Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c6a7feea by Moritz Mühlenhoff at 2024-10-18T16:32:22+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,7 +21,7 @@ CVE-2024-9361 (The Bulk images optimizer: Resize, optimize,
convert to webp, ren
CVE-2024-9350 (The DPD Baltic Shipping plugin for WordPress is vulnerable to
Reflecte ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9264 (The SQL Expressions experimental feature of Grafana allows for
the eva ...)
- TODO: check
+ - grafana <removed>
CVE-2024-9206 (The MAS Companies For WP Job Manager plugin for WordPress is
vulnerabl ...)
NOT-FOR-US: WordPress plugin
CVE-2024-8916 (The Suki Sites Import plugin for WordPress is vulnerable to
Stored Cro ...)
@@ -31,13 +31,13 @@ CVE-2024-8790 (The Social Share With Floating Bar plugin
for WordPress is vulner
CVE-2024-8740 (The GetResponse Forms by Optin Cat plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7316 (Improper Validation of Specified Quantity in Input
vulnerability in Mi ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2024-49023 (Microsoft Edge (Chromium-based) Remote Code Execution
Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-48924 (### Impact When this library is used to deserialize
messagepack data ...)
- TODO: check
+ NOT-FOR-US: MessagePack-CSharp
CVE-2024-47793 (Stored cross-site scripting vulnerability exists in Exment
v6.1.4 and ...)
- TODO: check
+ NOT-FOR-US: Exment
CVE-2024-46897 (Incorrect permission assignment for critical resource issue
exists in ...)
NOT-FOR-US: Microsoft
CVE-2024-43596 (Microsoft Edge (Chromium-based) Remote Code Execution
Vulnerability)
@@ -57,17 +57,17 @@ CVE-2024-43566 (Microsoft Edge (Chromium-based) Remote Code
Execution Vulnerabil
CVE-2024-38820 (The fix for CVE-2022-22968 made disallowedFieldspatterns in
DataBinder ...)
TODO: check
CVE-2024-33453 (Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote
attacke ...)
- TODO: check
+ NOT-FOR-US: esp-idf
CVE-2024-30875 (Cross Site Scripting vulnerability in JavaScript Library
jquery-ui v.1 ...)
TODO: check
CVE-2024-27766 (An issue in MYSQL MariaDB v.11.1 allows a remote attacker to
execute a ...)
TODO: check
CVE-2024-10119 (The wireless router WRTM326 from SECOM does not properly
validate a sp ...)
- TODO: check
+ NOT-FOR-US: SECOM
CVE-2024-10118 (SECOM WRTR-304GN-304TW-UPSC does not properly filter user
input in the ...)
- TODO: check
+ NOT-FOR-US: SECOM
CVE-2024-10093 (A vulnerability, which was classified as critical, was found
in VSO Co ...)
- TODO: check
+ NOT-FOR-US: VSO
CVE-2024-10080 (The WP Easy Post Types plugin for WordPress is vulnerable to
Stored Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2024-10079 (The WP Easy Post Types plugin for WordPress is vulnerable to
PHP Objec ...)
@@ -311,19 +311,19 @@ CVE-2024-10100 (A path traversal vulnerability exists in
binary-husky/gpt_academ
CVE-2024-10099 (A stored cross-site scripting (XSS) vulnerability exists in
comfyanony ...)
NOT-FOR-US: comfyanonymous/comfyui
CVE-2024-10073 (A vulnerability, which was classified as critical, was found
in flairN ...)
- TODO: check
+ NOT-FOR-US: FlairNLP
CVE-2024-10072 (A vulnerability, which was classified as critical, has been
found in E ...)
- TODO: check
+ NOT-FOR-US: ESAFENET
CVE-2024-10071 (A vulnerability classified as critical was found in ESAFENET
CDG 5. Th ...)
- TODO: check
+ NOT-FOR-US: ESAFENET
CVE-2024-10070 (A vulnerability classified as critical has been found in
ESAFENET CDG ...)
- TODO: check
+ NOT-FOR-US: ESAFENET
CVE-2024-10069 (A vulnerability was found in ESAFENET CDG 5. It has been rated
as crit ...)
- TODO: check
+ NOT-FOR-US: ESAFENET
CVE-2024-10068 (A vulnerability was found in OpenSight Software FlashFXP
5.4.0.3970. I ...)
- TODO: check
+ NOT-FOR-US: OpenSight
CVE-2024-10025 (A vulnerability in the .sdd file allows an attacker to read
default pa ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-6729 (Nokia SR OS routers allow read-write access to the entire file
system ...)
NOT-FOR-US: Nokia
CVE-2023-6728 (Nokia SR OS bof.cfg file encryption is vulnerable to a brute
force att ...)
@@ -331,7 +331,7 @@ CVE-2023-6728 (Nokia SR OS bof.cfg file encryption is
vulnerable to a brute forc
CVE-2018-25104 (A vulnerability was found in CoinGate Plugin up to 1.2.7 on
PrestaShop ...)
NOT-FOR-US: PrestaShop plugin
CVE-2005-10003 (A vulnerability classified as critical has been found in
mikexstudios ...)
- TODO: check
+ NOT-FOR-US: xcomic
CVE-2024-9951 (The WP Photo Album Plus plugin for WordPress is vulnerable to
Reflecte ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9940 (The Calculated Fields Form plugin for WordPress is vulnerable
to HTML ...)
@@ -395,11 +395,11 @@ CVE-2024-45766 (Dell OpenManage Enterprise, version(s)
OME 4.1 and prior, contai
CVE-2024-44762 (A discrepancy in error messages for invalid login attempts in
Webmin U ...)
- webmin <removed>
CVE-2024-3187 (This issue tracks two CWE-416 Use After Free (UAF) and one
CWE-415 Dou ...)
- TODO: check
+ NOT-FOR-US: Goahead
CVE-2024-3186 (CWE-476 NULL Pointer Dereference vulnerability in the
evalExpr() funct ...)
- TODO: check
+ NOT-FOR-US: Goahead
CVE-2024-3184 (Multiple CWE-476 NULL Pointer Dereference vulnerabilities were
found i ...)
- TODO: check
+ NOT-FOR-US: Goahead
CVE-2024-9893 (The Nextend Social Login Pro plugin for WordPress is vulnerable
to aut ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9858 (There exists an insecure default user permission in Google
Cloud Migra ...)
@@ -524,7 +524,7 @@ CVE-2024-29155 (On Microchip RN4870 devices, when more than
one consecutive Pair
CVE-2024-22033 (The OBS service obs-service-download_url was vulnerable to a
command i ...)
TODO: check
CVE-2024-22032 (A vulnerability has been identified in which an RKE1 cluster
keeps co ...)
- TODO: check
+ NOT-FOR-US: Rancher
CVE-2024-22030 (A vulnerability has been identified within Rancher that can be
exploit ...)
NOT-FOR-US: Rancher
CVE-2024-20512 (A vulnerability in the web-based management interface of Cisco
Unified ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6a7feea655504a281c523c3f3d3fdb73df7304b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6a7feea655504a281c523c3f3d3fdb73df7304b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
