Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4a566d14 by Salvatore Bonaccorso at 2024-02-07T09:31:52+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
CVE-2024-25140 (A default installation of RustDesk 1.2.3 on Windows places a
WDKTestCe ...)
- TODO: check
+ NOT-FOR-US: RustDesk
CVE-2024-24943 (In JetBrains Toolbox App before 2.2 a DoS attack was possible
via a ma ...)
- TODO: check
+ NOT-FOR-US: JetBrains Toolbox App
CVE-2024-24942 (In JetBrains TeamCity before 2023.11.3 path traversal allowed
reading ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-24941 (In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for
JetBrains Spac ...)
TODO: check
CVE-2024-24940 (In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was
possible ...)
TODO: check
CVE-2024-24939 (In JetBrains Rider before 2023.3.3 logging of environment
variables co ...)
- TODO: check
+ NOT-FOR-US: JetBrains Rider
CVE-2024-24938 (In JetBrains TeamCity before 2023.11.2 limited directory
traversal was ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-24937 (In JetBrains TeamCity before 2023.11.2 stored XSS via agent
distributi ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-24936 (In JetBrains TeamCity before 2023.11.2 access control at the
S3 Artifa ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-24810 (WiX toolset lets developers create installers for Windows
Installer, t ...)
- TODO: check
+ NOT-FOR-US: WiX toolset
CVE-2024-24594 (A cross-site scripting (XSS) vulnerability in all versions of
the web ...)
- TODO: check
+ NOT-FOR-US: Allegro AI's ClearML platform
CVE-2024-24593 (A cross-site request forgery (CSRF) vulnerability in all
versions of t ...)
- TODO: check
+ NOT-FOR-US: Allegro AI's ClearML platform
CVE-2024-24592 (Lack of authentication in all versions of the fileserver
component of ...)
- TODO: check
+ NOT-FOR-US: Allegro AI's ClearML platform
CVE-2024-24591 (A path traversal vulnerability in version 1.4.0 or newer of
Allegro AI ...)
- TODO: check
+ NOT-FOR-US: Allegro AI's ClearML platform
CVE-2024-24590 (Deserialization of untrusted data can occur in version 0.17.0
or newer ...)
- TODO: check
+ NOT-FOR-US: Allegro AI's ClearML platform
CVE-2024-24291 (An issue in the component /member/index/login of yzmcms v7.0
allows at ...)
- TODO: check
+ NOT-FOR-US: yzmcms
CVE-2024-24255 (A Race Condition discovered in geofence.cpp and
mission_feasibility_ch ...)
- TODO: check
+ NOT-FOR-US: PX4 Autopilot
CVE-2024-24254 (PX4 Autopilot 1.14 and earlier, due to the lack of
synchronization mec ...)
- TODO: check
+ NOT-FOR-US: PX4 Autopilot
CVE-2024-24019 (A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1
and prio ...)
TODO: check
CVE-2024-24015 (A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1
and prio ...)
@@ -229,7 +229,7 @@ CVE-2024-24808 (pyLoad is an open-source Download Manager
written in pure Python
CVE-2024-24807 (Sulu is a highly extensible open-source PHP content management
system ...)
NOT-FOR-US: Sulu
CVE-2024-24595 (Allegro AI\u2019s open-source version of ClearML stores
passwords in p ...)
- TODO: check
+ NOT-FOR-US: Allegro AI open-source version of ClearML
CVE-2024-24574 (phpMyFAQ is an open source FAQ web application for PHP 8.1+
and MySQL, ...)
NOT-FOR-US: phpMyFAQ
CVE-2024-24559 (Vyper is a Pythonic Smart Contract Language for the EVM. There
is an e ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a566d149ae2b9dfa5c519a0fbc8c1df6a4be648
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a566d149ae2b9dfa5c519a0fbc8c1df6a4be648
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
