Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5d38387d by Salvatore Bonaccorso at 2024-07-09T10:53:26+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61,21 +61,21 @@ CVE-2024-3653 (A vulnerability was found in Undertow. This
issue requires enabli
CVE-2024-3410 (The DN Footer Contacts WordPress plugin before 1.6.3 does not
sanitise ...)
TODO: check
CVE-2024-39600 (Under certain conditions, the memory of SAP GUI for Windows
contains t ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-39599 (Due to a Protection Mechanism Failure in SAP NetWeaver
Application Ser ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-39598 (SAP CRM (WebClient UI Framework) allows an authenticated
attacker to e ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-39597 (In SAP Commerce, a user can misuse the forgotten password
functionalit ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-39596 (Due to missing authorization checks, SAP Enable Now allows an
author t ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-39595 (SAP Business Warehouse - Business Planning and Simulation
application ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-39594 (SAP Business Warehouse - Business Planning and Simulation
application ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-39593 (SAP Landscape Management allows an authenticated user to read
confiden ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-39592 (Elements of PDCE does not perform necessary authorization
checks for a ...)
TODO: check
CVE-2024-38372 (Undici is an HTTP/1.1 client, written from scratch for
Node.js. Depend ...)
@@ -85,25 +85,25 @@ CVE-2024-37923 (Cross-Site Request Forgery (CSRF)
vulnerability in Cliengo \u201
CVE-2024-37555 (Unrestricted Upload of File with Dangerous Type vulnerability
in Zealo ...)
TODO: check
CVE-2024-37180 (Under certain conditions SAP NetWeaver Application Server for
ABAP and ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-37175 (SAP CRM WebClient does not perform necessary authorization
check for a ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-37174 (Custom CSS support option in SAP CRM WebClient UI does not
sufficientl ...)
TODO: check
CVE-2024-37173 (Due to insufficient input validation, SAP CRM WebClient UI
allows an ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-37172 (SAP S/4HANA Finance (Advanced Payment Management) does not
perform nec ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-37171 (SAP Transportation Management (Collaboration Portal) allows an
attacke ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-34786 (UniFi iOS app 10.15.0 introduces a misconfiguration on 2nd
Generation ...)
TODO: check
CVE-2024-34692 (Due to missing verification of file type or content, SAP
Enable Now al ...)
TODO: check
CVE-2024-34689 (WebFlow Services of SAP Business Workflow allows an
authenticated atta ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-34685 (Due to weak encoding of user-controlled input in SAP NetWeaver
Knowled ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-28751 (An high privileged remote attacker can enable telnet access
that accep ...)
TODO: check
CVE-2024-28750 (A remote attacker with high privileges may use a deleting file
functio ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d38387dc74f94e3887a37b6f0657104b44fffe9
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d38387dc74f94e3887a37b6f0657104b44fffe9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
