Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
353756f4 by Salvatore Bonaccorso at 2024-08-19T22:21:41+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,101 +1,101 @@
CVE-2024-7958
REJECTED
CVE-2024-7927 (A vulnerability classified as critical was found in ZZCMS 2023.
Affect ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-7926 (A vulnerability classified as critical has been found in ZZCMS
2023. A ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-7925 (A vulnerability was found in ZZCMS 2023. It has been rated as
problema ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-7924 (A vulnerability was found in ZZCMS 2023. It has been declared
as criti ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-7922 (A vulnerability was found in D-Link DNS-120, DNR-202L,
DNS-315L, DNS-3 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-7592 (There is a LOW severity vulnerability affecting CPython,
specifically ...)
TODO: check
CVE-2024-6348 (Predictable seed generation in the security access mechanism of
UDS in ...)
- TODO: check
+ NOT-FOR-US: Nissan
CVE-2024-43401 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2024-43400 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2024-43399 (Mobile Security Framework (MobSF) is a pen-testing, malware
analysis a ...)
TODO: check
CVE-2024-43380 (fugit contains time tools for flor and the floraison group.
The fugit ...)
TODO: check
CVE-2024-43379 (TruffleHog is a secrets scanning tool. Prior to v3.81.9, this
vulnerab ...)
- TODO: check
+ NOT-FOR-US: TruffleHog
CVE-2024-43372
REJECTED
CVE-2024-43354 (Deserialization of Untrusted Data vulnerability in myCred
allows Objec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43345 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43328 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43326 (Missing Authorization vulnerability in Jamie Bergen Plugin
Notes Plus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43317 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43311 (Improper Privilege Management vulnerability in Geek Code Lab
Login As ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43281 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43280 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43272 (Missing Authentication for Critical Function vulnerability in
icegram ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43271 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43261 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43256 (Missing Authorization vulnerability in nouthemes Leopard -
WordPress o ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43252 (Deserialization of Untrusted Data vulnerability in Crew HRM
allows Obj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43250 (Incorrect Authorization vulnerability in Bit Apps Bit Form Pro
bitform ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43249 (Unrestricted Upload of File with Dangerous Type vulnerability
in Bit A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43248 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43247 (Missing Authorization vulnerability in creativeon WHMpress
allows Acce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43245 (Improper Privilege Management vulnerability in eyecix
JobSearch allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43242 (Deserialization of Untrusted Data vulnerability in azzaroco
Ultimate M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43240 (Improper Privilege Management vulnerability in azzaroco
Ultimate Membe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43236 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43232 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43221 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-42815 (In the TP-Link RE365 V1_180213, there is a buffer overflow
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-42813 (In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2024-42812 (In D-Link DIR-860L v2.03, there is a buffer overflow
vulnerability due ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-42675
REJECTED
CVE-2024-42658 (An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0
allows a ...)
- TODO: check
+ NOT-FOR-US: wishnet Nepstech Wifi Router NTPL-XPON1GFEVN
CVE-2024-42657 (An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0
allows a ...)
- TODO: check
+ NOT-FOR-US: wishnet Nepstech Wifi Router NTPL-XPON1GFEVN
CVE-2024-42633 (A Command Injection vulnerability exists in the
do_upgrade_post functi ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-39306
REJECTED
CVE-2024-37099 (Deserialization of Untrusted Data vulnerability in Liquid Web
GiveWP a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32928 (The libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a
subset of ...)
TODO: check
CVE-2024-32927 (In sendDeviceState_1_6 of RadioExt.cpp, there is a possible
use after ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-23729 (The ColorOS Internet Browser com.heytap.browser application
45.10.3.4. ...)
- TODO: check
+ NOT-FOR-US: ColorOS Internet Browser com.heytap.browser application
CVE-2024-7921 (A vulnerability has been found in Anhui Deshun Intelligent
Technology ...)
NOT-FOR-US: Anhui Deshun Intelligent Technology Jieshun JieLink+
JSOTC2016
CVE-2024-7920 (A vulnerability, which was classified as problematic, was found
in Anh ...)
@@ -121,9 +121,9 @@ CVE-2024-6330 (The GEO my WP WordPress plugin before
4.5.0.2 does not prevent un
CVE-2024-44083 (ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there
is a sect ...)
NOT-FOR-US: Hex-Rays IDA Pro
CVE-2024-44076 (In Microcks before 1.10.0, the POST /api/import and POST
/api/export e ...)
- TODO: check
+ NOT-FOR-US: Microcks
CVE-2024-44073 (The Miniscript (aka rust-miniscript) library before 12.2.0 for
Rust al ...)
- TODO: check
+ NOT-FOR-US: Miniscript (aka rust-miniscript)
CVE-2024-44070 (An issue was discovered in FRRouting (FRR) through 10.1.
bgp_attr_enca ...)
TODO: check
CVE-2024-44069 (Pi-hole before 6 allows unauthenticated
admin/api.php?setTempUnit= cal ...)
@@ -181,7 +181,7 @@ CVE-2024-43145 (Improper Neutralization of Special Elements
used in an SQL Comma
CVE-2024-35686 (Missing Authorization vulnerability in Automattic Sensei LMS,
Automatt ...)
NOT-FOR-US: WordPress plugin
CVE-2024-25582 (Module savepoints could be abused to inject references to
malicious co ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2024-7911 (A vulnerability was found in SourceCodester Simple Online
Bidding Syst ...)
NOT-FOR-US: SourceCodester
CVE-2024-7910 (A vulnerability was found in CodeAstro Online Railway
Reservation Syst ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/353756f4c60f4351ffcd9d00fff6daf50fed6da9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/353756f4c60f4351ffcd9d00fff6daf50fed6da9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
