[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon May 13 11:15:51 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9aa7ab4c by Moritz Muehlenhoff at 2024-05-13T12:15:15+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19,21 +19,21 @@ CVE-2024-4801 (A vulnerability was found in Kashipara College Management System
CVE-2024-4800 (A vulnerability has been found in Kashipara College Management System ...)
NOT-FOR-US: Kashipara College Management System
CVE-2024-3239 (The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35205 (The WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for ...)
- TODO: check
+ NOT-FOR-US: WPS Office
CVE-2024-35204 (Veritas System Recovery before 23.2_Hotfix has incorrect permissions f ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2024-32700 (Unrestricted Upload of File with Dangerous Type vulnerability in Kogne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2299 (A stored Cross-Site Scripting (XSS) vulnerability exists in the parisn ...)
- TODO: check
+ NOT-FOR-US: lollms-webui
CVE-2024-29212 (Due to an unsafe de-serialization method used by the Veeam Service Pr ...)
- TODO: check
+ NOT-FOR-US: Veeam
CVE-2024-26306 (iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server wi ...)
TODO: check
CVE-2023-5052 (vulnerability in Uniform Server Zero, version 10.2.5, consisting of an ...)
- TODO: check
+ NOT-FOR-US: Uniform Zero Server
CVE-2024-4799 (A vulnerability, which was classified as critical, was found in Kaship ...)
NOT-FOR-US: Kashipara College Management System
CVE-2024-4798 (A vulnerability, which was classified as critical, has been found in S ...)
@@ -111,17 +111,17 @@ CVE-2024-28760 (IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1
CVE-2024-27460 (A privilege escalation exists in the updater for Plantronics Hub 3.25. ...)
NOT-FOR-US: HP
CVE-2023-5447 (Missing lock check in SynHsaService may create a use-after-free condit ...)
- TODO: check
+ NOT-FOR-US: Synaptics
CVE-2023-52721 (The WindowManager module has a vulnerability in permission control. Im ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52720 (Race condition vulnerability in the soundtrigger module Impact: Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52719 (Privilege escalation vulnerability in the PMS module Impact: Successfu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52384 (Double-free vulnerability in the RSMC module Impact: Successful exploi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-52383 (Double-free vulnerability in the RSMC module Impact: Successful exploi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-47712 (IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local u ...)
NOT-FOR-US: IBM
CVE-2023-47711 (IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authen ...)
@@ -171,7 +171,7 @@ CVE-2024-4714 (A vulnerability, which was classified as problematic, has been fo
CVE-2024-4713 (A vulnerability classified as problematic was found in Campcodes Compl ...)
NOT-FOR-US: Campcodes Complete Web-Based School Management System
CVE-2024-4701 (A path traversal issue potentially leading to remote code execution in ...)
- TODO: check
+ NOT-FOR-US: Netflix
CVE-2024-4699 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified ...)
NOT-FOR-US: D-Link
CVE-2024-4689 (Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPix ...)
@@ -211,7 +211,7 @@ CVE-2024-4231 (This vulnerability exists in Digisol Router (DG-GR1321: Hardware
CVE-2024-4129 (Improper Authentication vulnerability in Snow Software AB Snow License ...)
NOT-FOR-US: Snow Software AB Snow License Manager
CVE-2024-4044 (A deserialization of untrusted data vulnerability exists in common cod ...)
- TODO: check
+ NOT-FOR-US: National Instruments
CVE-2024-4039 (The The Orders Tracking for WooCommerce plugin for WordPress for WordP ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3956 (The Pods \u2013 Custom Content Types and Fields plugin for WordPress i ...)
@@ -255,19 +255,19 @@ CVE-2024-34814 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeFuse Uny
CVE-2024-34695 (WOWS Karma is a reputation system for Wargaming's World of Warships. A ...)
NOT-FOR-US: WOWS Karma
CVE-2024-34360 (go-spacemesh is a Go implementation of the Spacemesh protocol full nod ...)
- TODO: check
+ NOT-FOR-US: go-spacemesh
CVE-2024-34359 (llama-cpp-python is the Python bindings for llama.cpp. `llama-cpp-pyth ...)
- TODO: check
+ NOT-FOR-US: llama-cpp-python
CVE-2024-34349 (Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13 ...)
- TODO: check
+ NOT-FOR-US: Sylius
CVE-2024-34310 (Jin Fang Times Content Management System v3.2.3 was discovered to cont ...)
NOT-FOR-US: Jin Fang Times Content Management System
CVE-2024-34245 (An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authen ...)
NOT-FOR-US: DedeCMS
CVE-2024-34199 (TinyWeb 1.94 and below allows unauthenticated remote attackers to caus ...)
- TODO: check
+ NOT-FOR-US: TinyWeb
CVE-2024-34079 (octo-sts is a GitHub App that acts like a Security Token Service (STS) ...)
- TODO: check
+ NOT-FOR-US: octo-sts
CVE-2024-34070 (Froxlor is open source server administration software. Prior to 2.1.9, ...)
- froxlor <itp> (bug #581792)
CVE-2024-33819 (Globitel KSA SpeechLog v8.1 was discovered to contain a stored cross-s ...)
@@ -283,13 +283,13 @@ CVE-2024-33772 (A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L R
CVE-2024-33771 (A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2 ...)
NOT-FOR-US: D-Link
CVE-2024-32985 (Stellar-core is a reference implementation for the peer-to-peer agent ...)
- TODO: check
+ NOT-FOR-US: Stellar-core
CVE-2024-32964 (Lobe Chat is a chatbot framework that supports speech synthesis, multi ...)
- TODO: check
+ NOT-FOR-US: Lobe Chat
CVE-2024-32776 (Missing Authorization vulnerability in AppPresser Team AppPresser.This ...)
NOT-FOR-US: WordPress plugin
CVE-2024-31441 (DataEase is an open source data visualization analysis tool. Due to th ...)
- TODO: check
+ NOT-FOR-US: DataEase
CVE-2024-31113 (Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downlo ...)
NOT-FOR-US: WordPress plugin
CVE-2024-30802 (An issue in Vehicle Management System 7.31.0.3_20230412 allows an atta ...)
@@ -319,17 +319,17 @@ CVE-2024-22343 (IBM TXSeries for Multiplatforms 8.2 allows web pages to be store
CVE-2024-22064 (ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi ...)
NOT-FOR-US: ZTE
CVE-2024-0100 (NVIDIA Triton Inference Server for Linux contains a vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0098 (NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0097 (NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, whe ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0096 (NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, wh ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0088 (NVIDIA Triton Inference Server for Linux contains a vulnerability in s ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0087 (NVIDIA Triton Inference Server for Linux contains a vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2023-38264 (The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1 ...)
NOT-FOR-US: IBM
CVE-2023-37526 (HCL DRYiCE Lucy (now AEX) is affected by a Cross Origin Resource Shari ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9aa7ab4c5e4167a8628901d76d2967651ce068c0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9aa7ab4c5e4167a8628901d76d2967651ce068c0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240513/0dcfda58/attachment.htm>
More information about the debian-security-tracker-commits
mailing list