[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jun 12 17:40:02 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f27cc17a by Moritz Muehlenhoff at 2024-06-12T18:39:08+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -133,7 +133,7 @@ CVE-2024-5830 (Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allo
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2024-5851 (A vulnerability classified as problematic has been found in playSMS up ...)
- TODO: check
+ NOT-FOR-US: playSMS
CVE-2024-5829 (A vulnerability classified as problematic was found in smallweigit Avu ...)
NOT-FOR-US: smallweigit Avue
CVE-2024-5825
@@ -159,17 +159,17 @@ CVE-2024-4190 (Stored Cross-Site Scripting (XSS) vulnerabilities have been ident
CVE-2024-4155
REJECTED
CVE-2024-37325 (Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Azure
CVE-2024-37301 (Document Merge Service is a document template merge service providing ...)
- TODO: check
+ NOT-FOR-US: Document Merge Service
CVE-2024-37296 (The Aimeos HTML client provides Aimeos HTML components for e-commerce ...)
- TODO: check
+ NOT-FOR-US: Aimeos
CVE-2024-37295 (Aimeos is an Open Source e-commerce framework for online shops. Starti ...)
- TODO: check
+ NOT-FOR-US: Aimeos
CVE-2024-37294 (Aimeos is an Open Source e-commerce framework for online shops. All Sa ...)
- TODO: check
+ NOT-FOR-US: Aimeos
CVE-2024-37293 (The AWS Deployment Framework (ADF) is a framework to manage and deploy ...)
- TODO: check
+ NOT-FOR-US: AWS Deployment Framework
CVE-2024-37161 (MeterSphere is an open source continuous testing platform. Prior to ve ...)
NOT-FOR-US: MeterSphere
CVE-2024-36821 (Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 a ...)
@@ -221,7 +221,7 @@ CVE-2024-35249 (Microsoft Dynamics 365 Business Central Remote Code Execution Vu
CVE-2024-35248 (Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnera ...)
NOT-FOR-US: Microsoft
CVE-2024-35213 (An improper input validation vulnerability in the SGI Image Codec of Q ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2024-35212 (A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822 ...)
NOT-FOR-US: Siemens
CVE-2024-35211 (A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822 ...)
@@ -530,7 +530,7 @@ CVE-2024-37169 (@jmondi/url-to-png is a self-hosted URL to PNG utility. Versions
CVE-2024-37168 (@grpc/grps-js implements the core functionality of gRPC purely in Java ...)
NOT-FOR-US: @grpc/grps-js
CVE-2024-37166 (ghtml is software that uses tagged templates for template engine funct ...)
- TODO: check
+ NOT-FOR-US: ghtml
CVE-2024-37130 (Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, con ...)
NOT-FOR-US: Dell
CVE-2024-36473 (Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerabl ...)
@@ -1374,17 +1374,17 @@ CVE-2024-3380
CVE-2024-3133
REJECTED
CVE-2024-37388 (An XML External Entity (XXE) vulnerability in the ebookmeta.get_metada ...)
- TODO: check
+ NOT-FOR-US: ebookmeta
CVE-2024-37163 (SkyScrape is a GUI Dashboard for AWS Infrastructure and Managing Resou ...)
NOT-FOR-US: SkyScrape
CVE-2024-37162 (zsa is a library for building typesafe server actions in Next.js. All ...)
- TODO: check
+ NOT-FOR-US: zsa
CVE-2024-37160 (Formwork is a flat file-based Content Management System (CMS). An atta ...)
NOT-FOR-US: Formwork CMS
CVE-2024-36827 (An XML External Entity (XXE) vulnerability in the ebookmeta.get_metada ...)
- TODO: check
+ NOT-FOR-US: ebookmeta
CVE-2024-36811 (An arbitrary file upload vulnerability in the image upload function of ...)
- TODO: check
+ NOT-FOR-US: Aimeos
CVE-2024-36792 (An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/ ...)
NOT-FOR-US: Netgear
CVE-2024-36790 (Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store ...)
@@ -158027,7 +158027,7 @@ CVE-2022-32899 (The issue was addressed with improved memory handling. This issu
CVE-2022-32898 (The issue was addressed with improved memory handling. This issue is f ...)
NOT-FOR-US: Apple
CVE-2022-32897 (A memory corruption issue was addressed with improved validation. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-32896 (This issue was addressed by enabling hardened runtime. This issue is f ...)
NOT-FOR-US: Apple
CVE-2022-32895 (A race condition was addressed with improved state handling. This issu ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f27cc17a08a7a2485b476cb2fce60c7633a57735
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f27cc17a08a7a2485b476cb2fce60c7633a57735
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240612/124e6a6c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list