Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a9ae7c04 by Salvatore Bonaccorso at 2024-06-11T22:23:50+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,23 +5,23 @@ CVE-2024-5829 (A vulnerability classified as problematic was
found in smallweigi
CVE-2024-5825
REJECTED
CVE-2024-5813 (A medium severity vulnerability in BIPS has been identified
where an a ...)
- TODO: check
+ NOT-FOR-US: BIPS
CVE-2024-5812 (A low severity vulnerability in BIPS has been identified where
an atta ...)
- TODO: check
+ NOT-FOR-US: BIPS
CVE-2024-5584 (The WordPress Online Booking and Scheduling Plugin \u2013
Bookly plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5531 (The Ocean Extra plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5398
REJECTED
CVE-2024-5189 (The Essential Addons for Elementor \u2013 Best Elementor
Templates, Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4387
REJECTED
CVE-2024-4206
REJECTED
CVE-2024-4190 (Stored Cross-Site Scripting (XSS) vulnerabilities have been
identified ...)
- TODO: check
+ NOT-FOR-US: OpenText ArcSight Logger
CVE-2024-4155
REJECTED
CVE-2024-37325 (Azure Science Virtual Machine (DSVM) Elevation of Privilege
Vulnerabil ...)
@@ -37,199 +37,199 @@ CVE-2024-37294 (Aimeos is an Open Source e-commerce
framework for online shops.
CVE-2024-37293 (The AWS Deployment Framework (ADF) is a framework to manage
and deploy ...)
TODO: check
CVE-2024-37161 (MeterSphere is an open source continuous testing platform.
Prior to ve ...)
- TODO: check
+ NOT-FOR-US: MeterSphere
CVE-2024-36821 (Insecure permissions in Linksys Velop WiFi 5 (WHW01v1)
1.1.13.202617 a ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-36702 (libiec61850 v1.5 was discovered to contain a heap overflow via
the Ber ...)
TODO: check
CVE-2024-36650 (TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware
A3100R V4.1 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-36266 (A vulnerability has been identified in PowerSys (All versions
< V3.11) ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35716 (Missing Authorization vulnerability in Copymatic Copymatic
\u2013 AI C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35692 (Missing Authorization vulnerability in Termly Cookie
Consent.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35685 (Missing Authorization vulnerability in Anders Nor\xe9n
Radcliffe 2.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35683 (Missing Authorization vulnerability in Teplitsa of social
technologies ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35671 (Missing Authorization vulnerability in Minoji MJ Update
History.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35667 (Missing Authorization vulnerability in WP EasyCart.This issue
affects ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35665 (Missing Authorization vulnerability in namithjawahar Insert
Post Ads.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35663 (Missing Authorization vulnerability in HahnCreativeGroup WP
Translate. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35628 (Missing Authorization vulnerability in Photo Gallery Team
Photo Galler ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35303 (A vulnerability has been identified in Tecnomatix Plant
Simulation V23 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35292 (A vulnerability has been identified in SIMATIC S7-200 SMART
CPU CR40 ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35265 (Windows Perception Service Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35263 (Microsoft Dynamics 365 (On-Premises) Information Disclosure
Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35255 (Azure Identity Libraries and Microsoft Authentication Library
Elevatio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35254 (Azure Monitor Agent Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35253 (Microsoft Azure File Sync Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35252 (Azure Storage Movement Client Library Denial of Service
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35250 (Windows Kernel-Mode Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35249 (Microsoft Dynamics 365 Business Central Remote Code Execution
Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35248 (Microsoft Dynamics 365 Business Central Elevation of Privilege
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35213 (An improper input validation vulnerability in the SGI Image
Codec of Q ...)
TODO: check
CVE-2024-35212 (A vulnerability has been identified in SINEC Traffic Analyzer
(6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35211 (A vulnerability has been identified in SINEC Traffic Analyzer
(6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35210 (A vulnerability has been identified in SINEC Traffic Analyzer
(6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35209 (A vulnerability has been identified in SINEC Traffic Analyzer
(6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35208 (A vulnerability has been identified in SINEC Traffic Analyzer
(6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35207 (A vulnerability has been identified in SINEC Traffic Analyzer
(6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35206 (A vulnerability has been identified in SINEC Traffic Analyzer
(6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35168 (Missing Authorization vulnerability in Discourse WP
Discourse.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34826 (Missing Authorization vulnerability in Tobias Conrad Design
for Contac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34824 (Missing Authorization vulnerability in ThemeBoy SportsPress
\u2013 Spo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34822 (Missing Authorization vulnerability in weDevs weMail.This
issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34821 (Missing Authorization vulnerability in Contact List PRO
Contact List \ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34820 (Missing Authorization vulnerability in If So Plugin If-So
Dynamic Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34819 (Missing Authorization vulnerability in MoreConvert MC
Woocommerce Wish ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34815 (Missing Authorization vulnerability in Codection Import and
export use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34813 (Missing Authorization vulnerability in MoreConvert MC
Woocommerce Wish ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34804 (Missing Authorization vulnerability in Tagembed.This issue
affects Tag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34799 (Missing Authorization vulnerability in Repute Infosystems
BookingPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34768 (Missing Authorization vulnerability in Fastly.This issue
affects Fastl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34763 (Missing Authorization vulnerability in Tobias Conrad Builder
for WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34758 (Missing Authorization vulnerability in Wpmet WP Fundraising
Donation a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34753 (Missing Authorization vulnerability in SoftLab Radio
Player.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34442 (Missing Authorization vulnerability in weDevs weDocs.This
issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34406 (Improper exception handling in McAfee Security: Antivirus VPN
for Andr ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2024-34405 (Improper deep link validation in McAfee Security: Antivirus
VPN for An ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2024-33500 (A vulnerability has been identified in Mendix Applications
using Mendi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32148 (Missing Authorization vulnerability in Salesforce Pardot.This
issue af ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32146 (Missing Authorization vulnerability in Aspose.Cloud
Marketplace Aspose ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32144 (Missing Authorization vulnerability in Welcart Inc. Welcart
e-Commerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32143 (Missing Authorization vulnerability in Podlove Podlove Podcast
Publish ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31495 (A improper neutralization of special elements used in an sql
command ( ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-30104 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30103 (Microsoft Outlook Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30102 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30101 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30100 (Microsoft SharePoint Server Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30099 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30097 (Microsoft Speech Application Programming Interface (SAPI)
Remote Code ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30096 (Windows Cryptographic Services Information Disclosure
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30095 (Windows Routing and Remote Access Service (RRAS) Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30094 (Windows Routing and Remote Access Service (RRAS) Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30093 (Windows Storage Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30091 (Win32k Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30090 (Microsoft Streaming Service Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30089 (Microsoft Streaming Service Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30088 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30087 (Win32k Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30086 (Windows Win32 Kernel Subsystem Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30085 (Windows Cloud Files Mini Filter Driver Elevation of Privilege
Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30084 (Windows Kernel-Mode Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30083 (Windows Standards-Based Storage Management Service Denial of
Service V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30082 (Win32k Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30080 (Microsoft Message Queuing (MSMQ) Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30078 (Windows Wi-Fi Driver Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30077 (Windows OLE Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30076 (Windows Container Manager Service Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30075 (Windows Link Layer Topology Discovery Protocol Remote Code
Execution V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30074 (Windows Link Layer Topology Discovery Protocol Remote Code
Execution V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30072 (Microsoft Event Trace Log File Parsing Remote Code Execution
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30070 (DHCP Server Service Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30069 (Windows Remote Access Connection Manager Information
Disclosure Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30068 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30067 (Winlogon Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30066 (Winlogon Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30065 (Windows Themes Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30064 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30063 (Windows Distributed File System (DFS) Remote Code Execution
Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30062 (Windows Standards-Based Storage Management Service Remote Code
Executi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30052 (Visual Studio Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-2462 (Allow attackers to intercept or falsify data exchanges between
the cli ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-2461 (If exploited an attacker could traverse the file system to
access fil ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-2013 (An authentication bypass vulnerability exists in the
FOXMAN-UN/UNEM se ...)
TODO: check
CVE-2024-2012 (vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway
that i ...)
@@ -237,37 +237,37 @@ CVE-2024-2012 (vulnerability exists in the FOXMAN-UN/UNEM
server / API Gateway t
CVE-2024-2011 (A heap-based buffer overflow vulnerability exists in the
FOXMAN-UN/UNE ...)
TODO: check
CVE-2024-29060 (Visual Studio Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-28024 (A vulnerability exists in the FOXMAN-UN/UNEM in which
sensitive inform ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-28023 (A vulnerability exists in the message queueing mechanism that
if expl ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-28022 (A vulnerability exists in the FOXMAN-UN/UNEM server /
APIGateway that ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-28021 (A vulnerability exists in the FOXMAN-UN/UNEM server that
affects the m ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-28020 (A user/password reuse vulnerability exists in the
FOXMAN-UN/UNEM appli ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-26330 (An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on
Windows. ...)
- TODO: check
+ NOT-FOR-US: Kape CyberGhostVPN
CVE-2024-26010 (A stack-based buffer overflow in Fortinet FortiPAM version
1.2.0, 1.1. ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-24704 (Missing Authorization vulnerability in AddonMaster Load More
Anything. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24703 (Missing Authorization vulnerability in MultiVendorX WC
Marketplace.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23521 (Missing Authorization vulnerability in Happyforms.This issue
affects H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23518 (Missing Authorization vulnerability in Navneil Naicker ACF
Photo Galle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23503 (Missing Authorization vulnerability in WPManageNinja LLC Ninja
Tables. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23111 (A use of password hash with insufficient computational effort
vulnerab ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-23110 (A stack-based buffer overflow in Fortinet FortiOS version
7.4.0 throug ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-21754 (A use of password hash with insufficient computational effort
vulnerab ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-52233 (Missing Authorization vulnerability in Post SMTP Post SMTP
Mailer/Emai ...)
TODO: check
CVE-2023-52227 (Missing Authorization vulnerability in MailerLite MailerLite
\u2013 Wo ...)
@@ -683,7 +683,7 @@ CVE-2024-22296 (Missing Authorization vulnerability in Code
for Recovery 12 Step
CVE-2024-22279 (Improper handling of requests in Routing Release > v0.273.0
and <= v0. ...)
NOT-FOR-US: Cloud Foundry
CVE-2024-21751 (Missing Authorization vulnerability in RabbitLoader.This issue
affects ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1228 (Use of hard-coded password to the patients' database allows an
attacke ...)
NOT-FOR-US: Eurosoft Przychodnia
CVE-2023-40389 (The issue was addressed with improved restriction of data
container ac ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9ae7c04b781a3f86d3eccc9ab454be2e6712907
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9ae7c04b781a3f86d3eccc9ab454be2e6712907
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
