[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Feb 14 11:52:56 GMT 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c59f4ca9 by Moritz Muehlenhoff at 2024-02-14T12:51:52+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2024-25125 (Digdag is an open source tool that to build, run, schedule, and monito ...)
- TODO: check
+ NOT-FOR-US: Digdag
CVE-2024-25121 (TYPO3 is an open source PHP based web content management system releas ...)
NOT-FOR-US: TYPO3
CVE-2024-25120 (TYPO3 is an open source PHP based web content management system releas ...)
@@ -25,19 +25,19 @@ CVE-2024-24690 (Improper input validation in some Zoom clients may allow an auth
CVE-2024-24142 (Sourcecodester School Task Manager 1.0 allows SQL Injection via the 's ...)
NOT-FOR-US: Sourcecodester School Task Manager
CVE-2024-22455 (Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Obje ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-1485 (A vulnerability was found in the decompression function of registry-su ...)
- TODO: check
+ NOT-FOR-US: OpenShift
CVE-2023-6152 (A user changing their email after signing up and verifying it can chan ...)
- TODO: check
+ - grafana <removed>
CVE-2023-44293 (In Dell Secure Connect Gateway Application and Secure Connect Gateway ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-44283 (In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and Supp ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-39249 (Dell SupportAssist for Business PCs version 3.4.0 contains a local Aut ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-38960 (Insecure Permissions issue in Raiden Professional Server RaidenFTPD v. ...)
- TODO: check
+ NOT-FOR-US: RaidenFTPD
CVE-2024-1342
NOT-FOR-US: Red Hat OpenShift
CVE-2024-25122 (sidekiq-unique-jobs is an open source project which prevents simultane ...)
@@ -249,25 +249,25 @@ CVE-2024-20673 (Microsoft Office Remote Code Execution Vulnerability)
CVE-2024-20667 (Azure DevOps Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-1378 (A command injection vulnerability was identified in GitHub Enterprise ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-1374 (A command injection vulnerability was identified in GitHub Enterprise ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-1372 (A command injection vulnerability was identified in GitHub Enterprise ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-1369 (A command injection vulnerability was identified in GitHub Enterprise ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-1359 (A command injection vulnerability was identified in GitHub Enterprise ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-1355 (A command injection vulnerability was identified in GitHub Enterprise ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-1354 (A command injection vulnerability was identified in GitHub Enterprise ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-1309 (Uncontrolled Resource Consumption vulnerability in Honeywell Niagara F ...)
NOT-FOR-US: Honeywell
CVE-2024-1216 (Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Twister Antivirus
CVE-2024-1163 (Path Traversal in GitHub repository mbloch/mapshaper prior to 0.6.44.)
- TODO: check
+ NOT-FOR-US: mapshaper
CVE-2024-1160 (The Bold Page Builder plugin for WordPress is vulnerable to Stored Cro ...)
NOT-FOR-US: WordPress plugin
CVE-2024-1159 (The Bold Page Builder plugin for WordPress is vulnerable to Stored Cro ...)
@@ -279,9 +279,9 @@ CVE-2024-1140 (Twister Antivirus v8.17 is vulnerable to an Out-of-bounds Read vu
CVE-2024-1096 (Twister Antivirus v8.17 allows Elevation of Privileges on the computer ...)
NOT-FOR-US: Twister Antivirus
CVE-2024-1084 (Cross-site Scripting in thetag name pattern field in the tag protectio ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-1082 (A path traversal vulnerability was identified in GitHub Enterprise Ser ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-0707
REJECTED
CVE-2023-6072 (A cross-site scripting vulnerability in Trellix Central Management (CM ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c59f4ca9b787e2b5e0326da2b3a87afdea997a01
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c59f4ca9b787e2b5e0326da2b3a87afdea997a01
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240214/abecf50a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list