[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 23 05:53:55 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e670eb47 by Salvatore Bonaccorso at 2024-07-23T06:53:23+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,195 +1,195 @@
CVE-2024-6675 (A deserialization of untrusted data vulnerability exists in NI VeriSta ...)
- TODO: check
+ NOT-FOR-US: NI VeriStand
CVE-2024-6638 (An integer overflow vulnerability due to improper input validation whe ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-6542 (Improper neutralization of livestatus command delimiters in mknotifyd ...)
- check-mk <removed>
CVE-2024-6122 (An incorrect permission in the installation directory for the shared N ...)
- TODO: check
+ NOT-FOR-US: NI SystemLink Server KeyValueDatabase service
CVE-2024-6121 (An out-of-date version of Redis shipped with NI SystemLink Server is s ...)
- TODO: check
+ NOT-FOR-US: Redis as shipped in NI SystemLink Server (not for src:redis)
CVE-2024-41880 (In veilid-core in Veilid before 0.3.4, the protocol's ping function ca ...)
- TODO: check
+ NOT-FOR-US: Veilid
CVE-2024-41829 (In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41828 (In JetBrains TeamCity before 2024.07 comparison of authorization token ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41827 (In JetBrains TeamCity before 2024.07 access tokens could continue work ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41826 (In JetBrains TeamCity before 2024.07 stored XSS was possible on Show C ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41825 (In JetBrains TeamCity before 2024.07 stored XSS was possible on the Co ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41824 (In JetBrains TeamCity before 2024.07 parameters of the "password" type ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-41320 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41318 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41317 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41316 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41315 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41314 (TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-41132 (ImageSharp is a 2D graphics API. A vulnerability discovered in the Ima ...)
- TODO: check
+ NOT-FOR-US: ImageSharp
CVE-2024-41131 (ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability ...)
- TODO: check
+ NOT-FOR-US: ImageSharp
CVE-2024-41130 (llama.cpp provides LLM inference in C/C++. Prior to b3427, llama.cpp c ...)
- TODO: check
+ NOT-FOR-US: llama.cpp
CVE-2024-41129 (The ops library is a Python framework for developing and testing Kuber ...)
TODO: check
CVE-2024-40634 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
- TODO: check
+ NOT-FOR-US: Argo CD
CVE-2024-40075 (Laravel v11.x was discovered to contain an XML External Entity (XXE) v ...)
TODO: check
CVE-2024-40051 (IP Guard v4.81.0307.0 was discovered to contain an arbitrary file read ...)
- TODO: check
+ NOT-FOR-US: IP Guard
CVE-2024-39902 (Tuleap is an open source suite to improve management of software devel ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2024-39688 (Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input su ...)
- TODO: check
+ NOT-FOR-US: Bert-VITS2
CVE-2024-39686 (Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input su ...)
- TODO: check
+ NOT-FOR-US: Bert-VITS2
CVE-2024-39685 (Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input su ...)
- TODO: check
+ NOT-FOR-US: Bert-VITS2
CVE-2024-39601 (A vulnerability has been identified in CPCI85 Central Processing/Commu ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-39250 (EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQ ...)
- TODO: check
+ NOT-FOR-US: EfroTech Timetrax
CVE-2024-38944 (An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6 allows a ...)
- TODO: check
+ NOT-FOR-US: Intelight X-1L Traffic controller Maxtime
CVE-2024-38788 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38773 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38759 (Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38755 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38730 (Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38728 (Server-Side Request Forgery (SSRF) vulnerability in Seraphinite Soluti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38723 (Server-Side Request Forgery (SSRF) vulnerability in Bernhard Kux JSON ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38708 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38701 (Authorization Bypass Through User-Controlled Key vulnerability in Acad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38692 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38503 (When editing a user, group or any object in the Syncope Console, HTML ...)
- TODO: check
+ NOT-FOR-US: Apache Syncope
CVE-2024-37998 (A vulnerability has been identified in CPCI85 Central Processing/Commu ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-37942 (Server-Side Request Forgery (SSRF) vulnerability in Berqier Ltd BerqWP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37445 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37436 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37434 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37433 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37432 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37429 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37428 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37422 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37416 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37414 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37409 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37380 (A misconfiguration on UniFi U6+ Access Point could cause an incorrect ...)
- TODO: check
+ NOT-FOR-US: NI
CVE-2024-37278 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37275 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37271 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37267 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37265 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37264 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37263 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37262 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37261 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37259 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37258 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37257 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37246 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37245 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37244 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37239 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37229 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37223 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37221 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37219 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37217 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37216 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37215 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37211 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37206 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37199 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37122 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37121 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37120 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37117 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37116 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37114 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37101 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37100 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37097 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35656 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34457 (On versions before 2.1.4, after a regular user successfully logs in, t ...)
- TODO: check
+ NOT-FOR-US: Apache StreamPark
CVE-2024-34329 (Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.4 a ...)
- TODO: check
+ NOT-FOR-US: Entrust Datacard XPS Card Printer Driver
CVE-2024-33933 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32484 (An reflected XSS vulnerability exists in the handling of invalid paths ...)
TODO: check
CVE-2024-32152 (A blocklist bypass vulnerability exists in the LaTeX functionality of ...)
@@ -227,7 +227,7 @@ CVE-2024-6962 (A vulnerability classified as critical was found in Tenda O3 1.0.
CVE-2024-6961 (RAIL documents are an XML-based format invented by Guardrails AI to en ...)
NOT-FOR-US: Guardrails
CVE-2024-6960 (The H2O machine learning platform uses "Iced" classes as the primary m ...)
- TODO: check
+ NOT-FOR-US: H2O machine learning platform
CVE-2024-6958 (A vulnerability classified as critical was found in itsourcecode Unive ...)
NOT-FOR-US: itsourcecode University Management System
CVE-2024-6957 (A vulnerability classified as critical has been found in itsourcecode ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e670eb474e40f4306719a9481ca1f2f333a811de
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e670eb474e40f4306719a9481ca1f2f333a811de
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240723/75c599ae/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list