[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 10 20:32:57 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1cb55eac by Salvatore Bonaccorso at 2024-12-10T21:32:36+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
CVE-2024-9844 (Insufficient server-side controls in Secure Application Manager of Iva ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-8540 (Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0. ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-8256 (In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (e ...)
- TODO: check
+ NOT-FOR-US: Teltonika Networks RUTOS devices
CVE-2024-7572 (Insufficient permissions in Ivanti DSM before version 2024.3.5740 allo ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-5660 (Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 tran ...)
TODO: check
CVE-2024-55602 (PwnDoc is a penetration test report generator. Prior to commit 1d4219c ...)
- TODO: check
+ NOT-FOR-US: PwnDoc
CVE-2024-55586 (Nette Database through 3.2.4 allows SQL injection in certain situation ...)
TODO: check
CVE-2024-55550 (Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker w ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-55548 (Improper check of password character lenght in ORing IAP-420 allows a ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55547 (SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injectio ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55546 (Missing input validation in the ORing IAP-420 web-interface allows sto ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55545 (Missing input validation in the ORing IAP-420 web-interface allows Cro ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55544 (Missing input validation in the ORing IAP-420 web-interface allows sto ...)
- TODO: check
+ NOT-FOR-US: ORing IAP-420
CVE-2024-55500 (Cross-Site Request Forgery (CSRF) in Avenwu Whistle v.2.9.90 and befor ...)
- TODO: check
+ NOT-FOR-US: Avenwu Whistle
CVE-2024-54751 (COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded pass ...)
- TODO: check
+ NOT-FOR-US: COMFAST CF-WR630AX
CVE-2024-54152 (Angular Expressions provides expressions for the Angular.JS web framew ...)
TODO: check
CVE-2024-54095 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb55eac64ba6f824b2712e231cd3e83bff624eb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cb55eac64ba6f824b2712e231cd3e83bff624eb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241210/f9bd3b02/attachment.htm>
More information about the debian-security-tracker-commits
mailing list