Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3ac94d30 by Moritz Muehlenhoff at 2025-03-16T21:00:36+01:00
auto-nfu: Add Black Duck
Total CVEs from BlackDuck: 9
Total CVEs from BlackDuck with packages assigned: 0
- - - - -
39211462 by Moritz Muehlenhoff at 2025-03-16T21:03:22+01:00
NFUs
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -201,15 +201,15 @@ CVE-2025-1507 (The ShareThis Dashboard for Google
Analytics plugin for WordPress
CVE-2024-55594 (An improper handling of syntactically invalid structure in
Fortinet Fo ...)
NOT-FOR-US: Fortinet
CVE-2024-54449 (The API used to interact with documents in the application
contains tw ...)
- TODO: check
+ NOT-FOR-US: Black Duck
CVE-2024-54448 (The Automation Scripting functionality can be exploited by
attackers t ...)
- TODO: check
+ NOT-FOR-US: Black Duck
CVE-2024-54447 (Saved search functionality contains a blind SQL injection that
can be ...)
- TODO: check
+ NOT-FOR-US: Black Duck
CVE-2024-54446 (Document history functionality contains a blind SQL injection
that can ...)
- TODO: check
+ NOT-FOR-US: Black Duck
CVE-2024-54445 (Login functionality contains a blind SQL injection that can be
exploit ...)
- TODO: check
+ NOT-FOR-US: Black Duck
CVE-2024-47573 (An improper validation of integrity check value vulnerability
[CWE-354 ...)
NOT-FOR-US: Fortinet
CVE-2024-46662 (A improper neutralization of special elements used in a
command ('comm ...)
@@ -235,11 +235,11 @@ CVE-2024-13771 (The Civi - Job Board & Freelance
Marketplace WordPress Theme plu
CVE-2024-12810 (The JobCareer | Job Board Responsive WordPress Theme theme for
WordPre ...)
NOT-FOR-US: WordPress plugin
CVE-2024-12245 (Logout functionality contains a blind SQL injection that can
be exploi ...)
- TODO: check
+ NOT-FOR-US: Black Duck
CVE-2024-12020 (There is a reflected cross-site scripting (XSS) within JSP
files used ...)
- TODO: check
+ NOT-FOR-US: Black Duck
CVE-2024-12019 (The API used to interact with documents in the application
contains a ...)
- TODO: check
+ NOT-FOR-US: Black Duck
CVE-2023-48785 (An improper certificate validation vulnerability [CWE-295] in
FortiNAC ...)
NOT-FOR-US: Fortinet
CVE-2023-45588 (An external control of file name or path vulnerability
[CWE-73] in Fo ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -15,6 +15,8 @@
cna: Axis
- reason: Bitdefender
cna: Bitdefender
+- reason: Black Duck
+ cna: BlackDuck
- reason: ChromeOS
cna: ChromeOS
- reason: Dell / EMC
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3df9f3b218ab9b836844c789efabd91daa28b1e6...392114627797ee19e2e3e9874105a81f2e9de24a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3df9f3b218ab9b836844c789efabd91daa28b1e6...392114627797ee19e2e3e9874105a81f2e9de24a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
