[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 16 20:52:57 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4ede0bcc by Salvatore Bonaccorso at 2024-12-16T21:50:14+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -269,69 +269,69 @@ CVE-2024-54229 (Incorrect Privilege Assignment vulnerability in Straightvisions
CVE-2024-54083 (Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11 ...)
- mattermost-server <itp> (bug #823556)
CVE-2024-4762 (An improper validation vulnerability was reported in the firmware upda ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2024-49775 (A vulnerability has been identified in Opcenter Execution Foundation ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-48872 (Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11 ...)
- mattermost-server <itp> (bug #823556)
CVE-2024-43234 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37251 (Cross-Site Request Forgery (CSRF) vulnerability in WPENGINE, INC. Adva ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12687 (Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks ...)
- TODO: check
+ NOT-FOR-US: PlexTrac
CVE-2024-12668 (Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Writ ...)
- TODO: check
+ NOT-FOR-US: Velocidex WinPmem
CVE-2024-12667 (A vulnerability was found in InvoicePlane up to 1.6.1 and classified a ...)
- TODO: check
+ NOT-FOR-US: InvoicePlane
CVE-2024-12666 (A vulnerability has been found in ClassCMS up to 4.8 and classified as ...)
- TODO: check
+ NOT-FOR-US: ClassCMS
CVE-2024-12665 (A vulnerability, which was classified as problematic, was found in rui ...)
- TODO: check
+ NOT-FOR-US: ruifang-tech Rebuild
CVE-2024-12664 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: ruifang-tech Rebuild
CVE-2024-12663 (A vulnerability classified as problematic was found in funnyzpc Mee-Ad ...)
- TODO: check
+ NOT-FOR-US: funnyzpc Mee-Admin
CVE-2024-12662 (A vulnerability classified as problematic has been found in IObit Adva ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12661 (A vulnerability was found in IObit Advanced SystemCare Utimate up to 1 ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12660 (A vulnerability was found in IObit Advanced SystemCare Utimate up to 1 ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12659 (A vulnerability was found in IObit Advanced SystemCare Utimate up to 1 ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12658 (A vulnerability was found in IObit Advanced SystemCare Utimate up to 1 ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12657 (A vulnerability has been found in IObit Advanced SystemCare Utimate up ...)
- TODO: check
+ NOT-FOR-US: IObit Advanced SystemCare Utimate
CVE-2024-12656 (A vulnerability, which was classified as problematic, was found in Fab ...)
- TODO: check
+ NOT-FOR-US: FabulaTech USB over Network
CVE-2024-12655 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: FabulaTech USB over Network
CVE-2024-12654 (A vulnerability classified as problematic was found in FabulaTech USB ...)
- TODO: check
+ NOT-FOR-US: FabulaTech USB over Network
CVE-2024-12653 (A vulnerability classified as problematic has been found in FabulaTech ...)
- TODO: check
+ NOT-FOR-US: FabulaTech USB over Network
CVE-2024-12478 (A vulnerability was found in InvoicePlane up to 1.6.1. It has been dec ...)
- TODO: check
+ NOT-FOR-US: InvoicePlane
CVE-2024-12362 (A vulnerability was found in InvoicePlane up to 1.6.1. It has been cla ...)
- TODO: check
+ NOT-FOR-US: InvoicePlane
CVE-2024-12092 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
- TODO: check
+ NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x
CVE-2024-12091 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
- TODO: check
+ NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x
CVE-2024-12090 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
- TODO: check
+ NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x
CVE-2024-12089 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
- TODO: check
+ NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x
CVE-2024-11358 (Mattermost Android Mobile Apps versions <=2.21.0 fail to properly conf ...)
- TODO: check
+ NOT-FOR-US: Mattermost Android Mobile Apps
CVE-2024-11144 (The server lacks thread safety and can be crashed by anomalous data se ...)
TODO: check
CVE-2024-10972 (Velocidex WinPmem versions 4.1 and below suffer from an Improper Input ...)
- TODO: check
+ NOT-FOR-US: Velocidex WinPmem
CVE-2024-10095 (In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213) ...)
- TODO: check
+ NOT-FOR-US: Telerik
CVE-2024-55919 [Improper input validation on generic SSO login]
- sympa <unfixed> (bug #1090188)
NOTE: https://www.sympa.community/security/2024-001.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ede0bcccd04a8be466fbcaa97a705d29e62b4c8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ede0bcccd04a8be466fbcaa97a705d29e62b4c8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241216/160a2b65/attachment.htm>
More information about the debian-security-tracker-commits
mailing list