[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 18 21:28:38 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c46c9174 by Salvatore Bonaccorso at 2024-06-18T22:27:10+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
CVE-2024-6116 (A vulnerability, which was classified as critical, has been found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Simple Online Hotel Reservation System
CVE-2024-6115 (A vulnerability classified as critical was found in itsourcecode Simpl ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Simple Online Hotel Reservation System
CVE-2024-6114 (A vulnerability classified as critical has been found in itsourcecode ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Monbela Tourist Inn Online Reservation System
CVE-2024-6112 (A vulnerability classified as critical was found in itsourcecode Pool ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Pool of Bethesda Online Reservation System
CVE-2024-6111 (A vulnerability classified as critical has been found in itsourcecode ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Pool of Bethesda Online Reservation System
CVE-2024-6110 (A vulnerability was found in itsourcecode Magbanua Beach Resort Online ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Magbanua Beach Resort Online Reservation System
CVE-2024-6109 (A vulnerability was found in itsourcecode Tailoring Management System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-6108 (A vulnerability was found in Genexis Tilgin Home Gateway 322_AS0500-03 ...)
- TODO: check
+ NOT-FOR-US: Genexis Tilgin Home Gateway
CVE-2024-5967 (A vulnerability was found in Keycloak. The LDAP testing endpoint allow ...)
- TODO: check
+ NOT-FOR-US: Keycloak
CVE-2024-5953 (A denial of service vulnerability was found in the 389-ds-base LDAP se ...)
TODO: check
CVE-2024-5899 (When Bazel Plugin in intellij imports a project (either using "import ...)
@@ -25,19 +25,19 @@ CVE-2024-5750
CVE-2024-5275 (A hard-coded password in the FileCatalyst TransferAgent can be found w ...)
TODO: check
CVE-2024-38507 (In JetBrains Hub before 2024.2.34646 stored XSS via project descriptio ...)
- TODO: check
+ NOT-FOR-US: JetBrains Hub
CVE-2024-38506 (In JetBrains YouTrack before 2024.2.34646 user without appropriate per ...)
- TODO: check
+ NOT-FOR-US: JetBrains YouTrack
CVE-2024-38505 (In JetBrains YouTrack before 2024.2.34646 user access token was sent t ...)
- TODO: check
+ NOT-FOR-US: JetBrains YouTrack
CVE-2024-38504 (In JetBrains YouTrack before 2024.2.34646 the Guest User Account was e ...)
- TODO: check
+ NOT-FOR-US: JetBrains YouTrack
CVE-2024-38351 (Pocketbase is an open source web backend written in go. In affected ve ...)
TODO: check
CVE-2024-38348 (CodeProjects Health Care hospital Management System v1.0 was discovere ...)
- TODO: check
+ NOT-FOR-US: CodeProjects Health Care hospital Management System
CVE-2024-38347 (CodeProjects Health Care hospital Management System v1.0 was discovere ...)
- TODO: check
+ NOT-FOR-US: CodeProjects Health Care hospital Management System
CVE-2024-38277 (A unique key should be generated for a user's QR login key and their a ...)
TODO: check
CVE-2024-38276 (Incorrect CSRF token checks resulted in multiple CSRF risks.)
@@ -49,23 +49,23 @@ CVE-2024-38274 (Insufficient escaping of calendar event titles resulted in a sto
CVE-2024-38273 (Insufficient capability checks meant it was possible for users to gain ...)
TODO: check
CVE-2024-37904 (Minder is an open source Software Supply Chain Security Platform. Mind ...)
- TODO: check
+ NOT-FOR-US: Minder by Stacklok
CVE-2024-37821 (An arbitrary file upload vulnerability in the Upload Template function ...)
TODO: check
CVE-2024-37803 (Multiple stored cross-site scripting (XSS) vulnerabilities in CodeProj ...)
- TODO: check
+ NOT-FOR-US: CodeProjects Health Care hospital Management System
CVE-2024-37802 (CodeProjects Health Care hospital Management System v1.0 was discovere ...)
- TODO: check
+ NOT-FOR-US: CodeProjects Health Care hospital Management System
CVE-2024-37800 (CodeProjects Restaurant Reservation System v1.0 was discovered to cont ...)
- TODO: check
+ NOT-FOR-US: CodeProjects Restaurant Reservation System
CVE-2024-37799 (CodeProjects Restaurant Reservation System v1.0 was discovered to cont ...)
- TODO: check
+ NOT-FOR-US: CodeProjects Restaurant Reservation System
CVE-2024-37791 (DuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability ...)
- TODO: check
+ NOT-FOR-US: DuxCMS3
CVE-2024-22002 (CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged u ...)
- TODO: check
+ NOT-FOR-US: CORSAIR iCUE
CVE-2024-21685 (This High severity Information Disclosure vulnerability was introduced ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2023-47726 (IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pa ...)
NOT-FOR-US: IBM
CVE-2024-6103
@@ -95980,7 +95980,7 @@ CVE-2023-27638 (An issue was discovered in the tshirtecommerce (aka Custom Produ
CVE-2023-27637 (An issue was discovered in the tshirtecommerce (aka Custom Product Des ...)
NOT-FOR-US: tshirtecommerce
CVE-2023-27636 (Progress Sitefinity before 15.0.0 allows XSS by authenticated users vi ...)
- TODO: check
+ NOT-FOR-US: Progress Sitefinity
CVE-2023-1184 (A vulnerability, which was classified as problematic, has been found i ...)
NOT-FOR-US: ECshop
CVE-2023-1183 (A flaw was found in the Libreoffice package. An attacker can craft an ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c46c9174b1aa86ce28eadb7d80c383b8d7b0fe16
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c46c9174b1aa86ce28eadb7d80c383b8d7b0fe16
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240618/2bcd0287/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list