Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
00feda56 by Salvatore Bonaccorso at 2024-08-15T22:40:27+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,113 +3,113 @@ CVE-2024-7867 (In Xpdf 4.05 (and earlier), very large
coordinates in a page box
CVE-2024-7866 (In Xpdf 4.05 (and earlier), a PDF object loop in a pattern
resource le ...)
TODO: check
CVE-2024-7838 (A vulnerability was found in itsourcecode Online Food Ordering
System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Online Food Ordering System
CVE-2024-7833 (A vulnerability was found in D-Link DI-8100 16.07. It has been
classif ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-7832 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in
D-Link DN ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-7831 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found
in D-Li ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-7830 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was
classified ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-7829 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was
classified ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-7828 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as
critical ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-7263 (Improper path validation in promecefpluginhost.exe in Kingsoft
WPS Off ...)
- TODO: check
+ NOT-FOR-US: Kingsoft WPS Office
CVE-2024-7262 (Improper path validation in promecefpluginhost.exe in Kingsoft
WPS Off ...)
- TODO: check
+ NOT-FOR-US: Kingsoft WPS Office
CVE-2024-6347 (* Unprotected privileged mode access through UDS session in
the Blind ...)
TODO: check
CVE-2024-43373 (webcrack is a tool for reverse engineering javascript. An
arbitrary fi ...)
- TODO: check
+ NOT-FOR-US: webcrack
CVE-2024-43357 (ECMA-262 is the language specification for the scripting
language ECMA ...)
TODO: check
CVE-2024-42987 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42986 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42985 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42984 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42983 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42982 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42981 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42980 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42979 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42978 (An issue in the handler function in /goform/telnet of Tenda
FH1206 v02 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42977 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42976 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42974 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42973 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42969 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42968 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42967 (Incorrect access control in TOTOLINK LR350
V9.3.5u.6369_B20220309 allo ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-42966 (Incorrect access control in TOTOLINK N350RT
V9.3.5u.6139_B20201216 all ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-42955 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42954 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42953 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42952 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42951 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42950 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42949 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42948 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42947 (An issue in the handler function in /goform/telnet of Tenda
FH1201 v1. ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42946 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42945 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42944 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42943 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42942 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42941 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42940 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack
overflo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-42843 (Projectworlds Online Examination System v1.0 is vulnerable to
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Projectworlds Online Examination System
CVE-2024-42757 (Command injection vulnerability in Asus RT-N15U
3.0.0.4.376_3754 allow ...)
- TODO: check
+ NOT-FOR-US: Asus
CVE-2024-42681 (Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a
remote ...)
- TODO: check
+ NOT-FOR-US: XXL-Job
CVE-2024-42680 (An issue in Super easy enterprise management system v.1.0.0
and before ...)
- TODO: check
+ NOT-FOR-US: Super easy enterprise management system
CVE-2024-42679 (SQL Injection vulnerability in Super easy enterprise
management system ...)
- TODO: check
+ NOT-FOR-US: Super easy enterprise management system
CVE-2024-42678 (Cross Site Scripting vulnerability in Super easy enterprise
management ...)
- TODO: check
+ NOT-FOR-US: Super easy enterprise management system
CVE-2024-42677 (An issue in Huizhi enterprise resource management system v.1.0
and bef ...)
- TODO: check
+ NOT-FOR-US: Huizhi enterprise resource management system
CVE-2024-42676 (File Upload vulnerability in Huizhi enterprise resource
management sys ...)
- TODO: check
+ NOT-FOR-US: Huizhi enterprise resource management system
CVE-2024-42476 (In the OAuth library for nim prior to version 0.11, the
Authorization ...)
TODO: check
CVE-2024-42475 (In the OAuth library for nim prior to version 0.11, the
`state` values ...)
@@ -195,9 +195,9 @@ CVE-2024-6534 (Directus v10.13.0 allows an authenticated
external attacker to mo
CVE-2024-6533 (Directus v10.13.0 allows an authenticated external attacker to
execute ...)
NOT-FOR-US: Directus
CVE-2024-43368 (The Trix editor, versions prior to 2.1.4, is vulnerable to XSS
when pa ...)
- TODO: check
+ NOT-FOR-US: Trix editor
CVE-2024-43275 (Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts
Insert P ...)
- TODO: check
+ NOT-FOR-US: Xyzscripts Insert PHP Code Snippet
CVE-2024-42353 (WebOb provides objects for HTTP requests and responses. When
WebOb nor ...)
TODO: check
CVE-2024-25024 (IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM
Cloud Pa ...)
@@ -664,7 +664,7 @@ CVE-2024-7567 (A denial-of-service vulnerability exists via
the CIP/Modbus port
CVE-2024-7113 (If exploited, this vulnerability could cause a SuiteLink server
to con ...)
NOT-FOR-US: SuiteLink server
CVE-2024-6788 (A remote unauthenticated attacker can use the firmware update
feature ...)
- TODO: check
+ NOT-FOR-US: PHOENIX CONTACT
CVE-2024-6619 (In Ocean Data Systems Dream Report, an incorrect permission
vulnerabil ...)
NOT-FOR-US: Ocean Data Systems Dream Report
CVE-2024-6618 (In Ocean Data Systems Dream Report, a path traversal
vulnerability cou ...)
@@ -674,7 +674,7 @@ CVE-2024-6384 ("Hot" backup files may be downloaded by
underprivileged users, if
CVE-2024-6079 (A vulnerability exists in the Rockwell Automation
Emulate3D\u2122,whic ...)
NOT-FOR-US: Rockwell Automation
CVE-2024-5849 (An unauthenticated remote attacker may use a reflected XSS
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Pepperl+Fuchs SE
CVE-2024-43165 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
NOT-FOR-US: WordPress plugin
CVE-2024-43160 (Unrestricted Upload of File with Dangerous Type vulnerability
in BerqW ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00feda5649eca3d36ad0e8f7b6275ea6778d5dc8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00feda5649eca3d36ad0e8f7b6275ea6778d5dc8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
