Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b1dcd23 by Salvatore Bonaccorso at 2024-08-17T00:09:19+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35,9 +35,9 @@ CVE-2024-43807 (In JetBrains TeamCity before 2024.07.1
multiple stored XSS was p
CVE-2024-43472 (Microsoft Edge (Chromium-based) Elevation of Privilege
Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-43381 (reNgine is an automated reconnaissance framework for web
applications. ...)
- TODO: check
+ NOT-FOR-US: reNgine
CVE-2024-43042 (Pluck CMS 4.7.18 does not restrict failed login attempts,
allowing att ...)
- TODO: check
+ NOT-FOR-US: Pluck CMS
CVE-2024-43011 (An arbitrary file deletion vulnerability exists in the
admin/del.php f ...)
NOT-FOR-US: ZZCMS
CVE-2024-43009 (A reflected cross-site scripting (XSS) vulnerability exists in
user/lo ...)
@@ -51,31 +51,31 @@ CVE-2024-42995 (VTiger CRM <= 8.1.0 does not correctly
check user privileges. A
CVE-2024-42994 (VTiger CRM <= 8.1.0 does not properly sanitize user input
before using ...)
NOT-FOR-US: VTiger CRM
CVE-2024-42850 (An issue in the password change function of Silverpeas v6.4.2
and lowe ...)
- TODO: check
+ NOT-FOR-US: Silverpeas
CVE-2024-42849 (An issue in Silverpeas v.6.4.2 and lower allows a remote
attacker to c ...)
- TODO: check
+ NOT-FOR-US: Silverpeas
CVE-2024-42758 (A Cross-site Scripting (XSS) vulnerability exists in version
v2024-01- ...)
- TODO: check
+ NOT-FOR-US: indexmenu plugin for Dokuwiki
CVE-2024-42639 (H3C GR1100-P v100R009 was discovered to use a hardcoded
password in /e ...)
- TODO: check
+ NOT-FOR-US: H3C GR1100-P v100R009
CVE-2024-42638 (H3C Magic B1ST v100R012 was discovered to contain a hardcoded
password ...)
- TODO: check
+ NOT-FOR-US: H3C Magic B1ST v100R012
CVE-2024-42637 (H3C R3010 v100R002L02 was discovered to contain a hardcoded
password v ...)
- TODO: check
+ NOT-FOR-US: H3C R3010 v100R002L02
CVE-2024-42634 (A Command Injection vulnerability exists in formWriteFacMac of
the htt ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42486 (Cilium is a networking, observability, and security solution
with an e ...)
TODO: check
CVE-2024-42466 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: upKeeper
CVE-2024-42465 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: upKeeper
CVE-2024-42464 (Authorization Bypass Through User-Controlled Key vulnerability
in upKe ...)
- TODO: check
+ NOT-FOR-US: upKeeper
CVE-2024-42463 (Authorization Bypass Through User-Controlled Key vulnerability
in upKe ...)
- TODO: check
+ NOT-FOR-US: upKeeper
CVE-2024-42462 (Improper Authentication vulnerability in upKeeper Solutions
product up ...)
- TODO: check
+ NOT-FOR-US: upKeeper
CVE-2024-2175 (An insecure permissions vulnerability was reported inLenovo
Display Co ...)
TODO: check
CVE-2024-25837 (A stored cross-site scripting (XSS) vulnerability in October
CMS Blogh ...)
@@ -133,7 +133,7 @@ CVE-2024-43369 (Ibexa RichText Field Type is a Field Type
for supporting rich fo
CVE-2024-43367 (Boa is an embeddable and experimental Javascript engine
written in Rus ...)
TODO: check
CVE-2024-43366 (zkvyper is a Vyper compiler. Starting in version 1.3.12 and
prior to v ...)
- TODO: check
+ NOT-FOR-US: zkvyper Vyper compiler
CVE-2024-42488 (Cilium is a networking, observability, and security solution
with an e ...)
TODO: check
CVE-2024-42487 (Cilium is a networking, observability, and security solution
with an e ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b1dcd239c2601238ef60abdb11485ac49b48148
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b1dcd239c2601238ef60abdb11485ac49b48148
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
