Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
53bbe326 by Moritz Mühlenhoff at 2024-03-14T11:48:18+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,9 +23,9 @@ CVE-2024-28175 (Argo CD is a declarative, GitOps continuous
delivery tool for Ku
CVE-2024-27703 (Cross Site Scripting vulnerability in Leantime 3.0.6 allows a
remote a ...)
NOT-FOR-US: Leantime
CVE-2024-27102 (Wings is the server control plane for Pterodactyl Panel. This
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Wings
CVE-2024-27097 (A user endpoint didn't perform filtering on an incoming
parameter, whi ...)
- TODO: check
+ NOT-FOR-US: CKAN
CVE-2024-25653 (Broken Access Control in the Report functionality of Delinea
PAM Secre ...)
NOT-FOR-US: Delinea PAM Secret Server
CVE-2024-25652 (In Delinea PAM Secret Server 11.4, it is possible for a user
(with acc ...)
@@ -498,7 +498,7 @@ CVE-2024-28239 (Directus is a real-time API and App
dashboard for managing SQL d
CVE-2024-28238 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
NOT-FOR-US: Directus
CVE-2024-28236 (Vela is a Pipeline Automation (CI/CD) framework built on Linux
contain ...)
- TODO: check
+ NOT-FOR-US: Vela
CVE-2024-27440 (The Toyoko Inn official App for iOS versions prior to 1.13.0
and Toyok ...)
NOT-FOR-US: Toyoko Inn official App
CVE-2024-27305 (aiosmtpd is a reimplementation of the Python stdlib smtpd.py
based on ...)
@@ -791,9 +791,9 @@ CVE-2024-1302 (Information exposure vulnerability in Badger
Meter Monitool affec
CVE-2024-1301 (SQL injection vulnerability in Badger Meter Monitool affecting
version ...)
NOT-FOR-US: Badger Meter Monitool
CVE-2024-1227 (An open redirect vulnerability, the exploitation of which could
allow ...)
- TODO: check
+ NOT-FOR-US: Rejettos
CVE-2024-1226 (The software does not neutralize or incorrectly neutralizes
certain ch ...)
- TODO: check
+ NOT-FOR-US: Rejettos
CVE-2024-1138 (The FTL Server component of TIBCO Software Inc.'s TIBCO FTL -
Enterpri ...)
NOT-FOR-US: TIBCO
CVE-2024-1137 (The Proxy and Client components of TIBCO Software Inc.'s TIBCO
ActiveS ...)
@@ -937,7 +937,7 @@ CVE-2024-1400 (The Mollie Forms plugin for WordPress is
vulnerable to unauthoriz
CVE-2023-6814 (Insertion of Sensitive Information into Log File vulnerability
in Hita ...)
NOT-FOR-US: Hitachi
CVE-2023-49785 (NextChat, also known as ChatGPT-Next-Web, is a cross-platform
chat use ...)
- TODO: check
+ NOT-FOR-US: NextChat
CVE-2023-49453 (Reflected cross-site scripting (XSS) vulnerability in
Racktables v0.22 ...)
- racktables <itp> (bug #629531)
CVE-2024-2370 (Unrestricted file upload vulnerability in ManageEngine Desktop
Central ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53bbe326b47bf3c09d6b0cf310ff7d321b479e37
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53bbe326b47bf3c09d6b0cf310ff7d321b479e37
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
