Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4ede0bcc by Salvatore Bonaccorso at 2024-12-16T21:50:14+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -269,69 +269,69 @@ CVE-2024-54229 (Incorrect Privilege Assignment
vulnerability in Straightvisions
CVE-2024-54083 (Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x
<= 9.11 ...)
- mattermost-server <itp> (bug #823556)
CVE-2024-4762 (An improper validation vulnerability was reported in the
firmware upda ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2024-49775 (A vulnerability has been identified in Opcenter Execution
Foundation ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-48872 (Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x
<= 9.11 ...)
- mattermost-server <itp> (bug #823556)
CVE-2024-43234 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37251 (Cross-Site Request Forgery (CSRF) vulnerability in WPENGINE,
INC. Adva ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12687 (Deserialization of Untrusted Data vulnerability in PlexTrac
(Runbooks ...)
- TODO: check
+ NOT-FOR-US: PlexTrac
CVE-2024-12668 (Velocidex WinPmem versions below 4.1 suffer from an Out of
Bounds Writ ...)
- TODO: check
+ NOT-FOR-US: Velocidex WinPmem
CVE-2024-12667 (A vulnerability was found in InvoicePlane up to 1.6.1 and
classified a ...)
- TODO: check
+ NOT-FOR-US: InvoicePlane
CVE-2024-12666 (A vulnerability has been found in ClassCMS up to 4.8 and
classified as ...)
- TODO: check
+ NOT-FOR-US: ClassCMS
CVE-2024-12665 (A vulnerability, which was classified as problematic, was
found in rui ...)
- TODO: check
+ NOT-FOR-US: ruifang-tech Rebuild
CVE-2024-12664 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: ruifang-tech Rebuild
CVE-2024-12663 (A vulnerability classified as problematic was found in
funnyzpc Mee-Ad ...)
- TODO: check
+ NOT-FOR-US: funnyzpc Mee-Admin
CVE-2024-12662 (A vulnerability classified as problematic has been found in
IObit Adva ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12661 (A vulnerability was found in IObit Advanced SystemCare Utimate
up to 1 ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12660 (A vulnerability was found in IObit Advanced SystemCare Utimate
up to 1 ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12659 (A vulnerability was found in IObit Advanced SystemCare Utimate
up to 1 ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12658 (A vulnerability was found in IObit Advanced SystemCare Utimate
up to 1 ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12657 (A vulnerability has been found in IObit Advanced SystemCare
Utimate up ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12656 (A vulnerability, which was classified as problematic, was
found in Fab ...)
- TODO: check
+ NOT-FOR-US: FabulaTech USB over Network
CVE-2024-12655 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: FabulaTech USB over Network
CVE-2024-12654 (A vulnerability classified as problematic was found in
FabulaTech USB ...)
- TODO: check
+ NOT-FOR-US: FabulaTech USB over Network
CVE-2024-12653 (A vulnerability classified as problematic has been found in
FabulaTech ...)
- TODO: check
+ NOT-FOR-US: FabulaTech USB over Network
CVE-2024-12478 (A vulnerability was found in InvoicePlane up to 1.6.1. It has
been dec ...)
- TODO: check
+ NOT-FOR-US: InvoicePlane
CVE-2024-12362 (A vulnerability was found in InvoicePlane up to 1.6.1. It has
been cla ...)
- TODO: check
+ NOT-FOR-US: InvoicePlane
CVE-2024-12092 (A stored Cross-site Scripting (XSS) vulnerability affecting
ENOVIA Col ...)
- TODO: check
+ NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release
3DEXPERIENCE R2024x
CVE-2024-12091 (A stored Cross-site Scripting (XSS) vulnerability affecting
ENOVIA Col ...)
- TODO: check
+ NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release
3DEXPERIENCE R2024x
CVE-2024-12090 (A stored Cross-site Scripting (XSS) vulnerability affecting
ENOVIA Col ...)
- TODO: check
+ NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release
3DEXPERIENCE R2024x
CVE-2024-12089 (A stored Cross-site Scripting (XSS) vulnerability affecting
ENOVIA Col ...)
- TODO: check
+ NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release
3DEXPERIENCE R2024x
CVE-2024-11358 (Mattermost Android Mobile Apps versions <=2.21.0 fail to
properly conf ...)
- TODO: check
+ NOT-FOR-US: Mattermost Android Mobile Apps
CVE-2024-11144 (The server lacks thread safety and can be crashed by anomalous
data se ...)
TODO: check
CVE-2024-10972 (Velocidex WinPmem versions 4.1 and below suffer from an
Improper Input ...)
- TODO: check
+ NOT-FOR-US: Velocidex WinPmem
CVE-2024-10095 (In Progress Telerik UI for WPF versions prior to 2024 Q4
(2024.4.1213) ...)
- TODO: check
+ NOT-FOR-US: Telerik
CVE-2024-55919 [Improper input validation on generic SSO login]
- sympa <unfixed> (bug #1090188)
NOTE: https://www.sympa.community/security/2024-001.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ede0bcccd04a8be466fbcaa97a705d29e62b4c8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ede0bcccd04a8be466fbcaa97a705d29e62b4c8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
