[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Aug 8 09:07:34 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
934336e4 by Moritz Muehlenhoff at 2024-08-08T10:06:40+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,7 +27,7 @@ CVE-2024-7579 (A vulnerability was found in Alien Technology ALR-F800 up to 19.1
CVE-2024-7578 (A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24. ...)
NOT-FOR-US: Alien Technology ALR-F800
CVE-2024-7553 (Incorrect validation of files loaded from a local untrusted directory ...)
- TODO: check
+ - mongodb <not-affected> (Windows-specific)
CVE-2024-7355 (The Organization chart plugin for WordPress is vulnerable to Stored Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7353 (The Accept Stripe Payments plugin for WordPress is vulnerable to Store ...)
@@ -93,15 +93,15 @@ CVE-2024-34480 (SourceCodester Computer Laboratory Management System 1.0 allows
CVE-2024-34479 (SourceCodester Computer Laboratory Management System 1.0 allows classe ...)
NOT-FOR-US: SourceCodester Computer Laboratory Management System
CVE-2024-20479 (A vulnerability in the web-based management interface of Cisco ISE cou ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20454 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20451 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20450 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20443 (A vulnerability in the web-based management interface of Cisco ISE cou ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-42250 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.9.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -294,11 +294,11 @@ CVE-2024-6357 (Insecure Direct Object Reference vulnerability identified in Open
CVE-2024-43114 (In JetBrains TeamCity before 2024.07.1 possible privilege escalation d ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2024-43113 (The contextual menu for links could provide an opportunity for cross-s ...)
- TODO: check
+ - firefox <not-affected> (iOS-specific)
CVE-2024-43112 (Long pressing on a download link could potentially provide a means for ...)
- TODO: check
+ - firefox <not-affected> (iOS-specific)
CVE-2024-43111 (Long pressing on a download link could potentially allow Javascript co ...)
- TODO: check
+ - firefox <not-affected> (iOS-specific)
CVE-2024-42400 (Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist ...)
NOT-FOR-US: HPE
CVE-2024-42399 (Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist ...)
@@ -376,11 +376,11 @@ CVE-2024-33983 (Cross-Site Scripting (XSS) vulnerability in School Attendance Mo
CVE-2024-33982 (Cross-Site Scripting (XSS) vulnerability in School Attendance Monitori ...)
NOT-FOR-US: School Attendance Monitoring System and School Event Management System
CVE-2024-33981 (Cross-Site Scripting (XSS) vulnerability in PayPal, Credit Card and De ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33980 (Cross-Site Scripting (XSS) vulnerability in PayPal, Credit Card and De ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33979 (Cross-Site Scripting (XSS) vulnerability in PayPal, Credit Card and De ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33978 (Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting ...)
NOT-FOR-US: E-Negosyo System
CVE-2024-33977 (Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting ...)
@@ -390,45 +390,45 @@ CVE-2024-33976 (Cross-Site Scripting (XSS) vulnerability in E-Negosyo System aff
CVE-2024-33975 (Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting ...)
NOT-FOR-US: E-Negosyo System
CVE-2024-33974 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33973 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33972 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33971 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33970 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33969 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33968 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33967 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33966 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33965 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33964 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33963 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33962 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33961 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33960 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33959 (SQL injection vulnerability in PayPal, Credit Card and Debit Card Paym ...)
- TODO: check
+ NOT-FOR-US: Janobe
CVE-2024-33958 (SQL injection vulnerability in E-Negosyo System affecting version 1.0. ...)
NOT-FOR-US: E-Negosyo System
CVE-2024-33957 (SQL injection vulnerability in E-Negosyo System affecting version 1.0. ...)
NOT-FOR-US: E-Negosyo System
CVE-2024-33897 (A compromised HMS Networks Cosy+ device could be used to request a Cer ...)
- TODO: check
+ NOT-FOR-US: Cosy+
CVE-2024-30170 (PrivX before 34.0 allows data exfiltration and denial of service via t ...)
- TODO: check
+ NOT-FOR-US: PrivX
CVE-2024-28740 (Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows ...)
NOT-FOR-US: Koha ILS
CVE-2024-28739 (An issue in Koha ILS 23.05 and before allows a remote attacker to exec ...)
@@ -641,9 +641,9 @@ CVE-2024-5708 (The WPBakery Visual Composer plugin for WordPress is vulnerable t
CVE-2024-42352 (Nuxt is a free and open-source framework to create full-stack web appl ...)
NOT-FOR-US: Nuxt
CVE-2024-41995 (Initialization of a resource with an insecure default vulnerability ex ...)
- TODO: check
+ NOT-FOR-US: Ricoh
CVE-2024-41820 (Kubean is a cluster lifecycle management toolchain based on kubespray ...)
- TODO: check
+ NOT-FOR-US: Kubean
CVE-2024-41816 (Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPre ...)
NOT-FOR-US: WordPress plugin
CVE-2024-41811 (ipl/web is a set of common web components for php projects. Some of th ...)
@@ -713,7 +713,7 @@ CVE-2024-6865
CVE-2024-6361 (Improper Neutralization vulnerability (XSS) has been discovered in Ope ...)
NOT-FOR-US: OpenText ALM Octane
CVE-2024-4607 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm ...)
- TODO: check
+ NOT-FOR-US: Arm
CVE-2024-42350 (Biscuit is an authorization token with decentralized verification, off ...)
NOT-FOR-US: Biscuit
CVE-2024-41960 (mailcow: dockerized is an open source groupware/email suite based on d ...)
@@ -775,7 +775,7 @@ CVE-2024-33011 (Transient DOS while parsing the MBSSID IE from the beacons, when
CVE-2024-33010 (Transient DOS while parsing fragments of MBSSID IE from beacon frame.)
NOT-FOR-US: Qualcomm
CVE-2024-2937 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm ...)
- TODO: check
+ NOT-FOR-US: Arm
CVE-2024-23384 (Memory corruption when the mapped pages in VBO are still mapped after ...)
NOT-FOR-US: Qualcomm
CVE-2024-23383 (Memory corruption when kernel driver attempts to trigger hardware fenc ...)
@@ -797,9 +797,9 @@ CVE-2024-23352 (Transient DOS when NAS receives ODAC criteria of length 1 and ty
CVE-2024-23350 (Permanent DOS when DL NAS transport receives multiple payloads such th ...)
NOT-FOR-US: Qualcomm
CVE-2024-21980 (Improper restriction of write operations in SNP firmware could allow a ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2024-21978 (Improper input validation in SEV-SNP could allow a malicious hyperviso ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2024-21481 (Memory corruption when preparing a shared memory notification for a me ...)
NOT-FOR-US: Qualcomm
CVE-2024-21479 (Transient DOS during music playback of ALAC content.)
@@ -809,7 +809,7 @@ CVE-2024-21467 (Information disclosure while handling beacon probe frame during
CVE-2024-21459 (Information disclosure while handling beacon or probe response frame i ...)
NOT-FOR-US: Qualcomm
CVE-2023-31355 (Improper restriction of write operations in SNP firmware could allow a ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2024-7383 (A flaw was found in libnbd. The client did not always correctly verify ...)
- libnbd 1.20.2-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2302865
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/934336e42bc976056ee2605a7175bfbbac0ccba9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/934336e42bc976056ee2605a7175bfbbac0ccba9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240808/488426fa/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list