Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
de3a0804 by Salvatore Bonaccorso at 2024-08-26T22:28:10+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,69 +1,69 @@
CVE-2024-8188
REJECTED
CVE-2024-8174 (A vulnerability has been found in code-projects Blood Bank
System 1.0 ...)
- TODO: check
+ NOT-FOR-US: code-projects Blood Bank System
CVE-2024-8173 (A vulnerability, which was classified as critical, was found in
code-p ...)
- TODO: check
+ NOT-FOR-US: code-projects Blood Bank System
CVE-2024-8172 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: SourceCodester QR Code Attendance System
CVE-2024-8171 (A vulnerability classified as critical was found in
itsourcecode Tailo ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-8170 (A vulnerability classified as problematic has been found in
SourceCode ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Zipped Folder Manager App
CVE-2024-8169 (A vulnerability was found in code-projects Online Quiz Site
1.0. It ha ...)
- TODO: check
+ NOT-FOR-US: code-projects Online Quiz Site
CVE-2024-8168 (A vulnerability was found in code-projects Online Bus
Reservation Site ...)
- TODO: check
+ NOT-FOR-US: code-projects Online Bus Reservation Site
CVE-2024-8167 (A vulnerability was found in code-projects Job Portal 1.0. It
has been ...)
- TODO: check
+ NOT-FOR-US: code-projects Job Portal
CVE-2024-8166 (A vulnerability has been found in Ruijie EG2000K 11.1(6)B2 and
classif ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2024-8165 (A vulnerability, which was classified as problematic, was found
in Che ...)
- TODO: check
+ NOT-FOR-US: Chengdu Everbrite Network Technology BeikeShop
CVE-2024-8164 (A vulnerability, which was classified as critical, has been
found in C ...)
- TODO: check
+ NOT-FOR-US: Chengdu Everbrite Network Technology BeikeShop
CVE-2024-8163 (A vulnerability classified as critical was found in Chengdu
Everbrite ...)
- TODO: check
+ NOT-FOR-US: Chengdu Everbrite Network Technology BeikeShop
CVE-2024-8162 (A vulnerability classified as critical has been found in
TOTOLINK T10 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-8161 (SQL injection vulnerability in ATISolutions CIGES affecting
versions l ...)
- TODO: check
+ NOT-FOR-US: ATISolutions CIGES
CVE-2024-8158 (A bug in the 9p authentication implementation within lib9p
allows an a ...)
TODO: check
CVE-2024-8155 (A vulnerability classified as critical was found in ContiNew
Admin 3.2 ...)
- TODO: check
+ NOT-FOR-US: ContiNew Admin
CVE-2024-8154 (A vulnerability classified as problematic has been found in
SourceCode ...)
- TODO: check
+ NOT-FOR-US: SourceCodester QR Code Bookmark System
CVE-2024-8153 (A vulnerability was found in SourceCodester QR Code Bookmark
System 1. ...)
- TODO: check
+ NOT-FOR-US: SourceCodester QR Code Bookmark System
CVE-2024-8152 (A vulnerability was found in SourceCodester QR Code Bookmark
System 1. ...)
- TODO: check
+ NOT-FOR-US: SourceCodester QR Code Bookmark System
CVE-2024-8151 (A vulnerability was found in SourceCodester Interactive Map
with Marke ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Interactive Map with Marker
CVE-2024-8150 (A vulnerability was found in ContiNew Admin 3.2.0 and
classified as cr ...)
- TODO: check
+ NOT-FOR-US: ContiNew Admin
CVE-2024-8105 (A vulnerability related to the use an insecure Platform Key
(PK) has b ...)
TODO: check
CVE-2024-8073 (Improper Input Validation vulnerability in Hillstone Networks
Hillston ...)
- TODO: check
+ NOT-FOR-US: Hillstone
CVE-2024-7988 (A remote code execution vulnerability exists in the Rockwell
Automatio ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-7987 (A remote code execution vulnerability exists in the Rockwell
Automatio ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-7401 (Netskope was notified about a security gap in Netskope Client
enrollme ...)
TODO: check
CVE-2024-7313 (The Shield Security WordPress plugin before 20.0.6 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6879 (The Quiz and Survey Master (QSM) WordPress plugin before 9.1.1
fails ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-45265 (A SQL injection vulnerability in the poll component in
SkySystem Arfa- ...)
- TODO: check
+ NOT-FOR-US: SkySystem Arfa-CMS
CVE-2024-45258 (The req package before 3.43.4 for Go may send an unintended
request wh ...)
TODO: check
CVE-2024-45256 (An arbitrary file write issue in the exfiltration endpoint in
BYOB (Bu ...)
TODO: check
CVE-2024-45241 (A traversal vulnerability in GeneralDocs.aspx in CentralSquare
CryWolf ...)
- TODO: check
+ NOT-FOR-US: CentralSquare CryWolf (False Alarm Management)
CVE-2024-44797 (A cross-site scripting (XSS) vulnerability in the component
/managers/ ...)
TODO: check
CVE-2024-44796 (A cross-site scripting (XSS) vulnerability in the component
/auth/Azur ...)
@@ -75,31 +75,31 @@ CVE-2024-44794 (A cross-site scripting (XSS) vulnerability
in the component /mas
CVE-2024-44793 (A cross-site scripting (XSS) vulnerability in the component
/managers/ ...)
TODO: check
CVE-2024-44565 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
serverName par ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44563 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
iptv.stb.port ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44558 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
adv.iptv.stbpv ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44557 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
iptv.stb.mode ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44556 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
adv.iptv.stbal ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44555 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
iptv.city.vlan ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44553 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
iptv.stb.mode ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44552 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
adv.iptv.stbal ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44551 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
iptv.city.vlan ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44550 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
adv.iptv.stbpv ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44549 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the
iptv.stb.port ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-43967 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43966 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43806 (Rustix is a set of safe Rust bindings to POSIX-ish APIs. When
using `r ...)
TODO: check
CVE-2024-43802 (Vim is an improved version of the unix vi text editor. When
flushing t ...)
@@ -111,13 +111,13 @@ CVE-2024-43443 (Improper Neutralization of Input done by
an attacker with admin
CVE-2024-43442 (Improper Neutralization of Input done by an attacker with
admin privil ...)
TODO: check
CVE-2024-43319 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43289 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43283 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-42913 (RuoYi CMS v4.7.9 was discovered to contain a SQL injection
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: RuoYi CMS
CVE-2024-42906 (TestLink before v.1.9.20 is vulnerable to Cross Site Scripting
(XSS) v ...)
TODO: check
CVE-2024-42818 (A cross-site scripting (XSS) vulnerability in the
Config-Create functi ...)
@@ -125,25 +125,25 @@ CVE-2024-42818 (A cross-site scripting (XSS)
vulnerability in the Config-Create
CVE-2024-42816 (A cross-site scripting (XSS) vulnerability in the Create
Product funct ...)
TODO: check
CVE-2024-42792 (A Cross-Site Request Forgery (CSRF) vulnerability was found in
Kashipa ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42791 (A Cross-Site Request Forgery (CSRF) vulnerability was found in
Kashipa ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42790 (A Reflected Cross Site Scripting (XSS) vulnerability was found
in "/mu ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42789 (A Reflected Cross Site Scripting (XSS) vulnerability was found
in "/mu ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42788 (A Stored Cross Site Scripting (XSS) vulnerability was found in
"/music ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42787 (A Stored Cross Site Scripting (XSS) vulnerability was found in
"/music ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-41996 (Validating the order of the public keys in the Diffie-Hellman
Key Agre ...)
TODO: check
CVE-2024-41879 (Acrobat Reader versions 127.0.2651.105 and earlier are
affected by an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41444 (SeaCMS v12.9 has a SQL injection vulnerability in the key
parameter of ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-41285 (A stack overflow in FAST FW300R v1.3.13 Build 141023
Rel.61347n allows ...)
- TODO: check
+ NOT-FOR-US: FAST FW300R
CVE-2024-39097 (There is an Open Redirect vulnerability in Gnuboard v6.0.4 and
below v ...)
TODO: check
CVE-2024-38859 (XSS in the view page with the SLA column configured in Checkmk
version ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de3a08049a0dbe7fb7bb16b9de5841b388cc1fbf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de3a08049a0dbe7fb7bb16b9de5841b388cc1fbf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
