Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5d38387d by Salvatore Bonaccorso at 2024-07-09T10:53:26+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -61,21 +61,21 @@ CVE-2024-3653 (A vulnerability was found in Undertow. This issue requires enabli CVE-2024-3410 (The DN Footer Contacts WordPress plugin before 1.6.3 does not sanitise ...) TODO: check CVE-2024-39600 (Under certain conditions, the memory of SAP GUI for Windows contains t ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-39599 (Due to a Protection Mechanism Failure in SAP NetWeaver Application Ser ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-39598 (SAP CRM (WebClient UI Framework) allows an authenticated attacker to e ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-39597 (In SAP Commerce, a user can misuse the forgotten password functionalit ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-39596 (Due to missing authorization checks, SAP Enable Now allows an author t ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-39595 (SAP Business Warehouse - Business Planning and Simulation application ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-39594 (SAP Business Warehouse - Business Planning and Simulation application ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-39593 (SAP Landscape Management allows an authenticated user to read confiden ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-39592 (Elements of PDCE does not perform necessary authorization checks for a ...) TODO: check CVE-2024-38372 (Undici is an HTTP/1.1 client, written from scratch for Node.js. Depend ...) @@ -85,25 +85,25 @@ CVE-2024-37923 (Cross-Site Request Forgery (CSRF) vulnerability in Cliengo \u201 CVE-2024-37555 (Unrestricted Upload of File with Dangerous Type vulnerability in Zealo ...) TODO: check CVE-2024-37180 (Under certain conditions SAP NetWeaver Application Server for ABAP and ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-37175 (SAP CRM WebClient does not perform necessary authorization check for a ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-37174 (Custom CSS support option in SAP CRM WebClient UI does not sufficientl ...) TODO: check CVE-2024-37173 (Due to insufficient input validation, SAP CRM WebClient UI allows an ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-37172 (SAP S/4HANA Finance (Advanced Payment Management) does not perform nec ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-37171 (SAP Transportation Management (Collaboration Portal) allows an attacke ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-34786 (UniFi iOS app 10.15.0 introduces a misconfiguration on 2nd Generation ...) TODO: check CVE-2024-34692 (Due to missing verification of file type or content, SAP Enable Now al ...) TODO: check CVE-2024-34689 (WebFlow Services of SAP Business Workflow allows an authenticated atta ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-34685 (Due to weak encoding of user-controlled input in SAP NetWeaver Knowled ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-28751 (An high privileged remote attacker can enable telnet access that accep ...) TODO: check CVE-2024-28750 (A remote attacker with high privileges may use a deleting file functio ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d38387dc74f94e3887a37b6f0657104b44fffe9 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d38387dc74f94e3887a37b6f0657104b44fffe9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits