[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Apr 2 09:40:03 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c619b2d0 by Moritz Muehlenhoff at 2024-04-02T10:39:37+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,85 +1,85 @@
CVE-2024-3165 (System->Maintenance-> Log Files in dotCMS dashboard is providing the u ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2024-3164 (In dotCMS dashboard, the Tools and Log Files tabs under System \u2192 ...)
- TODO: check
+ NOT-FOR-US: dotCMS
CVE-2024-3160 (** DISPUTED ** A vulnerability, which was classified as problematic, w ...)
- TODO: check
+ NOT-FOR-US: IntelBras
CVE-2024-3148 (A vulnerability, which was classified as critical, has been found in D ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3147 (A vulnerability classified as problematic was found in DedeCMS 5.7. Th ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3146 (A vulnerability classified as problematic has been found in DedeCMS 5. ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3145 (A vulnerability was found in DedeCMS 5.7. It has been rated as problem ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3144 (A vulnerability was found in DedeCMS 5.7. It has been declared as prob ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3143 (A vulnerability was found in DedeCMS 5.7. It has been classified as pr ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3142 (A vulnerability was found in Clavister E10 and E80 up to 20240323 and ...)
- TODO: check
+ NOT-FOR-US: Clavister
CVE-2024-3141 (A vulnerability has been found in Clavister E10 and E80 up to 20240323 ...)
- TODO: check
+ NOT-FOR-US: Clavister
CVE-2024-3140 (A vulnerability, which was classified as problematic, was found in Sou ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-3139 (A vulnerability, which was classified as critical, has been found in S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-3138 (** DISPUTED ** A vulnerability was found in francoisjacquet RosarioSIS ...)
- TODO: check
+ NOT-FOR-US: RosarioSISster
CVE-2024-3137 (Improper Privilege Management in uvdesk/community-skeleton)
TODO: check
CVE-2024-31005 (An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execu ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2024-31004 (An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execu ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2024-31003 (Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a rem ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2024-31002 (Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a rem ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2024-2925 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2924 (The Creative Addons for Elementor plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2839 (The Colibri Page Builder plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2791 (The Metform Elementor Contact Form Builder plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2369 (The Page Builder Gutenberg Blocks WordPress plugin before 3.1.7 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29276 (An issue was discovered in seeyonOA version 8, allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: seeyonOA
CVE-2024-29086 (in OpenHarmony v3.2.4 and prior versions allow a local attacker cause ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-29074 (in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitr ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-28951 (in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitr ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-28226 (in OpenHarmony v4.0.0 and prior versions allow a remote attacker cause ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-27334 (Kofax Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclo ...)
- TODO: check
+ NOT-FOR-US: KOfax Power PDF
CVE-2024-27333 (Kofax Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclo ...)
- TODO: check
+ NOT-FOR-US: KOfax Power PDF
CVE-2024-27332 (PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-27331 (PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-27330 (PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-27329 (PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-27328 (PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-27327 (PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Ex ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-27326 (PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-27325 (PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-27324 (PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Dis ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-27323 (PDF-XChange Editor Updater Improper Certificate Validation Remote Code ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange Editor
CVE-2024-26684 (In the Linux kernel, the following vulnerability has been resolved: n ...)
TODO: check
CVE-2024-26683 (In the Linux kernel, the following vulnerability has been resolved: w ...)
@@ -139,9 +139,9 @@ CVE-2024-26657 (In the Linux kernel, the following vulnerability has been resolv
CVE-2024-26656 (In the Linux kernel, the following vulnerability has been resolved: d ...)
TODO: check
CVE-2024-25187 (Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allo ...)
- TODO: check
+ NOT-FOR-US: 71cms
CVE-2024-24581 (in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitr ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-23119 (Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulne ...)
TODO: check
CVE-2024-23118 (Centreon updateContactHostCommands SQL Injection Remote Code Execution ...)
@@ -153,51 +153,51 @@ CVE-2024-23116 (Centreon updateLCARelation SQL Injection Remote Code Execution V
CVE-2024-23115 (Centreon updateGroups SQL Injection Remote Code Execution Vulnerabilit ...)
TODO: check
CVE-2024-22180 (in OpenHarmony v4.0.0 and prior versions allow a local attacker cause ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-22177 (in OpenHarmony v3.2.4 and prior versions allow a local attacker cause ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-22098 (in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitr ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-22092 (in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypas ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-21834 (in OpenHarmony v3.2.4 and prior versions allow a local attacker cause ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2024-20854 (Improper handling of insufficient privileges vulnerability in Samsung ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20853 (Improper verification of intent by broadcast receiver vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20852 (Improper verification of intent by broadcast receiver vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20851 (Improper access control vulnerability in Samsung Data Store prior to v ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20850 (Use of Implicit Intent for Sensitive Communication in Samsung Pay prio ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20849 (Out-of-bound Write vulnerability in chunk parsing implementation of li ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20848 (Out-of-bound Write vulnerability in text parsing implementation of lib ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20847 (Improper Access Control vulnerability in StorageManagerService prior t ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20846 (Out-of-bounds write vulnerability while decoding hcr of libsavsac.so p ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20845 (Out-of-bounds write vulnerability while releasing memory in libsavsac. ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20844 (Out-of-bounds write vulnerability while parsing remaining codewords in ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20843 (Out-of-bound write vulnerability in command parsing implementation of ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20842 (Improper Input Validation vulnerability in handling apdu of libsec-ril ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20799 (Adobe Experience Manager versions 6.5.19 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-1863 (Sante PACS Server Token Endpoint SQL Injection Remote Code Execution V ...)
- TODO: check
+ NOT-FOR-US: Sante PACS Server
CVE-2024-1504 (The SecuPress Free \u2014 WordPress Security plugin for WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1274 (The My Calendar WordPress plugin before 3.4.24 does not sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1179 (TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-0637 (Centreon updateDirectory SQL Injection Remote Code Execution Vulnerabi ...)
TODO: check
CVE-2023-52636 (In the Linux kernel, the following vulnerability has been resolved: l ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c619b2d0451cec16f10ac310610da7c062b8286d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c619b2d0451cec16f10ac310610da7c062b8286d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240402/4ee8b491/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list