Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a344f8bb by Salvatore Bonaccorso at 2024-10-23T22:27:41+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,187 +1,187 @@
CVE-2024-9949 (Denial of Service in Forescout SecureConnector11.1.02.1019 on
Windows ...)
- TODO: check
+ NOT-FOR-US: Forescout SecureConnector
CVE-2024-8500 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5764 (Use of Hard-coded Credentials vulnerability in Sonatype Nexus
Reposito ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2024-50383 (Botan before 3.6.0, when certain GCC versions are used, has a
compiler ...)
TODO: check
CVE-2024-50382 (Botan before 3.6.0, when certain LLVM versions are used, has
compiler- ...)
TODO: check
CVE-2024-50050 (Llama Stack prior to revision
7a8aa775e5a267cf8660d83140011a0b7f91e005 ...)
- TODO: check
+ NOT-FOR-US: Llama Stack
CVE-2024-49756 (AshPostgres is the PostgreSQL data layer for Ash Framework.
Starting i ...)
TODO: check
CVE-2024-49751 (Press, a Frappe custom app that runs Frappe Cloud, manages
infrastruct ...)
TODO: check
CVE-2024-49701 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-49690 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49684 (Deserialization of Untrusted Data vulnerability in Revmakx
Backup and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49676 (Unrestricted Upload of File with Dangerous Type vulnerability
in Micha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49675 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49671 (Unrestricted Upload of File with Dangerous Type vulnerability
in Dogu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49669 (Unrestricted Upload of File with Dangerous Type vulnerability
in Alexa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49668 (Unrestricted Upload of File with Dangerous Type vulnerability
in Admin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49658 (Unrestricted Upload of File with Dangerous Type vulnerability
in Ecome ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49657 (Missing Authorization vulnerability in ReneeCussack 3D Work In
Progres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49653 (Unrestricted Upload of File with Dangerous Type vulnerability
in James ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49652 (Unrestricted Upload of File with Dangerous Type vulnerability
in Renee ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49370 (Pimcore is an open source data and experience management
platform. Whe ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2024-48964 (The package Snyk CLI before 1.1294.0 is vulnerable to Code
Injection w ...)
TODO: check
CVE-2024-48963 (The package Snyk CLI before 1.1294.0 is vulnerable to Code
Injection w ...)
TODO: check
CVE-2024-47904 (A vulnerability has been identified in InterMesh 7177 Hybrid
2.0 Subsc ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-47903 (A vulnerability has been identified in InterMesh 7177 Hybrid
2.0 Subsc ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-47902 (A vulnerability has been identified in InterMesh 7177 Hybrid
2.0 Subsc ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-47901 (A vulnerability has been identified in InterMesh 7177 Hybrid
2.0 Subsc ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-47575 (A missing authentication for critical function in FortiManager
7.6.0, ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-30124 (HCL Sametime is impacted by insecure services in-use on the
UIM client ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-30122 (HCL Sametime is impacted by misconfigured security related
HTTP header ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-20526 (A vulnerability in the SSH server of Cisco Adaptive Security
Appliance ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20495 (A vulnerability in the Remote Access VPN feature of Cisco
Adaptive Sec ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20494 (A vulnerability in the TLS cryptography functionality of Cisco
Adaptiv ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20493 (A vulnerability in the login authentication functionality of
the Remot ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20485 (A vulnerability in the VPN web server of Cisco Adaptive
Security Appli ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20482 (A vulnerability in the web-based management interface of Cisco
Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20481 (A vulnerability in the Remote Access VPN (RAVPN) service of
Cisco Adap ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20474 (A vulnerability in Internet Key Exchange version 2 (IKEv2)
processing ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20473 (A vulnerability in the web-based management interface of Cisco
Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20472 (A vulnerability in the web-based management interface of Cisco
Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20471 (A vulnerability in the web-based management interface of Cisco
Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20431 (A vulnerability in the geolocation access control feature of
Cisco Fir ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20426 (A vulnerability in the Internet Key Exchange version 2 (IKEv2)
protoco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20424 (A vulnerability in the web-based management interface of Cisco
Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20415 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20412 (A vulnerability in Cisco Firepower Threat Defense (FTD)
Software for C ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20410 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20409 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20408 (A vulnerability in the Dynamic Access Policies (DAP) feature
of Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20407 (A vulnerability in the interaction between the TCP Intercept
feature a ...)
TODO: check
CVE-2024-20403 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20402 (A vulnerability in the SSL VPN feature for Cisco Adaptive
Security App ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20388 (A vulnerability in the password change feature of Cisco
Firepower Mana ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20387 (A vulnerability in the web-based management interface of Cisco
FMC Sof ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20386 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20384 (A vulnerability in the Network Service Group (NSG) feature of
Cisco Ad ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20382 (A vulnerability in the VPN web client services feature of
Cisco Adapti ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20379 (A vulnerability in the web-based management interface of Cisco
Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20377 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20374 (A vulnerability in the web-based management interface of Cisco
Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20372 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20370 (A vulnerability in the Cisco FXOS CLI feature on specific
hardware pla ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20364 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20351 (A vulnerability in the TCP/IP traffic handling function of the
Snort D ...)
TODO: check
CVE-2024-20342 (Multiple Cisco products are affected by a vulnerability in the
rate fi ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20341 (A vulnerability in the VPN web client services feature of
Cisco Adapti ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20340 (A vulnerability in the web-based management interface of Cisco
Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20339 (A vulnerability in the TLS processing feature of Cisco
Firepower Threa ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20331 (A vulnerability in the session authentication functionality of
the Rem ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20330 (A vulnerability in the Snort 2 and Snort 3 TCP and UDP
detection engin ...)
TODO: check
CVE-2024-20329 (A vulnerability in the SSH subsystem of Cisco Adaptive
Security Applia ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20300 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20299 (A vulnerability in the AnyConnect firewall for Cisco Adaptive
Security ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20298 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20297 (A vulnerability in the AnyConnect firewall for Cisco Adaptive
Security ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20275 (A vulnerability in the cluster backup feature of Cisco Secure
Firewall ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20274 (A vulnerability in the web-based management interface of Cisco
Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20273 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20269 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20268 (A vulnerability in the Simple Network Management Protocol
(SNMP) featu ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20264 (A vulnerability in the web-based management interface of Cisco
Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20260 (A vulnerability in the VPN and management web servers of the
Cisco Ada ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-10301 (A vulnerability, which was classified as critical, was found
in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10300 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10299 (A vulnerability classified as critical was found in PHPGurukul
Medical ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10298 (A vulnerability classified as critical has been found in
PHPGurukul Me ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10297 (A vulnerability was found in PHPGurukul Medical Card
Generation System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10296 (A vulnerability was found in PHPGurukul Medical Card
Generation System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10293 (A vulnerability was found in ZZCMS 2023. It has been
classified as cri ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-10292 (A vulnerability was found in ZZCMS 2023 and classified as
critical. Th ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-10291 (A vulnerability has been found in ZZCMS 2023 and classified as
critica ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-10290 (A vulnerability, which was classified as problematic, was
found in ZZC ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-10289 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer
1.0.9 t ...)
TODO: check
CVE-2024-10288 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer
1.0.9 t ...)
@@ -191,27 +191,27 @@ CVE-2024-10287 (Cross-Site Scripting (XSS) vulnerability
affecting LocalServer 1
CVE-2024-10286 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer
1.0.9 t ...)
TODO: check
CVE-2024-10283 (A vulnerability, which was classified as critical, has been
found in T ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10282 (A vulnerability classified as critical was found in Tenda RX9
and RX9 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10281 (A vulnerability classified as critical has been found in Tenda
RX9 and ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10280 (A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10,
AC10U, AC ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10279 (A vulnerability was found in ESAFENET CDG 5. It has been
declared as c ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG
CVE-2024-10278 (A vulnerability was found in ESAFENET CDG 5. It has been
classified as ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG
CVE-2024-10277 (A vulnerability was found in ESAFENET CDG 5 and classified as
critical ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG
CVE-2024-10276 (A vulnerability has been found in Tektronix Sentry 6.0.9 and
classifie ...)
TODO: check
CVE-2024-10250 (The Nioland theme for WordPress is vulnerable to Reflected
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-10041 (A vulnerability was found in PAM. The secret information is
stored in ...)
TODO: check
CVE-2023-50310 (IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3
transmits ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-9947 (The ProfilePress Pro plugin for WordPress is vulnerable to
authenticat ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9927 (The WooCommerce Order Proposal plugin for WordPress is
vulnerable to p ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a344f8bb4a823bd026e7ab7f61a59551de4a54a8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a344f8bb4a823bd026e7ab7f61a59551de4a54a8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
