Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4f7275f1 by Salvatore Bonaccorso at 2024-09-29T07:10:08+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,67 +1,67 @@
CVE-2024-9316 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects Blood Bank Management System
CVE-2024-9315 (A vulnerability was found in SourceCodester Employee and
Visitor Gate ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Employee and Visitor Gate Pass Logging System
CVE-2024-9300 (A vulnerability classified as problematic was found in
SourceCodester ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Railway Reservation System
CVE-2024-9299 (A vulnerability classified as problematic has been found in
SourceCode ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Railway Reservation System
CVE-2024-9298 (A vulnerability was found in SourceCodester Online Railway
Reservation ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Railway Reservation System
CVE-2024-9297 (A vulnerability was found in SourceCodester Online Railway
Reservation ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Railway Reservation System
CVE-2024-9296 (A vulnerability was found in SourceCodester Advocate Office
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Advocate Office Management System
CVE-2024-9295 (A vulnerability was found in SourceCodester Advocate Office
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Advocate Office Management System
CVE-2024-9294 (A vulnerability, which was classified as critical, has been
found in d ...)
- TODO: check
+ NOT-FOR-US: dingfanzu CMS
CVE-2024-9293 (A vulnerability classified as critical was found in skyselang
yylAdmin ...)
- TODO: check
+ NOT-FOR-US: skyselang yylAdmin
CVE-2024-9291 (A vulnerability classified as problematic has been found in
kalvinGit ...)
- TODO: check
+ NOT-FOR-US: kalvinGit kvf-admin
CVE-2024-9189 (The EU/UK VAT Manager for WooCommerce plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9023 (The WP-WebAuthn plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8788 (The EU/UK VAT Manager for WooCommerce plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8715 (The Simple LDAP Login plugin for WordPress is vulnerable to
Reflected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8712 (The GTM Server Side plugin for WordPress is vulnerable to
Reflected Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8547 (The Simple Popup Plugin plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8353 (The GiveWP \u2013 Donation Plugin and Fundraising Platform
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8189 (The WP MultiTasking \u2013 WP Utilities plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47186 (Filament is a collection of full-stack components for Laravel
developm ...)
TODO: check
CVE-2024-46453 (A cross-site scripting (XSS) vulnerability in the component
/test/ of ...)
- TODO: check
+ NOT-FOR-US: iq3xcite
CVE-2024-38796 (EDK2 contains a vulnerability in the
PeCoffLoaderRelocateImage(). An A ...)
TODO: check
CVE-2024-23967 (Autel MaxiCharger AC Elite Business C50 WebSocket Base64
Decoding Stac ...)
- TODO: check
+ NOT-FOR-US: Autel
CVE-2024-23961 (Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote
Code Ex ...)
- TODO: check
+ NOT-FOR-US: Alpine Halo9
CVE-2024-23960 (Alpine Halo9 Improper Verification of Cryptographic Signature
Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Alpine Halo9
CVE-2024-23959 (Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl
Stack-b ...)
- TODO: check
+ NOT-FOR-US: Autel
CVE-2024-23958 (Autel MaxiCharger AC Elite Business C50 BLE Hardcoded
Credentials Auth ...)
- TODO: check
+ NOT-FOR-US: Autel
CVE-2024-23957 (Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat
Stack-based ...)
- TODO: check
+ NOT-FOR-US: Autel
CVE-2024-23938 (Silicon Labs Gecko OS Debug Interface Stack-based Buffer
Overflow Remo ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2024-23935 (Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote
Code Execut ...)
- TODO: check
+ NOT-FOR-US: Alpine Halo9
CVE-2024-23924 (Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection
Remote Code ...)
- TODO: check
+ NOT-FOR-US: Alpine Halo9
CVE-2024-23923 (Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Alpine Halo9
CVE-2024-23586 (HCL Nomad is susceptible to an insufficient session expiration
vulnera ...)
TODO: check
CVE-2024-9301 (A path traversal issue in E2Nest prior to commit
8a41948e553c89c56b144 ...)
@@ -75,7 +75,7 @@ CVE-2024-9282 (A vulnerability was found in bg5sbk MiniCMS
1.11. It has been cla
CVE-2024-9281 (A vulnerability was found in bg5sbk MiniCMS up to 1.11 and
classified ...)
NOT-FOR-US: bg5sbk MiniCMS
CVE-2024-9280 (A vulnerability has been found in kalvinGit kvf-admin up to
f12a94dc1e ...)
- TODO: check
+ NOT-FOR-US: kalvinGit kvf-admin
CVE-2024-9279 (A vulnerability, which was classified as problematic, was found
in fun ...)
NOT-FOR-US: funnyzpc Mee-Admin
CVE-2024-9278 (A vulnerability, which was classified as critical, has been
found in H ...)
@@ -195,7 +195,7 @@ CVE-2024-39364 (Advantech ADAM-5630 has built-in commands
that can be executed
CVE-2024-39275 (Cookies of authenticated Advantech ADAM-5630 users remain as
active va ...)
NOT-FOR-US: Advantech
CVE-2024-38861 (Improper Certificate Validation in Checkmk Exchange plugin
MikroTik al ...)
- TODO: check
+ NOT-FOR-US: Checkmk Exchange plugin MikroTik
CVE-2024-38308 (Advantech ADAM 5550's web application includes a "logs" page
where all ...)
NOT-FOR-US: Advantech
CVE-2024-37187 (Advantech ADAM-5550 share user credentials with a low level of
encrypt ...)
@@ -209,11 +209,11 @@ CVE-2024-33368 (An issue in Plasmoapp RPShare Fabric mod
v.1.0.0 allows a remote
CVE-2024-28948 (Advantech ADAM-5630 contains a cross-site request forgery
(CSRF) vulne ...)
NOT-FOR-US: Advantech
CVE-2024-25412 (A cross-site scripting (XSS) vulnerability in Flatpress v1.3
allows at ...)
- TODO: check
+ NOT-FOR-US: Flatpress
CVE-2024-25411 (A cross-site scripting (XSS) vulnerability in Flatpress v1.3
allows at ...)
- TODO: check
+ NOT-FOR-US: Flatpress
CVE-2024-22170 (Improper Restriction of Operations within the Bounds of a
Memory Buffe ...)
- TODO: check
+ NOT-FOR-US: Western Digital My Cloud ddns-start on Linux
CVE-2024-46868 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.10.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f7275f1176ecc43f0046d81c7e962143be1fb97
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f7275f1176ecc43f0046d81c7e962143be1fb97
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
