[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 21 15:21:56 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
598f50d2 by Salvatore Bonaccorso at 2024-11-21T16:21:28+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,9 +11,9 @@ CVE-2024-9653 (The Restaurant Menu \u2013 Food Ordering System \u2013 Table Rese
CVE-2024-9600 (The Ditty WordPress plugin before 3.1.47 does not sanitise and escape ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9479 (Improper Privilege Management vulnerability in upKeeper Solutions upKe ...)
- TODO: check
+ NOT-FOR-US: upKeeper
CVE-2024-9478 (Improper Privilege Management vulnerability in upKeeper Solutions upKe ...)
- TODO: check
+ NOT-FOR-US: upKeeper
CVE-2024-9442 (The F4 Improvements plugin for WordPress is vulnerable to Stored Cross ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9371 (The Branda \u2013 White Label & Branding, Custom Login Page Customizer ...)
@@ -27,13 +27,13 @@ CVE-2024-8726 (The MailChimp Forms by MailMunch plugin for WordPress is vulnerab
CVE-2024-8157 (The Alphabetical List WordPress plugin through 1.0.3 does not have CSR ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7517 (A command injection vulnerability in Brocade Fabric OS before 9.2.0c, ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade Fabric OS
CVE-2024-5029 (The CM Table Of Contents WordPress plugin before 1.2.4 does not have ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52797 (Opencast is free and open source software for automated video capture ...)
- TODO: check
+ NOT-FOR-US: Opencast
CVE-2024-52796 (Password Pusher, an open source application to communicate sensitive i ...)
- TODO: check
+ NOT-FOR-US: Password Pusher
CVE-2024-52771 (DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vu ...)
NOT-FOR-US: DedeBIZ
CVE-2024-52770 (An arbitrary file upload vulnerability in the component /admin/file_ma ...)
@@ -59,7 +59,7 @@ CVE-2024-52739 (D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple re
CVE-2024-52725 (SemCms v4.8 was discovered to contain a SQL injection vulnerability. T ...)
NOT-FOR-US: SemCms
CVE-2024-52702 (A stored cross-site scripting (XSS) vulnerability in the component ins ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2024-52701 (A stored cross-site scripting (XSS) vulnerability in the Configuration ...)
TODO: check
CVE-2024-52677 (HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName ...)
@@ -67,9 +67,9 @@ CVE-2024-52677 (HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFi
CVE-2024-52614 (Use of hard-coded cryptographic key issue exists in "Kura Sushi Offici ...)
NOT-FOR-US: "Kura Sushi Official App Produced by EPARK" for Android
CVE-2024-52598 (2FAuth is a web app to manage Two-Factor Authentication (2FA) accounts ...)
- TODO: check
+ NOT-FOR-US: Bubka 2FAuth
CVE-2024-52597 (2FAuth is a web app to manage Two-Factor Authentication (2FA) accounts ...)
- TODO: check
+ NOT-FOR-US: Bubka 2FAuth
CVE-2024-52595 (lxml_html_clean is a project for HTML cleaning functionalities copied ...)
TODO: check
CVE-2024-52581 (Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. ...)
@@ -119,47 +119,47 @@ CVE-2024-52033 (Exposure of sensitive system information to an unauthorized cont
CVE-2024-51669 (Cross-Site Request Forgery (CSRF) vulnerability in Vivwebs Dynamic Wid ...)
NOT-FOR-US: WordPress plugin
CVE-2024-51209 (Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Mana ...)
- TODO: check
+ NOT-FOR-US: Anuj Kumar's Client Management System
CVE-2024-51208 (File Upload vulnerability in change-image.php in Anuj Kumar's Boat Boo ...)
- TODO: check
+ NOT-FOR-US: Anuj Kumar's Boat Booking System
CVE-2024-51163 (Local File Inclusion vulnerability in Vegam Solutions Vegam 4i v.6.3.4 ...)
- TODO: check
+ NOT-FOR-US: Vegam Solutions Vegam 4i
CVE-2024-51162 (An issue in Audimex EE v.15.1.20 and before allows a remote attacker t ...)
- TODO: check
+ NOT-FOR-US: Audimex EE
CVE-2024-51151 (D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-49203 (Querydsl 5.1.0 allows SQL/HQL injection in orderBy in JPAQuery.)
- TODO: check
+ NOT-FOR-US: Querydsl
CVE-2024-48986 (An issue was discovered in MBed OS 6.16.0. Its hci parsing software dy ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48985 (An issue was discovered in MBed OS 6.16.0. During processing of HCI pa ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48984 (An issue was discovered in MBed OS 6.16.0. When parsing hci reports, t ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48983 (An issue was discovered in MBed OS 6.16.0. During processing of HCI pa ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48982 (An issue was discovered in MBed OS 6.16.0. Its hci parsing software dy ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48981 (An issue was discovered in MBed OS 6.16.0. During processing of HCI pa ...)
- TODO: check
+ NOT-FOR-US: MBed OS
CVE-2024-48899 (A vulnerability was found in Moodle. Additional checks are required to ...)
TODO: check
CVE-2024-48895 (Improper neutralization of special elements used in an OS command ('OS ...)
- TODO: check
+ NOT-FOR-US: Rakuten Turbo 5G firmware
CVE-2024-48536 (Incorrect access control in eSoft Planner 3.24.08271-USA allow attacke ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48535 (A stored cross-site scripting (XSS) vulnerability in eSoft Planner 3.2 ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48534 (A reflected cross-site scripting (XSS) vulnerability on the Camp Detai ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48533 (A discrepancy between responses for valid and invalid e-mail accounts ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48531 (A reflected cross-site scripting (XSS) vulnerability on the Rental Ava ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-48530 (An issue in the Instructor Appointment Availability module of eSoft Pl ...)
- TODO: check
+ NOT-FOR-US: eSoft Planner
CVE-2024-47865 (Missing authentication for critical function vulnerability exists in R ...)
- TODO: check
+ NOT-FOR-US: Rakuten Turbo 5G firmware
CVE-2024-45691 (A flaw was found in Moodle. When restricting access to a lesson activi ...)
TODO: check
CVE-2024-45690 (A flaw was found in Moodle. Additional checks were required to ensure ...)
@@ -169,9 +169,9 @@ CVE-2024-45689 (A flaw was found in Moodle. Dynamic tables did not enforce capab
CVE-2024-45663 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 ...)
NOT-FOR-US: IBM
CVE-2024-45511 (An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-45510 (An issue was discovered in Zimbra Collaboration (ZCS) through 10.0. Zi ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-44309 (A cookie management issue was addressed with improved state management ...)
TODO: check
CVE-2024-44308 (The issue was addressed with improved checks. This issue is fixed in S ...)
@@ -181,167 +181,167 @@ CVE-2024-44307 (A buffer overflow issue was addressed with improved memory handl
CVE-2024-44306 (A buffer overflow issue was addressed with improved memory handling. T ...)
TODO: check
CVE-2024-33439 (An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an au ...)
- TODO: check
+ NOT-FOR-US: Kasda LinkSmart Router KW5515
CVE-2024-30896 (InfluxDB through 2.7.10 allows allAccess administrators to retrieve al ...)
TODO: check
CVE-2024-30424 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29292 (Multiple OS Command Injection vulnerabilities affecting Kasda LinkSmar ...)
- TODO: check
+ NOT-FOR-US: Kasda LinkSmart Router KW6512
CVE-2024-11495 (Buffer overflow vulnerability in OllyDbg, version 1.10, which could al ...)
- TODO: check
+ NOT-FOR-US: OllyDbg
CVE-2024-11494 (**UNSUPPORTED WHEN ASSIGNED** The improper authentication vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2024-11493 (A vulnerability classified as problematic was found in 115cms up to 20 ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11492 (A vulnerability classified as problematic has been found in 115cms up ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11491 (A vulnerability was found in 115cms up to 20240807. It has been rated ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11490 (A vulnerability was found in 115cms up to 20240807. It has been declar ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11489 (A vulnerability was found in 115cms up to 20240807. It has been classi ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11488 (A vulnerability was found in 115cms up to 20240807 and classified as p ...)
- TODO: check
+ NOT-FOR-US: 115cms
CVE-2024-11487 (A vulnerability has been found in Code4Berry Decoration Management Sys ...)
- TODO: check
+ NOT-FOR-US: Code4Berry Decoration Management System
CVE-2024-11486 (A vulnerability, which was classified as problematic, was found in Cod ...)
- TODO: check
+ NOT-FOR-US: Code4Berry Decoration Management System
CVE-2024-11485 (A vulnerability, which was classified as critical, has been found in C ...)
- TODO: check
+ NOT-FOR-US: Code4Berry Decoration Management System
CVE-2024-11484 (A vulnerability classified as critical was found in Code4Berry Decorat ...)
- TODO: check
+ NOT-FOR-US: Code4Berry Decoration Management System
CVE-2024-11455 (The Include Mastodon Feed plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11447 (The Community by PeepSo \u2013 Download from PeepSo.com plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11440 (The Grey Owl Lightbox plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11438 (The StreamWeasels Online Status Bar plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11435 (The salavat counter Plugin plugin for WordPress is vulnerable to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11432 (The SuevaFree Essential Kit plugin for WordPress is vulnerable to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11428 (The Lazy load videos and sticky control plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11424 (The Slick Sitemap plugin for WordPress is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11416 (The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11414 (The RecipePress Reloaded plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11412 (The Shine PDF Embeder plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11409 (The Grid View Gallery plugin for WordPress is vulnerable to PHP Object ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11406 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2024-11404 (Unrestricted Upload of File with Dangerous Type, Improper Input Valida ...)
TODO: check
CVE-2024-11400 (The HUSKY \u2013 Products Filter Professional for WooCommerce plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11388 (The Dino Game \u2013 Embed Google Chrome Dinosaur Game in WordPress pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11385 (The Pure CSS Circle Progress bar plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11370 (The Subaccounts for WooCommerce plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11365 (The Crypto and DeFi Widgets \u2013 Web3 Cryptocurrency Shortcodes plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11360 (The Page Parts plugin for WordPress is vulnerable to Reflected Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11354 (The Ultimate YouTube Video & Shorts Player With Vimeo plugin for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11334 (The My Contador lesr plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11278 (The GD bbPress Attachments plugin for WordPress is vulnerable to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11277 (The 404 Solution plugin for WordPress is vulnerable to Reflected Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11197 (The Lock User Account plugin for WordPress is vulnerable to user lock ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11179 (The MStore API \u2013 Create Native Android & iOS Apps On The Cloud pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11176 (Improper access control vulnerability in M-Files Aino in versions befo ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2024-11154 (The PublishPress Revisions: Duplicate Posts, Submit, Approve and Sched ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11086
REJECTED
CVE-2024-11081
REJECTED
CVE-2024-10913 (The Clone plugin for WordPress is vulnerable to PHP Object Injection i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10900 (The ProfileGrid \u2013 User Profiles, Groups and Communities plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10899 (The The WooCommerce Product Table Lite plugin for WordPress is vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10898 (The Contact Form 7 Email Add on plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10891 (The Save as PDF Plugin by Pdfcrowd plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10890 (The WPAdverts \u2013 Classifieds Plugin plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10872 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10855 (The Image Optimizer, Resizer and CDN \u2013 Sirv plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10796 (The If-So Dynamic Content Personalization plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10788 (The Activity Log \u2013 Monitor & Record User Changes plugin for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10785 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Feature ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10782 (The Theme Builder For Elementor plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10726 (The Friendly Functions for Welcart plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10696 (The UltraAddons \u2013 Elementor Addons (Header Footer Builder, Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10682 (The Announcement & Notification Banner \u2013 Bulletin plugin for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10671 (The Button Block \u2013 Get fully customizable & multi-functional butt ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10665 (The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10623 (The ForumEngine theme for WordPress is vulnerable to Reflected Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-10532 (The Bard Extra plugin for WordPress is vulnerable to unauthorized modi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10528 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10522 (The Co-marquage service-public.fr plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10520 (The WP Project Manager plugin for WordPress is vulnerable to unauthori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10515 (In the process of testing the SEO Plugin by Squirrly SEO WordPress plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10482 (The Media File Rename, Find Unused File, Add Alt text, Caption, Desc F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10403 (Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2 ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade Fabric OS
CVE-2024-10400 (The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10393 (The Tutor LMS plugin for WordPress is vulnerable to bypass to user reg ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10382 (There exists a code execution vulnerability in the Car App Android Jet ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-10365 (The The Plus Addons for Elementor \u2013 Elementor Addons, Page Templa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10177 (The Beds24 Online Booking plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10172 (The WPBakery Visual Composer WHMCS Elements plugin for WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10164 (The Premium Packages \u2013 Sell Digital Products Securely plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10127 (Authentication bypass condition in LDAP authentication in M-Files serv ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2024-10126 (Local File Inclusion vulnerability in M-Files Server in versions befor ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2024-10094 (Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue ...)
- TODO: check
+ NOT-FOR-US: Pega Platform
CVE-2024-11477
- 7zip 24.07+dfsg-1
- p7zip 16.02+transitional.1
@@ -136602,7 +136602,7 @@ CVE-2023-27611 (Cross-Site Request Forgery (CSRF) vulnerability in audrasjb Reus
CVE-2023-27610 (Auth. (admin+) SQL Injection (SQLi) vulnerability in TransbankDevelope ...)
NOT-FOR-US: TransbankDevelopers Transbank Webpay
CVE-2023-27609 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27608 (Missing Authorization vulnerability in WP Swings Points and Rewards fo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27607 (Missing Authorization vulnerability in WP Swings Points and Rewards fo ...)
@@ -170010,15 +170010,15 @@ CVE-2022-43939 (Hitachi Vantara Pentaho Business Analytics Server versions befor
CVE-2022-43938 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 9. ...)
NOT-FOR-US: Hitachi
CVE-2022-43937 (Possible information exposure through log file vulnerability where sen ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-43936 (Brocade SANnav versions before 2.2.2 log Brocade Fabric OS switch pass ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-43935 (An information exposure through log file vulnerability exists in Broca ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-43934 (Brocade SANnav before Brocade SANnav 2.2.2 supports key exchange algor ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-43933 (An information exposure through log file vulnerability exists in Broca ...)
- TODO: check
+ NOT-FOR-US: Broadcom Brocade SANnav
CVE-2022-3713 (A code injection vulnerability allows adjacent attackers to execute co ...)
NOT-FOR-US: Sophos
CVE-2022-3712
@@ -472926,7 +472926,7 @@ CVE-2018-9476 (In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible
CVE-2018-9475 (In HeadsetInterface::ClccResponse of btif_hf.cc, there is a possible o ...)
NOT-FOR-US: Android
CVE-2018-9474 (In writeToParcel of MediaPlayer.java, there is a possible serializatio ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9473 (In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a poss ...)
NOT-FOR-US: Android Media Framework
CVE-2018-9472 (In xmlMemStrdupLoc of xmlmemory.c, there is a possible out-of-bounds w ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/598f50d2b4c1c6d65ccc649ef46a0036de39a808
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/598f50d2b4c1c6d65ccc649ef46a0036de39a808
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241121/bd7f9499/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list