[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 10 20:32:57 GMT 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1cb55eac by Salvatore Bonaccorso at 2024-12-10T21:32:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
 CVE-2024-9844 (Insufficient server-side controls in Secure Application Manager of Iva ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2024-8540 (Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0. ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2024-8256 (In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (e ...)
-	TODO: check
+	NOT-FOR-US: Teltonika Networks RUTOS devices
 CVE-2024-7572 (Insufficient permissions in Ivanti DSM before version 2024.3.5740 allo ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2024-5660 (Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 tran ...)
 	TODO: check
 CVE-2024-55602 (PwnDoc is a penetration test report generator. Prior to commit 1d4219c ...)
-	TODO: check
+	NOT-FOR-US: PwnDoc
 CVE-2024-55586 (Nette Database through 3.2.4 allows SQL injection in certain situation ...)
 	TODO: check
 CVE-2024-55550 (Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker w ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2024-55548 (Improper check of password character lenght in ORing IAP-420 allows a  ...)
-	TODO: check
+	NOT-FOR-US: ORing IAP-420
 CVE-2024-55547 (SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injectio ...)
-	TODO: check
+	NOT-FOR-US: ORing IAP-420
 CVE-2024-55546 (Missing input validation in the ORing IAP-420 web-interface allows sto ...)
-	TODO: check
+	NOT-FOR-US: ORing IAP-420
 CVE-2024-55545 (Missing input validation in the ORing IAP-420 web-interface allows Cro ...)
-	TODO: check
+	NOT-FOR-US: ORing IAP-420
 CVE-2024-55544 (Missing input validation in the ORing IAP-420 web-interface allows sto ...)
-	TODO: check
+	NOT-FOR-US: ORing IAP-420
 CVE-2024-55500 (Cross-Site Request Forgery (CSRF) in Avenwu Whistle v.2.9.90 and befor ...)
-	TODO: check
+	NOT-FOR-US: Avenwu Whistle
 CVE-2024-54751 (COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded pass ...)
-	TODO: check
+	NOT-FOR-US: COMFAST CF-WR630AX
 CVE-2024-54152 (Angular Expressions provides expressions for the Angular.JS web framew ...)
 	TODO: check
 CVE-2024-54095 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb55eac64ba6f824b2712e231cd3e83bff624eb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb55eac64ba6f824b2712e231cd3e83bff624eb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241210/f9bd3b02/attachment.htm>


More information about the debian-security-tracker-commits mailing list