotics Robotic Operating System 2 ROS2 navigation2
v.humble was ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-44853 (Open Robotics Robotic Operating System 2 ROS2 navigation2
v.humble was ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-44852 (Open Robotics Robotic Operating System 2 ROS2 navigation2
v.humble was ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-41650 (Insecure Permissions vulnerability in Open Robotics Robotic
Operating ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-41649 (Insecure Permissions vulnerability in Open Robotics Robotic
Operating ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-41648 (Insecure Permissions vulnerability in Open Robotics Robotic
Operating ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-41647 (Insecure Permissions vulnerability in Open Robotics Robotic
Operating ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-41646 (Insecure Permissions vulnerability in Open Robotics Robotic
Operating ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-41645 (Insecure Permissions vulnerability in Open Robotics Robotic
Operating ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-41644 (Insecure Permissions vulnerability in Open Robotics Robotic
Operating ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-38927 (Open Robotics Robotic Operating System 2 (ROS2) and Nav2
humble versio ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-38926 (Open Robotics Robotic Operating System 2 (ROS2) and Nav2
humble versio ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-38925 (Open Robotics Robotic Operating System 2 (ROS2) and Nav2
humble versio ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-38924 (Open Robotics Robotic Operating System 2 (ROS2) and Nav2
humble versio ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-38923 (Open Robotics Robotic Operating System 2 (ROS2) and Nav2
humble versio ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-38922 (Open Robotics Robotic Operating System 2 (ROS2) and Nav2
humble versio ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-38921 (Open Robotics Robotic Operating System 2 (ROS2) and Nav2
humble versio ...)
- TODO: check
+ NOT-FOR-US: ROS Navigation
CVE-2024-12326 (Jirafeau normally prevents browser preview for SVG files due
to the po ...)
NOT-FOR-US: Jirafeau
CVE-2024-12257 (The CardGate Payments for WooCommerce plugin for WordPress is
vulnerab ...)
@@ -845,7 +845,7 @@ CVE-2024-11220 (A local low-level user on the server
machine with credentials to
CVE-2024-11204 (The ForumWP \u2013 Forum & Discussion Board plugin for
WordPress is vu ...)
NOT-FOR-US: WordPress plugin
CVE-2024-11022 (The authentication process to the web server uses a challenge
response ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2024-10909 (The The Pojo Forms plugin for WordPress is vulnerable to
arbitrary sho ...)
NOT-FOR-US: WordPress plugin
CVE-2024-10879 (The ForumWP \u2013 Forum & Discussion Board plugin for
WordPress is vu ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc923ef3df29c1f81088cff373168019ea1e2ac0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc923ef3df29c1f81088cff373168019ea1e2ac0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
