Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1cb55eac by Salvatore Bonaccorso at 2024-12-10T21:32:36+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
CVE-2024-9844 (Insufficient server-side controls in Secure Application Manager
of Iva ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-8540 (Insecure permissions in Ivanti Sentry before versions 9.20.2
and 10.0. ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-8256 (In Teltonika Networks RUTOS devices, running on versions 7.0 to
7.8 (e ...)
- TODO: check
+ NOT-FOR-US: Teltonika Networks RUTOS devices
CVE-2024-7572 (Insufficient permissions in Ivanti DSM before version
2024.3.5740 allo ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-5660 (Use of Hardware Page Aggregation (HPA) and Stage-1 and/or
Stage-2 tran ...)
TODO: check
CVE-2024-55602 (PwnDoc is a penetration test report generator. Prior to commit
1d4219c ...)
- TODO: check
+ NOT-FOR-US: PwnDoc
CVE-2024-55586 (Nette Database through 3.2.4 allows SQL injection in certain
situation ...)
TODO: check
CVE-2024-55550 (Mitel MiCollab through 9.8 SP2 could allow an authenticated
attacker w ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-55548 (Improper check of password character lenght in ORing IAP-420
allows a ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55547 (SNMP objects in NET-SNMP used in ORing IAP-420 allows Command
Injectio ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55546 (Missing input validation in the ORing IAP-420 web-interface
allows sto ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55545 (Missing input validation in the ORing IAP-420 web-interface
allows Cro ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55544 (Missing input validation in the ORing IAP-420 web-interface
allows sto ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55500 (Cross-Site Request Forgery (CSRF) in Avenwu Whistle v.2.9.90
and befor ...)
- TODO: check
+ NOT-FOR-US: Avenwu Whistle
CVE-2024-54751 (COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a
hardcoded pass ...)
- TODO: check
+ NOT-FOR-US: COMFAST CF-WR630AX
CVE-2024-54152 (Angular Expressions provides expressions for the Angular.JS
web framew ...)
TODO: check
CVE-2024-54095 (A vulnerability has been identified in Solid Edge SE2024 (All
versions ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb55eac64ba6f824b2712e231cd3e83bff624eb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb55eac64ba6f824b2712e231cd3e83bff624eb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
