Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f16fba39 by Salvatore Bonaccorso at 2024-09-18T22:30:55+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,131 +1,131 @@
CVE-2024-8969 (OMFLOW from The SYSCOM Group has a vulnerability involving the
exposur ...)
- TODO: check
+ NOT-FOR-US: OMFLOW
CVE-2024-8957 (PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable
to an ...)
- TODO: check
+ NOT-FOR-US: PTZOptics
CVE-2024-8892 (Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which
could a ...)
- TODO: check
+ NOT-FOR-US: CIRCUTOR TCP2RS+ firmware
CVE-2024-8891 (An attacker with no knowledge of the current users in the web
applicat ...)
- TODO: check
+ NOT-FOR-US: CIRCUTOR Q-SMT
CVE-2024-8890 (An attacker with access to the network where the CIRCUTOR Q-SMT
is loc ...)
- TODO: check
+ NOT-FOR-US: CIRCUTOR Q-SMT
CVE-2024-8889 (Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which
could a ...)
- TODO: check
+ NOT-FOR-US: CIRCUTOR TCP2RS+ firmware
CVE-2024-8888 (An attacker with access to the network where CIRCUTOR Q-SMT is
located ...)
- TODO: check
+ NOT-FOR-US: CIRCUTOR Q-SMT
CVE-2024-8887 (CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected
by a d ...)
- TODO: check
+ NOT-FOR-US: CIRCUTOR Q-SMT
CVE-2024-8287 (Anbox Management Service, in versions 1.17.0 through 1.23.0,
does not ...)
TODO: check
CVE-2024-6878 (Files or Directories Accessible to External Parties
vulnerability in E ...)
- TODO: check
+ NOT-FOR-US: Eliz Software Panel
CVE-2024-6877 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Eliz Software Panel
CVE-2024-6641 (The WP Hardening \u2013 Fix Your WordPress Security plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6406 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Yordam Information Technology Mobile Library Application
CVE-2024-5960 (Plaintext Storage of a Password vulnerability in Eliz Software
Panel a ...)
- TODO: check
+ NOT-FOR-US: Eliz Software Panel
CVE-2024-5959 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Eliz Software Panel
CVE-2024-5958 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Eliz Software Panel
CVE-2024-5682 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Yordam Library Automation System
CVE-2024-47001 (Hidden functionality issue in multiple digital video recorders
provide ...)
TODO: check
CVE-2024-46990 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
- TODO: check
+ NOT-FOR-US: Directus
CVE-2024-46989 (spicedb is an Open Source, Google Zanzibar-inspired
permissions databa ...)
- TODO: check
+ NOT-FOR-US: SpiceDB
CVE-2024-46987 (Camaleon CMS is a dynamic and advanced content management
system based ...)
- TODO: check
+ NOT-FOR-US: Camaleon CMS
CVE-2024-46986 (Camaleon CMS is a dynamic and advanced content management
system based ...)
- TODO: check
+ NOT-FOR-US: Camaleon CMS
CVE-2024-46982 (Next.js is a React framework for building full-stack web
applications. ...)
TODO: check
CVE-2024-46979 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2024-46978 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2024-46959 (runofast Indoor Security Camera for Baby Monitor has a default
passwor ...)
- TODO: check
+ NOT-FOR-US: runofast Indoor Security Camera for Baby Monitor
CVE-2024-46598 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46597 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46596 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46595 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46594 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46593 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46592 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46591 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46590 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46589 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46588 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46586 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46585 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46584 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46583 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46582 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46581 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46580 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46571 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46568 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46567 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46566 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46565 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46564 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46561 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46560 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46559 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46558 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46557 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46556 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46555 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46554 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46553 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46552 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46551 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46550 (Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-46086 (FrogCMS V0.9.5 was discovered to contain a Cross-Site Request
Forgery ...)
- TODO: check
+ NOT-FOR-US: FrogCMS
CVE-2024-45858 (An arbitrary code execution vulnerability exists in versions
0.2.9 up ...)
- TODO: check
+ NOT-FOR-US: Guardrails AI Guardrails framework
CVE-2024-45813 (find-my-way is a fast, open source HTTP router, internally
using a Rad ...)
TODO: check
CVE-2024-45679 (Heap-based buffer overflow vulnerability in Assimp versions
prior to 5 ...)
@@ -133,83 +133,83 @@ CVE-2024-45679 (Heap-based buffer overflow vulnerability
in Assimp versions prio
CVE-2024-45601 (Mesop is a Python-based UI framework designed for rapid web
apps devel ...)
TODO: check
CVE-2024-45523 (An issue was discovered in Bravura Security Fabric versions
12.3.x bef ...)
- TODO: check
+ NOT-FOR-US: Bravura Security Fabric
CVE-2024-45452 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-45451 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-45366 (Welcart e-Commerce prior to 2.11.2 contains a cross-site
scripting vul ...)
- TODO: check
+ NOT-FOR-US: Welcart e-Commerce
CVE-2024-45298 (Wiki.js is an open source wiki app built on Node.js. A
disabled user c ...)
TODO: check
CVE-2024-44589 (Stack overflow vulnerability in the Login function in the HNAP
service ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-44542 (SQL Injection vulnerability in todesk v.1.1 allows a remote
attacker t ...)
TODO: check
CVE-2024-44064 (Cross-Site Request Forgery (CSRF) vulnerability in LikeBtn
Like Button ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44051 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44050 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44049 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44047 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44009 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44008 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44007 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44005 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44004 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44003 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44002 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44001 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43999 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43995 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43994 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43993 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43992 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43991 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43988 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43987 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43985 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43983 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43978 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43977 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43976 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43975 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43972 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43971 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43970 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43969 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43938 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43778 (OS command injection vulnerability in multiple digital video
recorders ...)
TODO: check
CVE-2024-43188 (IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and
24.0.0 ...)
@@ -219,7 +219,7 @@ CVE-2024-43025 (An HTML injection vulnerability in RWS
MultiTrans v7.0.23324.2 a
CVE-2024-43024 (Multiple stored cross-site scripting (XSS) vulnerabilities in
RWS Mult ...)
TODO: check
CVE-2024-42404 (SQL injection vulnerability in Welcart e-Commerce prior to
2.11.2 allo ...)
- TODO: check
+ NOT-FOR-US: Welcart e-Commerce
CVE-2024-41929 (Improper authentication vulnerability in multiple digital
video record ...)
TODO: check
CVE-2024-39590 (Multiple invalid pointer dereference vulnerabilities exist in
the Open ...)
@@ -229,9 +229,9 @@ CVE-2024-39589 (Multiple invalid pointer dereference
vulnerabilities exist in th
CVE-2024-39339 (A vulnerability has been discovered in all versions of
Smartplay headu ...)
TODO: check
CVE-2024-39081 (An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to
perform a ...)
- TODO: check
+ NOT-FOR-US: SMART TYRE CAR & BIKE
CVE-2024-37985 (Windows Kernel Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-36981 (An out-of-bounds read vulnerability exists in the OpenPLC
Runtime Ethe ...)
TODO: check
CVE-2024-36980 (An out-of-bounds read vulnerability exists in the OpenPLC
Runtime Ethe ...)
@@ -239,9 +239,9 @@ CVE-2024-36980 (An out-of-bounds read vulnerability exists
in the OpenPLC Runtim
CVE-2024-35515 (Insecure deserialization in sqlitedict up to v2.1.0 allows
attackers t ...)
TODO: check
CVE-2024-34399 (**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC
Remedy Mi ...)
- TODO: check
+ NOT-FOR-US: BMC Remedy Mid Tier
CVE-2024-34057 (Triangle Microworks TMW IEC 61850 Client source code libraries
before ...)
- TODO: check
+ NOT-FOR-US: Triangle Microworks
CVE-2024-34026 (A stack-based buffer overflow vulnerability exists in the
OpenPLC Runt ...)
TODO: check
CVE-2024-31198 (Out-of-bounds Read vulnerability in Open Networking Foundation
(ONF) l ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f16fba398bb743981022c1fd7b49f0a32b268795
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f16fba398bb743981022c1fd7b49f0a32b268795
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
