Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
77c38f97 by Salvatore Bonaccorso at 2024-05-29T22:31:56+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2024-5039 (The HUSKY \u2013 Products Filter Professional
for WooCommerce plu
CVE-2024-4358 (In Progress Telerik Report Server, version 2024 Q1
(10.0.24.305) or ea ...)
NOT-FOR-US: Progress Telerik Report Server
CVE-2024-3412 (The WP STAGING WordPress Backup Plugin \u2013 Migration Backup
Restore ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-36470 (In JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5,
2023.11. ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2024-36427 (The file-serving function in TARGIT Decision Suite 23.2.15007
allows a ...)
@@ -58,13 +58,13 @@ CVE-2024-35333 (A stack-buffer-overflow vulnerability
exists in the read_charset
CVE-2024-35311 (Yubico YubiKey 5 Series before 5.7.0, Security Key Series
before 5.7.0 ...)
TODO: check
CVE-2024-35284 (A vulnerability in the legacy chat component of Mitel
MiContact Center ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-35283 (A vulnerability in the Ignite component of Mitel MiContact
Center Busi ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-35200 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3
QUIC mod ...)
TODO: check
CVE-2024-34715 (Fides is an open-source privacy engineering platform. The
Fides webser ...)
- TODO: check
+ NOT-FOR-US: Fides
CVE-2024-34161 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3
QUIC mod ...)
TODO: check
CVE-2024-32760 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3
QUIC mod ...)
@@ -72,11 +72,11 @@ CVE-2024-32760 (When NGINX Plus or NGINX OSS are configured
to use the HTTP/3 QU
CVE-2024-31079 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3
QUIC mod ...)
TODO: check
CVE-2024-28974 (Dell Data Protection Advisor, version(s) 19.9, contain(s) an
Inadequat ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28826 (Improper restriction of local upload and download paths in
check_sftp ...)
TODO: check
CVE-2024-27313 (Zoho ManageEngine PAM360 is vulnerable to Stored XSS
vulnerability. Th ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2024-25977 (The application does not change the session token when using
the login ...)
TODO: check
CVE-2024-25976 (When LDAP authentication is activated in the configuration it
is possi ...)
@@ -306,7 +306,7 @@ CVE-2024-23948 (Multiple improper array index validation
vulnerabilities exist i
CVE-2024-23947 (Multiple improper array index validation vulnerabilities exist
in the ...)
TODO: check
CVE-2024-23601 (A code injection vulnerability exists in the scan_lib.bin
functionalit ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-23315 (A read-what-where vulnerability exists in the Programming
Software Con ...)
TODO: check
CVE-2024-22590 (The TLS engine in Kwik commit 745fd4e2 does not track the
current stat ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77c38f97ab77842a7e609b1d962159eb77b48014
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77c38f97ab77842a7e609b1d962159eb77b48014
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
