[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Sep 9 13:33:22 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8690fb5b by Moritz Muehlenhoff at 2024-09-09T13:29:32+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2024-8586 (WebITR from Uniong has an Open Redirect vulnerability, which allows un ...)
- TODO: check
+ NOT-FOR-US: WebITR
CVE-2024-8585 (Orca HCM from LEARNING DIGITA does not properly restrict a specific pa ...)
- TODO: check
+ NOT-FOR-US: Orca HCM
CVE-2024-8584 (Orca HCM from LEARNING DIGITAL does not properly restrict access to a ...)
- TODO: check
+ NOT-FOR-US: Orca HCM
CVE-2024-8583 (A vulnerability was found in SourceCodester Online Bank Management Sys ...)
NOT-FOR-US: SourceCodester Online Bank Management System and Online Bank Management System
CVE-2024-8582 (A vulnerability was found in SourceCodester Food Ordering Management S ...)
@@ -23,9 +23,9 @@ CVE-2024-6910 (The EventON WordPress plugin before 2.2.17 does not sanitise and
CVE-2024-5561 (The Popup Maker WordPress plugin before 1.19.1 does not sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2024-45625 (Cross-site scripting vulnerability exists in Forminator versions prior ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-45203 (Improper authorization in handler for custom URL scheme issue in "@cos ...)
- TODO: check
+ NOT-FOR-US: @cosme app
CVE-2024-6840
NOT-FOR-US: Ansible Automation Controller
CVE-2024-8579 (A vulnerability classified as critical has been found in TOTOLINK AC12 ...)
@@ -656,7 +656,7 @@ CVE-2024-45053 (Fides is an open-source privacy engineering platform. Starting i
CVE-2024-45052 (Fides is an open-source privacy engineering platform. Prior to version ...)
NOT-FOR-US: Fides
CVE-2024-45050 (Ringer server is the server code for the Ringer messaging app. Prior t ...)
- TODO: check
+ NOT-FOR-US: Ringer server
CVE-2024-45008 (In the Linux kernel, the following vulnerability has been resolved: I ...)
- linux 6.10.7-1
NOTE: https://git.kernel.org/linus/99d3bf5f7377d42f8be60a6b9cb60fb0be34dceb (6.11-rc2)
@@ -928,13 +928,13 @@ CVE-2024-42642 (Micron Crucial MX500 Series Solid State Drives M3CR046 is vulner
CVE-2024-42039 (Access control vulnerability in the SystemUI module Impact: Successful ...)
NOT-FOR-US: Huawei
CVE-2024-41927 (Cleartext transmission of sensitive information vulnerability exists i ...)
- TODO: check
+ NOT-FOR-US: IDEC
CVE-2024-41716 (Cleartext storage of sensitive information vulnerability exists in Win ...)
- TODO: check
+ NOT-FOR-US: IDEC
CVE-2024-41434 (PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via th ...)
NOT-FOR-US: PingCAP TiDB
CVE-2024-41433 (PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via th ...)
- TODO: check
+ NOT-FOR-US: PingCAP TiDB
CVE-2024-39921 (Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02N ...)
NOT-FOR-US: Fujitsu
CVE-2024-34661 (Improper handling of insufficient permissions in Samsung Assistant pri ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8690fb5b8e379236c051e11471fd6e9a2dd09319
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8690fb5b8e379236c051e11471fd6e9a2dd09319
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240909/e1f0907f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list