Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2e0150d6 by Salvatore Bonaccorso at 2024-11-12T09:35:04+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -87,17 +87,17 @@ CVE-2024-47799 (Exposure of sensitive system information to
an unauthorized cont
CVE-2024-47595 (An attacker who gains local membership to sapsys group could
replace l ...)
TODO: check
CVE-2024-47593 (SAP NetWeaver Application Server ABAP allows an
unauthenticated attack ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-47592 (SAP NetWeaver AS Java allows an unauthenticated attacker to
brute forc ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-47590 (An unauthenticated attacker can create a malicious link which
they can ...)
TODO: check
CVE-2024-47588 (In SAP NetWeaver Java (Software Update Manager 1.1), under
certain con ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-47587 (Cash Operations does not perform necessary authorization check
for an ...)
TODO: check
CVE-2024-47586 (SAP NetWeaver Application Server for ABAP and ABAP Platform
allows an ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-47131 (If an attacker tricks a valid user into running Delta
Electronics DIAS ...)
TODO: check
CVE-2024-46966 (The Ikhgur mn.ikhgur.khotoch (aka Video Downloader Pro &
Browser) appl ...)
@@ -113,9 +113,9 @@ CVE-2024-46962 (The SYQ com.downloader.video.fast (aka
Master Video Downloader)
CVE-2024-45827 (Improper neutralization of special elements used in an OS
command ('OS ...)
TODO: check
CVE-2024-45088 (IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored
cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-45087 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to
cross-si ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-44546 (Powerjob >= 3.20 is vulnerable to SQL injection via the
version parame ...)
TODO: check
CVE-2024-43439 (A flaw was found in moodle. H5P error messages require
additional sani ...)
@@ -135,7 +135,7 @@ CVE-2024-43429 (A flaw was found in moodle. Some hidden
user profile fields are
CVE-2024-43427 (A flaw was found in moodle. When creating an export of site
administra ...)
TODO: check
CVE-2024-42372 (Due to missing authorization check in SAP NetWeaver AS Java
(System La ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-39605 (If an attacker tricks a valid user into running Delta
Electronics DIAS ...)
TODO: check
CVE-2024-39354 (If an attacker tricks a valid user into running Delta
Electronics DIAS ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e0150d64e0341f312afa8e7d8bd7819b4ee5212
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e0150d64e0341f312afa8e7d8bd7819b4ee5212
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
