Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bff50061 by Salvatore Bonaccorso at 2024-12-20T21:27:25+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,43 +1,43 @@
CVE-2024-7726 (There exists an unauthenticated accessible JTAG port on the
Kioxia PM6 ...)
- TODO: check
+ NOT-FOR-US: Kioxia
CVE-2024-56356 (In JetBrains TeamCity before 2024.12 insecure XMLParser
configuration ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-56355 (In JetBrains TeamCity before 2024.12 missing Content-Type
header in Re ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-56354 (In JetBrains TeamCity before 2024.12 password field value were
accessi ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-56353 (In JetBrains TeamCity before 2024.12 backup file exposed user
credenti ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-56352 (In JetBrains TeamCity before 2024.12 stored XSS was possible
via image ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-56351 (In JetBrains TeamCity before 2024.12 access tokens were not
revoked af ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-56350 (In JetBrains TeamCity before 2024.12 build credentials allowed
unautho ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-56349 (In JetBrains TeamCity before 2024.12 improper access control
allowed u ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-56348 (In JetBrains TeamCity before 2024.12 improper access control
allowed v ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-56337 (Time-of-check Time-of-use (TOCTOU) Race Condition
vulnerability in Apa ...)
TODO: check
CVE-2024-56333 (Onyxia is a web app that aims at being the glue between
multiple open ...)
- TODO: check
+ NOT-FOR-US: Onyxia
CVE-2024-56331 (Uptime Kuma is an open source, self-hosted monitoring tool. An
**Impro ...)
- TODO: check
+ NOT-FOR-US: Uptime Kuma
CVE-2024-56330 (Stardust is a platform for streaming isolated desktop
containers. With ...)
- TODO: check
+ NOT-FOR-US: Stardust
CVE-2024-56329 (Socialstream is a third-party package for Laravel Jetstream.
It replac ...)
- TODO: check
+ NOT-FOR-US: Socialstream
CVE-2024-55471 (Oqtane Framework is vulnerable to Insecure Direct Object
Reference (ID ...)
- TODO: check
+ NOT-FOR-US: Oqtane Framework
CVE-2024-55470 (Oqtane Framework 6.0.0 is vulnerable to Incorrect Access
Control. By m ...)
- TODO: check
+ NOT-FOR-US: Oqtane Framework
CVE-2024-55342 (A file upload functionality in Piranha CMS 11.1 allows
authenticated r ...)
- TODO: check
+ NOT-FOR-US: Piranha CMS
CVE-2024-55341 (A stored cross-site scripting (XSS) vulnerability in Piranha
CMS 11.1 ...)
- TODO: check
+ NOT-FOR-US: Piranha CMS
CVE-2024-55186 (An IDOR (Insecure Direct Object Reference) vulnerability
exists in oqt ...)
- TODO: check
+ NOT-FOR-US: oqtane Framework
CVE-2024-51466 (IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0
through 12 ...)
TODO: check
CVE-2024-40695 (IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0
through 12 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bff500615b46d1ba4597c86c712732a423c794cf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bff500615b46d1ba4597c86c712732a423c794cf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
