Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eba28ed0 by Salvatore Bonaccorso at 2024-12-19T16:17:53+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35,45 +35,45 @@ CVE-2024-53580 (iperf v3.17.1 was discovered to contain a
segmentation violation
CVE-2024-51532 (Dell PowerStore contains an Improper Neutralization of
Argument Delimi ...)
NOT-FOR-US: Dell
CVE-2024-4230 (External Control of File Name or Path vulnerability in
Edgecross Basic ...)
- TODO: check
+ NOT-FOR-US: Edgecross Basic Software for Windows
CVE-2024-4229 (Incorrect Default Permissions vulnerability in Edgecross Basic
Softwar ...)
- TODO: check
+ NOT-FOR-US: Edgecross Basic Software for Windows
CVE-2024-45338 (An attacker can craft an input to the Parse functions that
would be pr ...)
TODO: check
CVE-2024-43106 (A library injection vulnerability exists in Microsoft Excel
16.83 for ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel for macOS
CVE-2024-42220 (A library injection vulnerability exists in Microsoft Outlook
16.83.3 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Outlook for macOS
CVE-2024-42004 (A library injection vulnerability exists in Microsoft Teams
(work or s ...)
- TODO: check
+ NOT-FOR-US: Microsoft Teams for macOS
CVE-2024-41165 (A library injection vulnerability exists in Microsoft Word
16.83 for m ...)
- TODO: check
+ NOT-FOR-US: Microsoft Word for macOS
CVE-2024-41159 (A library injection vulnerability exists in Microsoft OneNote
16.83 fo ...)
- TODO: check
+ NOT-FOR-US: Microsoft OneNote for macOS
CVE-2024-41145 (A library injection vulnerability exists in the WebView.app
helper app ...)
- TODO: check
+ NOT-FOR-US: Microsoft Teams for macOS
CVE-2024-41138 (A library injection vulnerability exists in the
com.microsoft.teams2.m ...)
- TODO: check
+ NOT-FOR-US: Microsoft Teams for macOS
CVE-2024-39804 (A library injection vulnerability exists in Microsoft
PowerPoint 16.83 ...)
- TODO: check
+ NOT-FOR-US: Microsoft PowerPoint for macOS
CVE-2024-37649 (Insecure Permissions vulnerability in SecureSTATION
v.2.5.5.3116-S50-S ...)
- TODO: check
+ NOT-FOR-US: SecureSTATION
CVE-2024-35141 (IBM Security Verify Access Docker 10.0.0 through 10.0.6 could
allow a ...)
NOT-FOR-US: IBM
CVE-2024-12686 (A vulnerability has been discovered in Privileged Remote
Access (PRA) ...)
TODO: check
CVE-2024-12560 (The Button Block \u2013 Get fully customizable &
multi-functional butt ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12121 (The Broken Link Checker | Finder plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11984 (A unrestricted upload of file with dangerous type
vulnerability in epa ...)
TODO: check
CVE-2024-11768 (The Download Manager plugin for WordPress is vulnerable to
unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11740 (The The Download Manager plugin for WordPress is vulnerable to
arbitra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10548 (The WP Project Manager plugin for WordPress is vulnerable to
Sensitive ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12695 (Out of bounds write in V8 in Google Chrome prior to
131.0.6778.204 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -157011,13 +157011,13 @@ CVE-2023-23359
CVE-2023-23358
RESERVED
CVE-2023-23357 (A cross-site scripting (XSS) vulnerability has been reported
to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-23356 (A command injection vulnerability has been reported to affect
several ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-23355 (An OS command injection vulnerability has been reported to
affect QNAP ...)
NOT-FOR-US: QNAP
CVE-2023-23354 (A cross-site scripting (XSS) vulnerability has been reported
to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-23353
RESERVED
CVE-2023-23352
@@ -167686,7 +167686,7 @@ CVE-2023-21588 (Adobe InDesign version 18.0 (and
earlier), 17.4 (and earlier) ar
CVE-2023-21587 (Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier)
are affe ...)
NOT-FOR-US: Adobe
CVE-2023-21586 (Adobe Acrobat Reader versions 22.003.20282 (and earlier),
22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21585 (Adobe Acrobat Reader versions 22.003.20282 (and earlier),
22.003.20281 ...)
NOT-FOR-US: Adobe
CVE-2023-21584 (FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are
affecte ...)
@@ -174546,23 +174546,23 @@ CVE-2022-44522
CVE-2022-44521
RESERVED
CVE-2022-44520 (Acrobat Reader DC version 22.001.20085 (and earlier),
20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44519 (Acrobat Reader DC version 22.001.20085 (and earlier),
20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44518 (Acrobat Reader DC version 22.001.20085 (and earlier),
20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44517 (Acrobat Reader DC version 22.001.20085 (and earlier),
20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44516 (Acrobat Reader DC version 22.001.20085 (and earlier),
20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44515 (Acrobat Reader DC version 22.001.20085 (and earlier),
20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44514 (Acrobat Reader DC version 22.001.20085 (and earlier),
20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44513 (Acrobat Reader DC version 22.001.20085 (and earlier),
20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44512 (Acrobat Reader DC version 22.001.20085 (and earlier),
20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44511
RESERVED
CVE-2022-44510 (Adobe Experience Manager version 6.5.14 (and earlier) is
affected by a ...)
@@ -223887,7 +223887,7 @@ CVE-2022-27602
CVE-2022-27601
RESERVED
CVE-2022-27600 (An uncontrolled resource consumption vulnerability has been
reported t ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2022-27599 (An insertion of sensitive information into Log file
vulnerability has ...)
NOT-FOR-US: QNAP
CVE-2022-27598 (A vulnerability has been reported to affect QNAP operating
systems. If ...)
@@ -223897,7 +223897,7 @@ CVE-2022-27597 (A vulnerability has been reported to
affect QNAP operating syste
CVE-2022-27596 (A vulnerability has been reported to affect QNAP device
running QuTS h ...)
NOT-FOR-US: QNAP
CVE-2022-27595 (An insecure library loading vulnerability has been reported to
affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2022-27594
RESERVED
CVE-2022-27593 (An externally controlled reference to a resource vulnerability
has bee ...)
@@ -298747,7 +298747,7 @@ CVE-2021-26095 (The combination of various
cryptographic issues in the session m
CVE-2021-26094
RESERVED
CVE-2021-26093 (An access of uninitialized pointer (CWE-824) vulnerabilityin
FortiWLC ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2021-26092 (Failure to sanitize input in the SSL VPN web portal of FortiOS
5.2.10 ...)
NOT-FOR-US: FortiGuard
CVE-2021-26091
@@ -361811,7 +361811,7 @@ CVE-2020-12821 (Gossipsub 1.0 does not properly
resist invalid message spam, suc
CVE-2020-12820
RESERVED
CVE-2020-12819 (A heap-based buffer overflow vulnerability in the processing
of Link C ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2020-12818 (An insufficient logging vulnerability in FortiGate before
6.4.1 may al ...)
NOT-FOR-US: FortiGuard
CVE-2020-12817 (An improper neutralization of input vulnerability in
FortiAnalyzer bef ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eba28ed0bf61f8d52423fbd2021ff3232f4bd065
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eba28ed0bf61f8d52423fbd2021ff3232f4bd065
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
