[Git][security-tracker-team/security-tracker][master] nhew zabbix issues

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5eb52ac3 by Moritz Muehlenhoff at 2024-08-09T23:24:52+02:00
nhew zabbix issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -74,23 +74,31 @@ CVE-2024-38989 (izatop bunt v0.29.19 was discovered to contain a prototype pollu
 CVE-2024-37826 (A NULL pointer dereference in vercot Serva v4.6.0 allows attackers to  ...)
 	NOT-FOR-US: vercot Serva
 CVE-2024-36462 (Uncontrolled resource consumption refers to a software vulnerability w ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-25019
 CVE-2024-36461 (Within Zabbix, users have the ability to directly modify memory pointe ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-25018
 CVE-2024-36460 (The front-end audit log allows viewing of unprotected plaintext passwo ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-25017
 CVE-2024-32765 (A vulnerability has been reported to affect Network & Virtual Switch.  ...)
 	NOT-FOR-US: QNAP
 CVE-2024-22123 (Setting SMS media allows to set GSM modem file. Later this file is use ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-25013
 CVE-2024-22122 (Zabbix allows to configure SMS notifications. AT command injection occ ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-25012
 CVE-2024-22121 (A non-admin user can change or remove important features within the Za ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-25011
 CVE-2024-22116 (An administrator with restricted permissions can exploit the script ex ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-25016
 CVE-2024-22114 (User with no permission to any of the Hosts can access and view host c ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-25015
 CVE-2023-38018 (IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a passw ...)
 	NOT-FOR-US: IBM
 CVE-2023-31315 (Improper validation in a model specific register (MSR) could allow a m ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5eb52ac3c6af599c4eb4459b1f8573b631ad4f30

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5eb52ac3c6af599c4eb4459b1f8573b631ad4f30
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240809/d21e0b35/attachment.htm>