[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Jun 18 10:18:34 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
06f883f6 by Moritz Muehlenhoff at 2024-06-18T11:17:56+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -47,23 +47,23 @@ CVE-2024-37079 (vCenter Server contains a heap-overflow vulnerability in the imp
CVE-2024-34833 (Sourcecodester Payroll Management System v1.0 is vulnerable to File Up ...)
NOT-FOR-US: Sourcecodester Payroll Management System
CVE-2024-34024 (Observable response discrepancy issue exists in ID Link Manager and FU ...)
- TODO: check
+ NOT-FOR-US: FUJITSU
CVE-2024-33622 (Missing authentication for critical function vulnerability exists in I ...)
- TODO: check
+ NOT-FOR-US: FUJITSU
CVE-2024-33620 (Absolute path traversal vulnerability exists in ID Link Manager and FU ...)
- TODO: check
+ NOT-FOR-US: FUJITSU
CVE-2024-1634 (The Scheduling Plugin \u2013 Online Booking for WordPress plugin for W ...)
NOT-FOR-US: WordPress plugin
CVE-2024-0845 (The PDF Viewer for Elementor plugin for WordPress is vulnerable to Sto ...)
NOT-FOR-US: WordPress plugin
CVE-2024-0066 (Johan Fagerstr\xf6m, member of the AXIS OS Bug Bounty Program, has fou ...)
- TODO: check
+ NOT-FOR-US: AXIS
CVE-2023-5527 (The Business Directory Plugin plugin for WordPress is vulnerable to CS ...)
NOT-FOR-US: WordPress plugin
CVE-2023-37058 (Insecure Permissions vulnerability in JLINK Unionman Technology Co. Lt ...)
- TODO: check
+ NOT-FOR-US: JLINK
CVE-2023-37057 (An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allow ...)
- TODO: check
+ NOT-FOR-US: JLINK
CVE-2024-6062 (A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and ...)
- gpac <unfixed>
NOTE: https://github.com/gpac/gpac/issues/2872
@@ -79,7 +79,7 @@ CVE-2024-6058 (A vulnerability classified as problematic has been found in LabVa
CVE-2024-6057 (Improper authentication in the vault password feature in Devolutions R ...)
NOT-FOR-US: Devolutions Remote Desktop Manager
CVE-2024-6056 (A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. I ...)
- TODO: check
+ NOT-FOR-US: Laravel Starter
CVE-2024-6055 (Improper removal of sensitive information in data source export featur ...)
NOT-FOR-US: Devolutions Remote Desktop Manager
CVE-2024-5741 (Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2. ...)
@@ -103,9 +103,9 @@ CVE-2024-38469 (zhimengzhe iBarn v1.5 was discovered to contain a reflected cros
CVE-2024-38449 (A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316 ...)
NOT-FOR-US: KasmVNC
CVE-2024-37902 (DeepJavaLibrary(DJL) is an Engine-Agnostic Deep Learning Framework in ...)
- TODO: check
+ NOT-FOR-US: DeepJavaLibrary
CVE-2024-37896 (Gin-vue-admin is a backstage management system based on vue and gin. G ...)
- TODO: check
+ NOT-FOR-US: Gin-vue-admin
CVE-2024-37895 (Lobe Chat is an open-source LLMs/AI chat framework. In affected versio ...)
NOT-FOR-US: Lobe Chat
CVE-2024-37893 (Firefly III is a free and open source personal finance manager. In aff ...)
@@ -156,9 +156,9 @@ CVE-2024-37619 (StrongShop v1.0 was discovered to contain a reflected cross-site
CVE-2024-37305 (oqs-provider is a provider for the OpenSSL 3 cryptography library that ...)
TODO: check
CVE-2024-37159 (Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. ...)
- TODO: check
+ NOT-FOR-US: Evmos
CVE-2024-37158 (Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. ...)
- TODO: check
+ NOT-FOR-US: Evmos
CVE-2024-36583 (A Prototype Pollution issue in byondreal accessor <= 1.0.0 allows an a ...)
TODO: check
CVE-2024-36582 (alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollut ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f883f6d7221ddbf10c664814ab016b8ab80610
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f883f6d7221ddbf10c664814ab016b8ab80610
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240618/d0805e20/attachment.htm>
More information about the debian-security-tracker-commits
mailing list