Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e04f0045 by Moritz Muehlenhoff at 2024-09-11T12:36:48+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -129,11 +129,11 @@ CVE-2024-8232 (SpiderControl SCADA Web Server has a
vulnerability that could all
CVE-2024-7770 (The Bit File Manager \u2013 100% Free & Open Source File
Manager and C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7699 (An low privileged remote attacker can execute OS commands with
root pr ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-7698 (A low privileged remote attacker canget access to CSRF tokens
of highe ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-6876 (Out-of-Bounds read vulnerability in OSCAT Basic Library allows
an loca ...)
- TODO: check
+ NOT-FOR-US: OSCAT
CVE-2024-6282 (The Master Addons \u2013 Free Widgets, Hover Effects, Toggle,
Conditio ...)
NOT-FOR-US: WordPress plugin
CVE-2024-45845 (nix 2.24 through 2.24.5 allows directory traversal via a
symlink in a ...)
@@ -141,7 +141,7 @@ CVE-2024-45845 (nix 2.24 through 2.24.5 allows directory
traversal via a symlink
CVE-2024-45596 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
NOT-FOR-US: Directus
CVE-2024-45595 (D-Tale is a visualizer for Pandas data structures. Users
hosting D-Tal ...)
- TODO: check
+ NOT-FOR-US: D-Tale
CVE-2024-45593 (Nix is a package manager for Linux and other Unix systems. A
bug in Ni ...)
TODO: check
CVE-2024-45592 (auditor-bundle, formerly known as DoctrineAuditBundle,
integrates audi ...)
@@ -238,23 +238,23 @@ CVE-2024-43455 (Windows Remote Desktop Licensing Service
Spoofing Vulnerability)
CVE-2024-43454 (Windows Remote Desktop Licensing Service Remote Code Execution
Vulnera ...)
NOT-FOR-US: Microsoft
CVE-2024-43393 (A low privileged remote attacker can perform configuration
changes of ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-43392 (A low privileged remote attacker can perform configuration
changes of ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-43391 (A low privileged remote attacker can perform configuration
changes of ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-43390 (A low privileged remote attacker can perform configuration
changes of ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-43389 (A low privileged remote attacker can perform configuration
changes of ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-43388 (A low privileged remote attacker with write permissions can
reconfigur ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-43387 (A low privileged remote attacker can read and write files as
root due ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-43386 (A low privileged remote attacker can trigger the execution of
arbitrar ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-43385 (A low privileged remote attacker can trigger theexecution of
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Phoenix
CVE-2024-43040 (Renwoxing Enterprise Intelligent Management System before v3.0
was dis ...)
NOT-FOR-US: Renwoxing Enterprise Intelligent Management System
CVE-2024-42425 (Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2,
contains ...)
@@ -310,15 +310,15 @@ CVE-2024-38247 (Windows Graphics Component Elevation of
Privilege Vulnerability)
CVE-2024-38246 (Win32k Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-38245 (Kernel Streaming Service Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38244 (Kernel Streaming Service Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38243 (Kernel Streaming Service Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38242 (Kernel Streaming Service Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38241 (Kernel Streaming Service Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38240 (Windows Remote Access Connection Manager Elevation of
Privilege Vulner ...)
NOT-FOR-US: Microsoft
CVE-2024-38239 (Windows Kerberos Elevation of Privilege Vulnerability)
@@ -356,7 +356,7 @@ CVE-2024-38217 (Windows Mark of the Web Security Feature
Bypass Vulnerability)
CVE-2024-38216 (Azure Stack Hub Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-38194 (An authenticated attacker can exploit an improper
authorization vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38188 (Azure Network Watcher VM Agent Elevation of Privilege
Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-38119 (Windows Network Address Translation (NAT) Remote Code
Execution Vulner ...)
@@ -440,7 +440,7 @@ CVE-2024-21753 (A improper limitation of a pathname to a
restricted directory ('
CVE-2024-21416 (Windows TCP/IP Remote Code Execution Vulnerability)
TODO: check
CVE-2023-6841 (A denial of service vulnerability was found in keycloak where
the amou ...)
- TODO: check
+ NOT-FOR-US: Keycloak
CVE-2023-49069 (A vulnerability has been identified in Mendix Runtime V10 (All
version ...)
TODO: check
CVE-2023-44254 (An authorization bypass through user-controlled key[CWE-639]
vulnerabi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e04f00455188b1201aee58c7bba83c5759f764f4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e04f00455188b1201aee58c7bba83c5759f764f4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
