Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
83cb1b96 by Salvatore Bonaccorso at 2024-07-09T23:00:39+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -177,465 +177,465 @@ CVE-2024-39063 (Lime Survey <= 6.5.12 is vulnerable to
Cross Site Request Forger
CVE-2024-38972 (A cross-site scripting (XSS) vulnerability in netbox v4.0.3
allows att ...)
- netbox <itp> (bug #1017079)
CVE-2024-38971 (vaeThink 1.0.2 is vulnerable to stored Cross Site Scripting
(XSS) in t ...)
- TODO: check
+ NOT-FOR-US: vaeThink
CVE-2024-38970 (vaeThink 1.0.2 is vulnerable to Information Disclosure via the
system ...)
- TODO: check
+ NOT-FOR-US: vaeThink
CVE-2024-38867 (A vulnerability has been identified in SIPROTEC 5 6MD84
(CP300) (All v ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-38517 (Tencent RapidJSON is vulnerable to privilege escalation due to
an inte ...)
TODO: check
CVE-2024-38363 (Airbyte is a data integration platform for ELT pipelines.
Airbyte conn ...)
TODO: check
CVE-2024-38278 (A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X
(All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-38112 (Windows MSHTML Platform Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38105 (Windows Layer-2 Bridge Network Driver Denial of Service
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38104 (Windows Fax Service Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38102 (Windows Layer-2 Bridge Network Driver Denial of Service
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38101 (Windows Layer-2 Bridge Network Driver Denial of Service
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38100 (Windows File Explorer Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38099 (Windows Remote Desktop Licensing Service Denial of Service
Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38095 (.NET and Visual Studio Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38094 (Microsoft SharePoint Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38092 (Azure CycleCloud Elevation of Privilege Vulnerability)
TODO: check
CVE-2024-38091 (Microsoft WS-Discovery Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38089 (Microsoft Defender for IoT Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38088 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38087 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38086 (Azure Kinect SDK Remote Code Execution Vulnerability)
TODO: check
CVE-2024-38085 (Windows Graphics Component Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38081 (.NET, .NET Framework, and Visual Studio Elevation of Privilege
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38080 (Windows Hyper-V Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38079 (Windows Graphics Component Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38078 (Xbox Wireless Adapter Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38077 (Windows Remote Desktop Licensing Service Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38076 (Windows Remote Desktop Licensing Service Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38074 (Windows Remote Desktop Licensing Service Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38073 (Windows Remote Desktop Licensing Service Denial of Service
Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38072 (Windows Remote Desktop Licensing Service Denial of Service
Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38071 (Windows Remote Desktop Licensing Service Denial of Service
Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38070 (Windows LockDown Policy (WLDP) Security Feature Bypass
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38069 (Windows Enroll Engine Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38068 (Windows Online Certificate Status Protocol (OCSP) Server
Denial of Ser ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38067 (Windows Online Certificate Status Protocol (OCSP) Server
Denial of Ser ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38066 (Windows Win32k Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38065 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38064 (Windows TCP/IP Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38062 (Windows Kernel-Mode Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38061 (DCOM Remote Cross-Session Activation Elevation of Privilege
Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38060 (Windows Imaging Component Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38059 (Win32k Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38058 (BitLocker Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38057 (Kernel Streaming WOW Thunk Service Driver Elevation of
Privilege Vulne ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38056 (Microsoft Windows Codecs Library Information Disclosure
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38055 (Microsoft Windows Codecs Library Information Disclosure
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38054 (Kernel Streaming WOW Thunk Service Driver Elevation of
Privilege Vulne ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38053 (Windows Layer-2 Bridge Network Driver Remote Code Execution
Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38052 (Kernel Streaming WOW Thunk Service Driver Elevation of
Privilege Vulne ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38051 (Windows Graphics Component Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38050 (Windows Workstation Service Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38049 (Windows Distributed Transaction Coordinator Remote Code
Execution Vuln ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38048 (Windows Network Driver Interface Specification (NDIS) Denial
of Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38047 (PowerShell Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38044 (DHCP Server Service Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38043 (PowerShell Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38041 (Windows Kernel Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38034 (Windows Filtering Platform Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38033 (PowerShell Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38032 (Microsoft Xbox Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38031 (Windows Online Certificate Status Protocol (OCSP) Server
Denial of Ser ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38030 (Windows Themes Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38028 (Microsoft Windows Performance Data Helper Library Remote Code
Executio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38027 (Windows Line Printer Daemon Service Denial of Service
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38025 (Microsoft Windows Performance Data Helper Library Remote Code
Executio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38024 (Microsoft SharePoint Server Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38023 (Microsoft SharePoint Server Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38022 (Windows Image Acquisition Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38021 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38020 (Microsoft Outlook Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38019 (Microsoft Windows Performance Data Helper Library Remote Code
Executio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38017 (Microsoft Message Queuing Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38015 (Windows Remote Desktop Gateway (RD Gateway) Denial of Service
Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38013 (Microsoft Windows Server Backup Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38011 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38010 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37997 (A vulnerability has been identified in JT Open (All versions <
V11.5), ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-37996 (A vulnerability has been identified in JT Open (All versions <
V11.5), ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-37989 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37988 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37987 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37986 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37984 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37981 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37978 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37977 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37975 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37974 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37973 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37972 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37971 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37970 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37969 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37952 (Improper Privilege Management vulnerability in themeenergy
BookYourTra ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37934 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37873 (SQL injection vulnerability in view_payslip.php in
Itsourcecode Payrol ...)
- TODO: check
+ NOT-FOR-US: Itsourcecode Payroll Management System Project In PHP With
Source Code
CVE-2024-37872 (SQL injection vulnerability in process.php in Itsourcecode
Billing Sys ...)
- TODO: check
+ NOT-FOR-US: Itsourcecode Billing System in PHP
CVE-2024-37871 (SQL injection vulnerability in login.php in Itsourcecode
Online Discus ...)
- TODO: check
+ NOT-FOR-US: Itsourcecode Online Discussion Forum Project in PHP with
Source Code
CVE-2024-37870 (SQL injection vulnerability in processscore.php in Learning
Management ...)
- TODO: check
+ NOT-FOR-US: Learning Management System Project In PHP With Source Code
CVE-2024-37830 (An issue in Outline <= v0.76.1 allows attackers to redirect a
victim u ...)
TODO: check
CVE-2024-37520 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37513 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37502 (Deserialization of Untrusted Data vulnerability in wpweb
WooCommerce S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37501 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37499 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37497 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37494 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37486 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37484 (Improper Privilege Management vulnerability in Dylan James
Zephyr Proj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37464 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37462 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37455 (Improper Privilege Management vulnerability in Brainstorm
Force Ultima ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37454 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37442 (Improper Neutralization of Special Elements in Output Used by
a Downst ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37437 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37430 (Authentication Bypass by Spoofing vulnerability in Patreon
Patreon Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37424 (Unrestricted Upload of File with Dangerous Type vulnerability
in Autom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37420 (Unrestricted Upload of File with Dangerous Type vulnerability
in WPZit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37419 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37418 (Unrestricted Upload of File with Dangerous Type vulnerability
in Andy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37410 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37336 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37334 (Microsoft OLE DB Driver for SQL Server Remote Code Execution
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37333 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37332 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37331 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37330 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37329 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37328 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37327 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37326 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37324 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37323 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37322 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37321 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37320 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37319 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37318 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37268 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37266 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37256 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37253 (Improper Neutralization of Special Elements in Output Used by
a Downst ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37225 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37224 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37112 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37090 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-36526 (ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a
hardcoded c ...)
- TODO: check
+ NOT-FOR-US: ZKTeco ZKBio CVSecurity
CVE-2024-35777 (Improper Neutralization of Special Elements in Output Used by
a Downst ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35272 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35271 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35270 (Windows iSCSI Service Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35267 (Azure DevOps Server Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35266 (Azure DevOps Server Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35264 (.NET and Visual Studio Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35261 (Azure Network Watcher VM Extension Elevation of Privilege
Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35256 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-34140 (Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34139 (Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected
by an In ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34123 (Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected
by an Un ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-33654 (A vulnerability has been identified in Simcenter Femap (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-33653 (A vulnerability has been identified in Simcenter Femap (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-33509 (An improper certificate validation vulnerability [CWE-295] in
FortiWeb ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-32987 (Microsoft SharePoint Server Information Disclosure
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-32056 (A vulnerability has been identified in Simcenter Femap (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-31957 (A vulnerability was discovered in Samsung Mobile Processors
Exynos 220 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-30321 (A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All
version ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-30105 (.NET Core and Visual Studio Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30098 (Windows Cryptographic Services Security Feature Bypass
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30081 (Windows NTLM Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30079 (Windows Remote Access Connection Manager Elevation of
Privilege Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30071 (Windows Remote Access Connection Manager Information
Disclosure Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30061 (Microsoft Dynamics 365 (On-Premises) Information Disclosure
Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30013 (Windows MultiPoint Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-2177 (A Cross Window Forgery vulnerability exists within GitLab CE/EE
affect ...)
TODO: check
CVE-2024-29153 (A vulnerability was discovered in Samsung Mobile Processor,
Wearable P ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-28928 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-28899 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-28068 (A vulnerability was discovered in SS in Samsung Mobile
Processor, Wear ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-28067 (A vulnerability in Samsung Exynos Modem 5300 allows a
Man-in-the-Middl ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27785 (An improper neutralization of formula elements in a CSV File
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-27784 (Multiple Exposure of sensitive information to an unauthorized
actor vu ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-27783 (Multiple cross-site request forgery (CSRF) vulnerabilities
[CWE-352] ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-27782 (Multiple insufficient session expiration vulnerabilities
[CWE-613] in ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-27363 (A vulnerability was discovered in Samsung Mobile Processor
Exynos 850, ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27362 (A vulnerability was discovered in Samsung Mobile Processors
Exynos 128 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27361 (A vulnerability was discovered in Samsung Mobile Processor
Exynos 980, ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27360 (A vulnerability was discovered in Samsung Mobile Processors
Exynos 850 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27183 (XSS vulnerability in DJ-HelpfulArticles component for Joomla.)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2024-26279 (Inadequate content filtering leads to XSS vulnerabilities in
various c ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2024-26278 (The Custom Fields component not correctly filter inputs,
leading to a ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2024-26184 (Secure Boot Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-26015 (An incorrect parsing of numbers with different radices
vulnerability [ ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-23663 (An improper access control in Fortinet FortiExtender 4.1.1 -
4.1.9, 4. ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-22271 (In Spring Cloud Function framework, versions 4.1.x prior to
4.1.2, 4.0 ...)
TODO: check
CVE-2024-21759 (An authorization bypass through user-controlled key in
Fortinet FortiP ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-21731 (Improper handling of input could lead to an XSS vector in the
StringHe ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2024-21730 (The fancyselect list field layout does not correctly escape
inputs, le ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2024-21729 (Inadequate input validation leads to XSS vulnerabilities in
the access ...)
- TODO: check
+ NOT-FOR-US: Joomla extension
CVE-2024-21449 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21428 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21425 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21415 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21414 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21398 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21373 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21335 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21333 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21332 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21331 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21317 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21308 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-21303 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-20785 (InDesign Desktop versions ID19.3, ID18.5.2 and earlier are
affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-20783 (InDesign Desktop versions ID19.3, ID18.5.2 and earlier are
affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-20782 (InDesign Desktop versions ID19.3, ID18.5.2 and earlier are
affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-20781 (InDesign Desktop versions ID19.3, ID18.5.2 and earlier are
affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-20701 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-52891 (A vulnerability has been identified in SIMATIC Energy Manager
Basic (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-52238 (A vulnerability has been identified in RUGGEDCOM RST2228 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-52237 (A vulnerability has been identified in RUGGEDCOM i800,
RUGGEDCOM i800N ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-50807 (A vulnerability was discovered in Samsung Wearable Processor
and Modem ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-50806 (A vulnerability was discovered in Samsung Mobile Processor,
Wearable P ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-50805 (A vulnerability was discovered in Samsung Mobile Processor,
Wearable P ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-50181 (An improper access control vulnerability [CWE-284] in Fortinet
FortiAD ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-50179 (An improper certificate validation vulnerability [CWE-295] in
FortiADC ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-50178 (An improper certificate validation vulnerability [CWE-295] in
FortiADC ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-48194 (Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and
the last ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-40702 (PingOne MFA Integration Kit contains a vulnerability where the
skipMFA ...)
- TODO: check
+ NOT-FOR-US: PingOne MFA Integration Kit
CVE-2023-40356 (PingOne MFA Integration Kit contains a vulnerability related
to the Pr ...)
- TODO: check
+ NOT-FOR-US: PingOne MFA Integration Kit
CVE-2023-3290 (A BOLA vulnerability in POST /customers allows a low privileged
user t ...)
TODO: check
CVE-2023-3289 (A BOLA vulnerability in POST /services allows a low privileged
user to ...)
@@ -667,9 +667,9 @@ CVE-2023-38048 (A BOLA vulnerability in GET, PUT, DELETE
/providers/{providerId}
CVE-2023-38047 (A BOLA vulnerability in GET, PUT, DELETE
/categories/{categoryId} allo ...)
TODO: check
CVE-2023-32737 (A vulnerability has been identified in SIMATIC STEP 7 Safety
V18 (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-32735 (A vulnerability has been identified in SIMATIC STEP 7 Safety
V16 (All ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-6615 (Memory safety bugs present in Firefox 127. Some of these bugs
showed e ...)
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6615
@@ -128820,7 +128820,7 @@ CVE-2022-45149 (A vulnerability was found in Moodle
which exists due to insuffic
CVE-2022-45148
REJECTED
CVE-2022-45147 (A vulnerability has been identified in SIMATIC PCS neo V4.0
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-3959 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: Drogon
CVE-2022-3958 (Cross-site Scripting (XSS) vulnerability in
BlueSpiceUserSidebar exten ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83cb1b9671e5645a271a30ee63c09b354599a71b
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83cb1b9671e5645a271a30ee63c09b354599a71b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
