Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d39eb6a0 by Salvatore Bonaccorso at 2024-10-30T09:29:30+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,113 +1,113 @@
CVE-2024-9997 (A maliciously crafted DWG file when parsed in acdb25.dll
through Autod ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-9996 (A maliciously crafted DWG file when parsed in acdb25.dll
through Autod ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-9886 (The WP Baidu Map plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9885 (The Widget or Sidebar Shortcode plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9884 (The T(-) Countdown plugin for WordPress is vulnerable to Stored
Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9846 (The The Enable Shortcodes inside Widgets,Comments and Experts
plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9827 (A maliciously crafted CATPART file when parsed in CC5Dll.dll
through A ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-9826 (A maliciously crafted 3DM file when parsed in atf_api.dll
through Auto ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-9489 (A maliciously crafted DWG file when parsed in ACAD.exe through
Autodes ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8896 (A maliciously crafted DXF file when parsed in acdb25.dllthrough
Autode ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8871 (The Pricing Tables WordPress Plugin \u2013 Easy Pricing Tables
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8792 (The Subscribe to Comments plugin for WordPress is vulnerable to
Reflec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8627 (The Ultimate TinyMCE plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8600 (A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll
through ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8599 (A maliciously crafted STP file when parsed in ACTranslators.exe
throug ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8598 (A maliciously crafted STP file when parsed in ACTranslators.exe
throug ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8597 (A maliciously crafted STP file when parsed in ASMDATAX230A.dll
through ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8596 (A maliciously crafted MODEL file when parsed in libodxdll.dll
through ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8595 (A maliciously crafted MODEL file when parsed in libodxdll.dll
through ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8594 (A maliciously crafted MODEL file when parsed in libodxdll.dll
through ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8593 (A maliciously crafted CATPART file when parsed in
ASMKERN230A.dll thro ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8592 (A maliciously crafted CATPART file when parsed in
AcTranslators.exe th ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8591 (A maliciously crafted 3DM file when parsed in AcTranslators.exe
throug ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8590 (A maliciously crafted 3DM file when parsed in atf_api.dll
through Auto ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8589 (A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll
through ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8588 (A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll
through ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8587 (A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll
through ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-8444 (The Download Manager WordPress plugin before 3.3.00 doesn't
sanitize s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7992 (A maliciously crafted DWG file, when parsed through Autodesk
AutoCAD a ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-7991 (A maliciously crafted DWG file, when parsed through Autodesk
AutoCAD a ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-51568 (CyberPanel (aka Cyber Panel) before 2.3.5 allows Command
Injection via ...)
- TODO: check
+ NOT-FOR-US: CyberPanel (aka Cyber Panel)
CVE-2024-51567 (upgrademysqlstatus in databases/views.py in CyberPanel (aka
Cyber Pane ...)
- TODO: check
+ NOT-FOR-US: CyberPanel (aka Cyber Panel)
CVE-2024-51378 (getresetstatus in dns/views.py and ftp/views.py in CyberPanel
(aka Cyb ...)
- TODO: check
+ NOT-FOR-US: CyberPanel (aka Cyber Panel)
CVE-2024-50512 (Generation of Error Message Containing Sensitive Information
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50511 (Unrestricted Upload of File with Dangerous Type vulnerability
in David ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50510 (Unrestricted Upload of File with Dangerous Type vulnerability
in Web a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50509 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50508 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50507 (Deserialization of Untrusted Data vulnerability in Daniel
Schmitzer DS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50506 (Incorrect Privilege Assignment vulnerability in Azexo
Marketing Automa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50504 (Incorrect Privilege Assignment vulnerability in Matt Whiteman
Bulk Cha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50503 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50456 (Missing Authorization vulnerability in The SEO Guys at
SEOPress SEOPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50455 (Missing Authorization vulnerability in The SEO Guys at
SEOPress SEOPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50454 (Missing Authorization vulnerability in The SEO Guys at
SEOPress SEOPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50428 (Missing Authorization vulnerability in Mondula GmbH Multi Step
Form al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50425 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50424 (Missing Authorization vulnerability in Templately allows
Exploiting In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50423 (Missing Authorization vulnerability in Templately allows
Exploiting In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50422 (Missing Authorization vulnerability in Cloudways Breeze allows
Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50421 (Missing Authorization vulnerability in WP Overnight
WooCommerce PDF In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-50348 (InstantCMS is a free and open source content management
system. In pho ...)
- TODO: check
+ NOT-FOR-US: InstantCMS
CVE-2024-48573 (A NoSQL injection vulnerability in AquilaCMS 1.409.20 and
prior allows ...)
- TODO: check
+ NOT-FOR-US: AquilaCMS
CVE-2024-48572 (A User enumeration vulnerability in AquilaCMS 1.409.20 and
prior allow ...)
- TODO: check
+ NOT-FOR-US: AquilaCMS
CVE-2024-48461 (Cross Site Scripting vulnerability in TeslaLogger Admin Panel
before v ...)
- TODO: check
+ NOT-FOR-US: TeslaLogger Admin Panel
CVE-2024-48206 (A Deserialization of Untrusted Data vulnerability in chainer
v7.8.1.po ...)
TODO: check
CVE-2024-48138 (A remote code execution (RCE) vulnerability in the component
/PluXml/c ...)
@@ -119,31 +119,31 @@ CVE-2024-44081 (In Jitsi Meet before 2.0.9779, the
functionality to share a vide
CVE-2024-44080 (In Jitsi Meet before 2.0.9779, the functionality to share an
image usi ...)
TODO: check
CVE-2024-10509 (A vulnerability, which was classified as critical, has been
found in C ...)
- TODO: check
+ NOT-FOR-US: Codezips Online Institute Management System
CVE-2024-10507 (A vulnerability classified as critical was found in Codezips
Free Exam ...)
- TODO: check
+ NOT-FOR-US: Codezips Free Exam Hall Seating Management System
CVE-2024-10506 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects Blood Bank System
CVE-2024-10505 (A vulnerability was found in wuzhicms 4.1.0. It has been
classified as ...)
- TODO: check
+ NOT-FOR-US: wuzhicms
CVE-2024-10503 (A vulnerability was found in Klokan MapTiler tileserver-gl
2.3.1 and c ...)
TODO: check
CVE-2024-10502 (A vulnerability has been found in ESAFENET CDG 5 and
classified as cri ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG 5
CVE-2024-10501 (A vulnerability, which was classified as critical, was found
in ESAFEN ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG 5
CVE-2024-10500 (A vulnerability, which was classified as critical, has been
found in E ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG 5
CVE-2024-10399 (The Download Monitor plugin for WordPress is vulnerable to
unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10228 (The Vagrant VMWare Utility Windows installer targeted a custom
locatio ...)
TODO: check
CVE-2024-10223 (The WP Team \u2013 WordPress Team Member Plugin plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10108 (The WPAdverts \u2013 Classifieds Plugin plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5816 (The Code Explorer plugin for WordPress is vulnerable to
arbitrary exte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-46956 [PostScript interpreter - fix buffer length check]
- ghostscript 10.04.0~dfsg-1
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=707895
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d39eb6a09f050904daeecfb5b6334a15db7019ee
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d39eb6a09f050904daeecfb5b6334a15db7019ee
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
