Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
14ab63be by Salvatore Bonaccorso at 2024-03-24T21:53:32+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -28,7 +28,7 @@ CVE-2024-2851 (A vulnerability was found in Tenda AC15
15.03.05.18/15.03.20_mult
CVE-2024-2850 (A vulnerability was found in Tenda AC15 15.03.05.18 and
classified as ...)
NOT-FOR-US: Tenda
CVE-2024-24725 (Gibbon through 26.0.00 allows remote authenticated users to
conduct PH ...)
- TODO: check
+ NOT-FOR-US: GibbonEdu Gibbon
CVE-2024-23755 (ClickUp Desktop before 3.3.77 on macOS and Windows allows code
injecti ...)
NOT-FOR-US: ClickUp Desktop
CVE-2020-36827 (The XAO::Web module before 1.84 for Perl mishandles < and >
characters ...)
@@ -111,9 +111,9 @@ CVE-2024-2723 (SQL injection vulnerability in the CIGESv2
system, through/ajaxSu
CVE-2024-2722 (SQL injection vulnerability in the CIGESv2 system,
through/ajaxConfigT ...)
NOT-FOR-US: CIGESv2 system
CVE-2024-2449 (A cross-site request forgery vulnerability has been identified
in Load ...)
- TODO: check
+ NOT-FOR-US: LoadMaster
CVE-2024-2448 (An OS command injection vulnerability has been identified in
LoadMaste ...)
- TODO: check
+ NOT-FOR-US: LoadMaster
CVE-2024-2228 (This vulnerability allows an authenticated user to perform a
Lifecycle ...)
NOT-FOR-US: Sailpoint
CVE-2024-2227 (This vulnerability allows access to arbitrary files in the
application ...)
@@ -138,13 +138,13 @@ CVE-2024-29366 (A command injection vulnerability exists
in the cgibin binary in
CVE-2024-29338 (Anchor CMS v0.12.7 was discovered to contain a Cross-Site
Request Forg ...)
NOT-FOR-US: Anchor CMS
CVE-2024-29186 (Bref is an open-source project that helps users go serverless
on Amazo ...)
- TODO: check
+ NOT-FOR-US: Bref
CVE-2024-29185 (FreeScout is a self-hosted help desk and shared mailbox.
Versions prio ...)
NOT-FOR-US: FreeScout
CVE-2024-29184 (FreeScout is a self-hosted help desk and shared mailbox. A
Stored Cros ...)
NOT-FOR-US: FreeScout
CVE-2024-29042 (Translate is a package that allows users to convert text to
different ...)
- TODO: check
+ NOT-FOR-US: translate Node.js module
CVE-2024-28861 (Symfony 1 is a community-driven fork of the 1.x branch of
Symfony, a P ...)
NOT-FOR-US: Symfony1 (community fork of symfony 1.4 with some
enhancements)
CVE-2024-28824 (Least privilege violation and reliance on untrusted inputs in
the mk_i ...)
@@ -200089,7 +200089,7 @@ CVE-2021-33635 (When malicious images are pulled by
isula pull, attackers can ex
CVE-2021-33634 (iSulad uses the lcr+lxc runtime (default) to run malicious
images, whi ...)
NOT-FOR-US: OpenEuler lcr
CVE-2021-33633 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
- TODO: check
+ NOT-FOR-US: openEuler aops-ceres
CVE-2021-33632
RESERVED
CVE-2021-33631 (Integer Overflow or Wraparound vulnerability in openEuler
kernel on Li ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14ab63be8518a9b7673d43426edee20fa51a7d2d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14ab63be8518a9b7673d43426edee20fa51a7d2d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
