Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d1671072 by Salvatore Bonaccorso at 2024-02-15T09:29:39+01:00
Process some new NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2024-26264 (EBM Technologies RISWEB's specific query function parameter
does not p ...)
- TODO: check
+ NOT-FOR-US: EBM Technologies RISWEB
CVE-2024-26263 (EBM Technologies RISWEB's specific URL path is not properly
controlled ...)
- TODO: check
+ NOT-FOR-US: EBM Technologies RISWEB
CVE-2024-26262 (EBM Technologies Uniweb/SoliPACS WebServer's query
functionality lacks ...)
- TODO: check
+ NOT-FOR-US: EBM Technologies Uniweb/SoliPACS WebServer
CVE-2024-26261 (The functionality for file download in HGiga OAKlouds' certain
modules ...)
- TODO: check
+ NOT-FOR-US: HGiga OAKlouds
CVE-2024-26260 (The functionality for synchronization in HGiga OAKlouds'
certain moudu ...)
- TODO: check
+ NOT-FOR-US: HGiga OAKlouds
CVE-2024-25941 (The jail(2) system call has not limited a visiblity of
allocated TTYs ...)
TODO: check
CVE-2024-25940 (`bhyveload -h <host-path>` may be used to grant loader access
to the < ...)
@@ -21,17 +21,17 @@ CVE-2024-25618 (Mastodon is a free, open-source social
network server based on A
CVE-2024-25617 (Squid is an open source caching proxy for the Web supporting
HTTP, HTT ...)
TODO: check
CVE-2024-25559 (URL spoofing vulnerability exists in a-blog cms Ver.3.1.0 to
Ver.3.1.8 ...)
- TODO: check
+ NOT-FOR-US: a-blog cms
CVE-2024-24386 (An issue in VitalPBX v.3.2.4-5 allows an attacker to execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: VitalPBX
CVE-2024-24301 (Command Injection vulnerability discovered in 4ipnet EAP-767
device v3 ...)
- TODO: check
+ NOT-FOR-US: 4ipnet EAP-767 device
CVE-2024-24300 (4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access
Control. The ...)
- TODO: check
+ NOT-FOR-US: 4ipnet EAP-767
CVE-2024-24256 (SQL Injection vulnerability in Yonyou space-time enterprise
informatio ...)
- TODO: check
+ NOT-FOR-US: Yonyou space-time enterprise information integration
platform
CVE-2024-21727 (XSS vulnerability in DP Calendar component for Joomla.)
- TODO: check
+ NOT-FOR-US: DP Calendar component for Joomla
CVE-2024-1523 (EC-WEB FS-EZViewer(Web)'s query functionality lacks proper
restriction ...)
TODO: check
CVE-2024-1482 (An incorrect authorization vulnerability was identified in
GitHub Ente ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1671072131a9a53888186f376f5abae58af4707
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1671072131a9a53888186f376f5abae58af4707
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
