[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 15 07:57:15 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b30c5f57 by Salvatore Bonaccorso at 2024-05-15T08:56:24+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36,7 +36,7 @@ CVE-2024-35009 (idccms v1.35 was discovered to contain a Cross-Site Request Forg
CVE-2024-34950 (D-Link DIR-822+ v1.0.5 was discovered to contain a stack-based buffer ...)
NOT-FOR-US: D-Link
CVE-2024-34914 (php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a wea ...)
- TODO: check
+ NOT-FOR-US: php-censor
CVE-2024-34773 (A vulnerability has been identified in Solid Edge (All versions < V224 ...)
NOT-FOR-US: Siemens
CVE-2024-34772 (A vulnerability has been identified in Solid Edge (All versions < V224 ...)
@@ -48,9 +48,9 @@ CVE-2024-34717 (PrestaShop is an open source e-commerce web application. In Pres
CVE-2024-34716 (PrestaShop is an open source e-commerce web application. A cross-site ...)
NOT-FOR-US: PrestaShop
CVE-2024-34714 (The Hoppscotch Browser Extension is a browser extension for Hoppscotch ...)
- TODO: check
+ NOT-FOR-US: Hoppscotch
CVE-2024-34713 (sshproxy is used on a gateway to transparently proxy a user SSH connec ...)
- TODO: check
+ NOT-FOR-US: cea-hpc sshproxy
CVE-2024-34712 (Oceanic is a NodeJS library for interfacing with Discord. Prior to ver ...)
TODO: check
CVE-2024-34358 (TYPO3 is an enterprise content management system. Starting in version ...)
@@ -66,11 +66,11 @@ CVE-2024-34256 (OFCMS V1.1.2 is vulnerable to SQL Injection via the new table fu
CVE-2024-34243 (Konga v0.14.9 is vulnerable to Cross Site Scripting (XSS) via the user ...)
NOT-FOR-US: Konga
CVE-2024-34191 (htmly v2.9.6 was discovered to contain an arbitrary file deletion vuln ...)
- TODO: check
+ NOT-FOR-US: htmly
CVE-2024-34086 (A vulnerability has been identified in JT2Go (All versions < V2312.000 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-34085 (A vulnerability has been identified in JT2Go (All versions < V2312.000 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-33868 (An issue was discovered in linqi before 1.4.0.1 on Windows. There is L ...)
NOT-FOR-US: linqi
CVE-2024-33867 (An issue was discovered in linqi before 1.4.0.1 on Windows. There is a ...)
@@ -134,41 +134,41 @@ CVE-2024-32465 (Git is a revision control system. The Git project recommends to
NOTE: https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4
NOTE: https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7
CVE-2024-32355 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-32354 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-32353 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-32352 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an a ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-32351 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an a ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-32350 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an a ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-32349 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an a ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-32066 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32065 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32064 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32063 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32062 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32061 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32060 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32059 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32058 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32057 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32055 (A vulnerability has been identified in PS/IGES Parasolid Translator Co ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32021 (Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2. ...)
- git <unfixed>
NOTE: https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7
@@ -186,17 +186,17 @@ CVE-2024-32002 (Git is a revision control system. Prior to versions 2.45.1, 2.44
NOTE: https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv
NOTE: https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d
CVE-2024-31980 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-31491 (A client-side enforcement of server-side security in Fortinet FortiSan ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-31488 (An improper neutralization of inputs during web page generation vulner ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-31486 (A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-31485 (A vulnerability has been identified in CPCI85 Central Processing/Commu ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-31484 (A vulnerability has been identified in CPC80 Central Processing/Commun ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-30209 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
TODO: check
CVE-2024-30208 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
@@ -691,11 +691,11 @@ CVE-2024-34709 (Directus is a real-time API and App dashboard for managing SQL d
CVE-2024-34708 (Directus is a real-time API and App dashboard for managing SQL databas ...)
NOT-FOR-US: Directus
CVE-2024-34707 (Nautobot is a Network Source of Truth and Network Automation Platform. ...)
- TODO: check
+ NOT-FOR-US: Nautobot
CVE-2024-34706 (Valtimo is an open source business process and case management platfor ...)
- TODO: check
+ NOT-FOR-US: Valtimo
CVE-2024-34704 (era-compiler-solidity is the ZKsync compiler for Solidity. The proble ...)
- TODO: check
+ NOT-FOR-US: era-compiler-solidity
CVE-2024-34701 (CreateWiki is Miraheze's MediaWiki extension for requesting & creating ...)
TODO: check
CVE-2024-34699 (GZ::CTF is a capture the flag platform. Prior to 0.20.1, unprivileged ...)
@@ -745,7 +745,7 @@ CVE-2024-34077 (MantisBT (Mantis Bug Tracker) is an open source issue tracker. I
CVE-2024-33433 (Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B2 ...)
NOT-FOR-US: TOTOLINK
CVE-2024-33386 (An issue in SoundCloud Prometheu v.2.5.1 and before allows a remote at ...)
- TODO: check
+ NOT-FOR-US: SoundCloud Prometheu
CVE-2024-33250 (An issue in Open-Source Technology Committee SRS real-time video serve ...)
NOT-FOR-US: Open-Source Technology Committee SRS real-time video server
CVE-2024-32100 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b30c5f573d21c1ea8cb5dc678ec70808810fd56c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b30c5f573d21c1ea8cb5dc678ec70808810fd56c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240515/5d11b0de/attachment.htm>
More information about the debian-security-tracker-commits
mailing list