Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9980d1d6 by Salvatore Bonaccorso at 2024-07-17T22:23:37+02:00
Add three new roundup issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,11 +27,11 @@ CVE-2024-40402 (A SQL injection vulnerability was found in
'ajax.php' of Sourcec
CVE-2024-40119 (Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN
v.1.0 Firmw ...)
NOT-FOR-US: Nepstech Wifi Router
CVE-2024-39126 (Roundup before 2.4.0 allows XSS via JavaScript in PDF, XML,
and SVG do ...)
- TODO: check
+ - roundup <removed>
CVE-2024-39125 (Roundup before 2.4.0 allows XSS via a SCRIPT element in an
HTTP Refere ...)
- TODO: check
+ - roundup <removed>
CVE-2024-39124 (In Roundup before 2.4.0, classhelpers (_generic.help.html)
allow XSS.)
- TODO: check
+ - roundup <removed>
CVE-2024-38870 (Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP
and OpM ...)
NOT-FOR-US: ZohocorpZohocorp ManageEngine
CVE-2024-38447 (NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference
via a modi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9980d1d69c35619cfa893e10a2f0f85d2621a4f7
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9980d1d69c35619cfa893e10a2f0f85d2621a4f7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
