[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 29 21:34:04 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
77c38f97 by Salvatore Bonaccorso at 2024-05-29T22:31:56+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2024-5039 (The HUSKY \u2013 Products Filter Professional for WooCommerce plu
CVE-2024-4358 (In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or ea ...)
NOT-FOR-US: Progress Telerik Report Server
CVE-2024-3412 (The WP STAGING WordPress Backup Plugin \u2013 Migration Backup Restore ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-36470 (In JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11. ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2024-36427 (The file-serving function in TARGIT Decision Suite 23.2.15007 allows a ...)
@@ -58,13 +58,13 @@ CVE-2024-35333 (A stack-buffer-overflow vulnerability exists in the read_charset
CVE-2024-35311 (Yubico YubiKey 5 Series before 5.7.0, Security Key Series before 5.7.0 ...)
TODO: check
CVE-2024-35284 (A vulnerability in the legacy chat component of Mitel MiContact Center ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-35283 (A vulnerability in the Ignite component of Mitel MiContact Center Busi ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-35200 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC mod ...)
TODO: check
CVE-2024-34715 (Fides is an open-source privacy engineering platform. The Fides webser ...)
- TODO: check
+ NOT-FOR-US: Fides
CVE-2024-34161 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC mod ...)
TODO: check
CVE-2024-32760 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC mod ...)
@@ -72,11 +72,11 @@ CVE-2024-32760 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QU
CVE-2024-31079 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC mod ...)
TODO: check
CVE-2024-28974 (Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequat ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28826 (Improper restriction of local upload and download paths in check_sftp ...)
TODO: check
CVE-2024-27313 (Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability. Th ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2024-25977 (The application does not change the session token when using the login ...)
TODO: check
CVE-2024-25976 (When LDAP authentication is activated in the configuration it is possi ...)
@@ -306,7 +306,7 @@ CVE-2024-23948 (Multiple improper array index validation vulnerabilities exist i
CVE-2024-23947 (Multiple improper array index validation vulnerabilities exist in the ...)
TODO: check
CVE-2024-23601 (A code injection vulnerability exists in the scan_lib.bin functionalit ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-23315 (A read-what-where vulnerability exists in the Programming Software Con ...)
TODO: check
CVE-2024-22590 (The TLS engine in Kwik commit 745fd4e2 does not track the current stat ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77c38f97ab77842a7e609b1d962159eb77b48014
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77c38f97ab77842a7e609b1d962159eb77b48014
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240529/25e1ebc2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list