Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c07b3b44 by Salvatore Bonaccorso at 2024-12-30T21:29:17+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2024-56801 (Tasklists provides plugin tasklists for GLPI. Versions prior
to 2.0.4 ...)
- TODO: check
+ NOT-FOR-US: Tasklists plugin for GLPI
CVE-2024-56800 (Firecrawl is a web scraper that allows users to extract the
content of ...)
TODO: check
CVE-2024-56799 (Simofa is a tool to help automate static website building and
deployme ...)
@@ -9,11 +9,11 @@ CVE-2024-56734 (Better Auth is an authentication library for
TypeScript. An open
CVE-2024-56733 (Password Pusher is an open source application to communicate
sensitive ...)
TODO: check
CVE-2024-56517 (LGSL (Live Game Server List) provides online status lists for
online v ...)
- TODO: check
+ NOT-FOR-US: LGSL (Live Game Server List)
CVE-2024-56516 (free-one-api allows users to access large language model
reverse engin ...)
TODO: check
CVE-2024-54181 (IBM WebSphere Automation 1.7.5 could allow a remote privileged
user, w ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-52294 (Khoj is a self-hostable artificial intelligence app. Prior to
version ...)
TODO: check
CVE-2024-50703 (TeamPass before 3.1.3.1 does not properly prevent a user from
acting w ...)
@@ -23,9 +23,9 @@ CVE-2024-50702 (TeamPass before 3.1.3.1 does not properly
check whether a mail_m
CVE-2024-50701 (TeamPass before 3.1.3.1, when retrieving information about
access righ ...)
TODO: check
CVE-2024-47926 (Tecnick TCExam \u2013 CWE-89: Improper Neutralization of
Special Eleme ...)
- TODO: check
+ NOT-FOR-US: Tecnick TCExam
CVE-2024-47925 (Tecnick TCExam \u2013 Multiple CWE-79: Improper Neutralization
of Inpu ...)
- TODO: check
+ NOT-FOR-US: Tecnick TCExam
CVE-2024-47924 (Boa web server \u2013 CWE-79: Improper Neutralization of Input
During ...)
TODO: check
CVE-2024-47923 (Mashov \u2013 CWE-200: Exposure of Sensitive Information to an
Unautho ...)
@@ -43,21 +43,21 @@ CVE-2024-47918 (Tiki Wiki CMS \u2013 CWE-80: Improper
Neutralization of Script-R
CVE-2024-47917 (CWE-79: Improper Neutralization of Input During Web Page
Generation (' ...)
TODO: check
CVE-2024-46542 (Veritas / Arctera Data Insight before 7.1.1 allows Application
Adminis ...)
- TODO: check
+ NOT-FOR-US: Veritas
CVE-2024-22063 (The ZENIC ONE R58 products by ZTE Corporation have a command
injection ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2024-12993 (Infinix devices contain a pre-loaded "com.rlk.weathers"
application, t ...)
TODO: check
CVE-2024-12836 (Delta Electronics DRASimuCAD STP File Parsing Type Confusion
Remote Co ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-12835 (Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds
Write Remo ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-12834 (Delta Electronics DRASimuCAD STP File Parsing Type Confusion
Remote Co ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-12828 (Webmin CGI Command Injection Remote Code Execution
Vulnerability. This ...)
TODO: check
CVE-2024-12754 (AnyDesk Link Following Information Disclosure Vulnerability.
This vuln ...)
- TODO: check
+ NOT-FOR-US: AnyDesk
CVE-2024-10044 (A Server-Side Request Forgery (SSRF) vulnerability exists in
the POST ...)
TODO: check
CVE-2024-13039 (A vulnerability was found in code-projects Simple Chat System
1.0. It ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c07b3b448080d38536e4fa191c80d38177a2fee1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c07b3b448080d38536e4fa191c80d38177a2fee1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
