Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
faeb1771 by Salvatore Bonaccorso at 2024-12-30T08:46:45+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -205,7 +205,7 @@ CVE-2018-25107 (The Crypt::Random::Source package before
0.13 for Perl has a fal
CVE-2024-56512 (Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained
authorizatio ...)
NOT-FOR-US: Apache NiFi
CVE-2024-12995 (A vulnerability classified as problematic has been found in
ruifang-te ...)
- TODO: check
+ NOT-FOR-US: ruifang-tech Rebuild
CVE-2024-12994 (A vulnerability was found in running-elephant Datart
1.0.0-rc3. It has ...)
NOT-FOR-US: running-elephant Datart
CVE-2024-56708 (In the Linux kernel, the following vulnerability has been
resolved: E ...)
@@ -350,11 +350,11 @@ CVE-2024-50714 (A Server-Side Request Forgery (SSRF) in
smarts-srl.com Smart Age
CVE-2024-50713 (SmartAgent v1.1.0 was discovered to contain a SQL injection
vulnerabil ...)
NOT-FOR-US: Smart Agent
CVE-2024-46973 (Software installed and run as a non-privileged user may
conduct improp ...)
- TODO: check
+ NOT-FOR-US: Imagination GPU Driver
CVE-2024-46972 (Software installed and run as a non-privileged user may
conduct improp ...)
- TODO: check
+ NOT-FOR-US: Imagination GPU Driver
CVE-2024-43705 (Software installed and run as a non-privileged user can
trigger the GP ...)
- TODO: check
+ NOT-FOR-US: Imagination GPU Driver
CVE-2023-7266 (Some Huawei home routers have a connection hijacking
vulnerability. Su ...)
NOT-FOR-US: Huawei
CVE-2023-7263 (Some Huawei home music system products have a path traversal
vulnerabi ...)
@@ -368,7 +368,7 @@ CVE-2024-56732 (HarfBuzz is a text shaping engine. Starting
with 8.5.0 through 1
NOTE:
https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-qmp9-xqm5-jh6m
NOTE: Fixed by:
https://github.com/harfbuzz/harfbuzz/commit/1767f99e2e2196c3fcae27db6d8b60098d3f6d26
(main)
CVE-2024-56509 (changedetection.io is a free open source web page change
detection, we ...)
- TODO: check
+ NOT-FOR-US: changedetection.io
CVE-2024-56508 (LinkAce is a self-hosted archive to collect links of your
favorite web ...)
NOT-FOR-US: LinkAce
CVE-2024-56507 (LinkAce is a self-hosted archive to collect links of your
favorite web ...)
@@ -392,11 +392,11 @@ CVE-2024-50944 (Integer overflow vulnerability exists in
SimplCommerce at commit
CVE-2024-3393 (A Denial of Service vulnerability in the DNS Security feature
of Palo ...)
NOT-FOR-US: Palo Alto Networks
CVE-2024-39025 (Incorrect access control in the /users endpoint of Cpacker
MemGPT v0.3 ...)
- TODO: check
+ NOT-FOR-US: letta-ai/letta / Cpacker MemGPT
CVE-2024-12991 (A vulnerability was found in Beijing Longda Jushang Technology
DBShop\ ...)
NOT-FOR-US: Beijing Longda Jushang Technology
CVE-2024-12990 (A vulnerability was found in ruifang-tech Rebuild 3.8.6. It
has been c ...)
- TODO: check
+ NOT-FOR-US: ruifang-tech Rebuild
CVE-2024-12989 (A vulnerability was found in WISI Tangram GT31 up to 20241214
and clas ...)
NOT-FOR-US: WISI Tangram GT31
CVE-2024-12988 (A vulnerability has been found in Netgear R6900P and R7000P
1.3.3.154 ...)
@@ -1375,7 +1375,7 @@ CVE-2024-12954 (A vulnerability, which was classified as
critical, was found in
CVE-2024-12953 (A vulnerability, which was classified as critical, has been
found in 1 ...)
NOT-FOR-US: 1000 Projects Portfolio Management System MCA
CVE-2024-12952 (A vulnerability classified as critical was found in melMass
comfy_mtb ...)
- TODO: check
+ NOT-FOR-US: melMass/comfy_mtb
CVE-2024-12951 (A vulnerability classified as critical has been found in 1000
Projects ...)
NOT-FOR-US: 1000 Projects Portfolio Management System MCA
CVE-2024-12950 (A vulnerability was found in code-projects Travel Management
System 1. ...)
@@ -1395,7 +1395,7 @@ CVE-2024-12944 (A vulnerability was found in CodeAstro
House Rental Management S
CVE-2024-12943 (A vulnerability was found in CodeAstro House Rental Management
System ...)
NOT-FOR-US: CodeAstro House Rental Management System
CVE-2024-12908 (Delinea addressed a reported case on Secret Server v11.7.31
(protocol ...)
- TODO: check
+ NOT-FOR-US: Delinea
CVE-2023-7300 (Huawei Home Music System has a path traversal vulnerability.
Successfu ...)
NOT-FOR-US: Huawei
CVE-2024-12942 (A vulnerability was found in 1000 Projects Portfolio
Management System ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faeb1771629c50bef505c608ae13253f1a1979b2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faeb1771629c50bef505c608ae13253f1a1979b2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
