Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bda53c11 by Salvatore Bonaccorso at 2024-11-05T21:25:37+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,55 +1,55 @@
CVE-2024-9878 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9867 (The Element Pack Elementor Addons (Header Footer, Template
Library, Dy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9667 (The Seriously Simple Podcasting plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9657 (The Element Pack Elementor Addons (Header Footer, Template
Library, Dy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9579 (A potential vulnerability was discovered in certain Poly video
confere ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2024-9443 (The Basticom Framework plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9178 (The XT Floating Cart for WooCommerce plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7429 (The Zotpress plugin for WordPress is vulnerable to unauthorized
modifi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7059 (A high-severity vulnerability that can lead to arbitrary code
executio ...)
- TODO: check
+ NOT-FOR-US: Genetec
CVE-2024-52030 (Netgear R7000P v1.3.3.154 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52029 (Netgear R7000P v1.3.3.154 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52028 (Netgear R7000P v1.3.3.154 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52026 (Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2
1.0.4.128 was ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52025 (Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2
1.0.4.128 was ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52024 (Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2
1.0.4.128 was ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52023 (Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2
1.0.4.128 was ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52022 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52021 (Netgear R8500 v1.0.2.160 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52020 (Netgear R8500 v1.0.2.160 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52019 (Netgear R8500 v1.0.2.160 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52018 (Netgear XR300 v1.0.3.78 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52017 (Netgear XR300 v1.0.3.78 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52016 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52015 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52014 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-52013 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51753 (The AuthKit library for Remix provides convenient helpers for
authenti ...)
TODO: check
CVE-2024-51752 (The AuthKit library for Next.js provides convenient helpers
for authen ...)
@@ -57,179 +57,179 @@ CVE-2024-51752 (The AuthKit library for Next.js provides
convenient helpers for
CVE-2024-51746 (Gitsign is a keyless Sigstore to signing tool for Git commits
with you ...)
TODO: check
CVE-2024-51740 (Combodo iTop is a simple, web based IT Service Management
tool. This v ...)
- TODO: check
+ NOT-FOR-US: Combodo iTop
CVE-2024-51739 (Combodo iTop is a simple, web based IT Service Management
tool. Unauth ...)
- TODO: check
+ NOT-FOR-US: Combodo iTop
CVE-2024-51735 (Osmedeus is a Workflow Engine for Offensive Security.
Cross-site Scrip ...)
- TODO: check
+ NOT-FOR-US: Osmedeus
CVE-2024-51530 (LaunchAnywhere vulnerability in the account module Impact:
Successful ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51529 (Data verification vulnerability in the battery module Impact:
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51528 (Vulnerability of improper log printing in the Super Home
Screen module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51527 (Permission control vulnerability in the Gallery app Impact:
Successful ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51526 (Permission control vulnerability in the hidebug module Impact:
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51525 (Permission control vulnerability in the clipboard module
Impact: Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51524 (Permission control vulnerability in the Wi-Fi module Impact:
Successfu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51523 (Information management vulnerability in the Gallery module
Impact: Suc ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51522 (Vulnerability of improper device information processing in the
device ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51521 (Input parameter verification vulnerability in the background
service m ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51520 (Vulnerability of input parameters not being verified in the
HDC module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51519 (Vulnerability of input parameters not being verified in the
HDC module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51518 (Vulnerability of message types not being verified in the
advanced mess ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51517 (Vulnerability of improper memory access in the phone service
module Im ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51516 (Permission control vulnerability in the ability module Impact:
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51515 (Race condition vulnerability in the kernel network module
Impact:Succe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51514 (Vulnerability of pop-up windows belonging to no app in the VPN
module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51513 (Vulnerability of processes not being fully terminated in the
VPN modul ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51512 (Vulnerability of parameter type not being verified in the
WantAgent mo ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51511 (Vulnerability of parameter type not being verified in the
WantAgent mo ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51510 (Out-of-bounds access vulnerability in the logo module Impact:
Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2024-51493 (OctoPrint provides a web interface for controlling consumer 3D
printer ...)
TODO: check
CVE-2024-51382 (Cross-Site Request Forgery (CSRF) vulnerability in JATOS
v3.9.3 allows ...)
- TODO: check
+ NOT-FOR-US: JATOS
CVE-2024-51381 (Cross-Site Request Forgery (CSRF) vulnerability in JATOS
v3.9.3 that a ...)
- TODO: check
+ NOT-FOR-US: JATOS
CVE-2024-51380 (Stored Cross-Site Scripting (XSS) vulnerability discovered in
the Prop ...)
- TODO: check
+ NOT-FOR-US: JATOS
CVE-2024-51379 (Stored Cross-Site Scripting (XSS) vulnerability discovered in
JATOS v3 ...)
- TODO: check
+ NOT-FOR-US: JATOS
CVE-2024-51362 (The LSC Smart Connect Indoor IP Camera V7.6.32 is vulnerable
to an inf ...)
- TODO: check
+ NOT-FOR-US: LSC Smart Connect Indoor IP Camera
CVE-2024-51240 (An issue in the luci-mod-rpc package in OpenWRT Luci LTS
allows for pr ...)
TODO: check
CVE-2024-51132 (An XML External Entity (XXE) vulnerability in HAPI FHIR before
v6.4.0 ...)
- TODO: check
+ NOT-FOR-US: HAPI FHIR
CVE-2024-51024 (D-Link DIR_823G 1.0.2B05 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-51023 (D-Link DIR_823G 1.0.2B05 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-51022 (Netgear XR300 v1.0.3.78 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51021 (Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2
1.0.4.128 was ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51020 (Netgear R7000P v1.3.3.154 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51019 (Netgear R7000P v1.3.3.154 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51018 (Netgear R7000P v1.3.3.154 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51017 (Netgear R7000P v1.3.3.154 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51016 (Netgear XR300 v1.0.3.78 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51015 (Netgear R7000P v1.3.3.154 was discovered to contain a command
injectio ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51014 (Netgear XR300 v1.0.3.78 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51013 (Netgear R7000P v1.3.3.154 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51012 (Netgear R8500 v1.0.2.160 was discovered to contain a stack
overflow vi ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51011 (Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2
1.0.4.128 was ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51010 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51009 (Netgear R8500 v1.0.2.160 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51008 (Netgear XR300 v1.0.3.78 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51007 (Netgear XR300 v1.0.3.78 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51006 (Netgear R8500 v1.0.2.160 was discovered to contain a stack
overflow vi ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51005 (Netgear R8500 v1.0.2.160 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51004 (Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered
to mult ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51003 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51002 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51001 (Netgear R8500 v1.0.2.160 was discovered to contain a stack
overflow vi ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-51000 (Netgear R8500 v1.0.2.160 was discovered to contain multiple
stack over ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-50999 (Netgear R8500 v1.0.2.160 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-50998 (Netgear R8500 v1.0.2.160 was discovered to contain multiple
stack over ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-50997 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-50996 (Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154,
and R640 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-50995 (Netgear R8500 v1.0.2.160 was discovered to contain a stack
overflow vi ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-50994 (Netgear R8500 v1.0.2.160 was discovered to contain multiple
stack over ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-50993 (Netgear R8500 v1.0.2.160 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2024-50335 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2024-50333 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2024-50332 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2024-49774 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2024-49773 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2024-49772 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2024-49522 (Substance3D - Painter versions 10.0.1 and earlier are affected
by an o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49377 (OctoPrint provides a web interface for controlling consumer 3D
printer ...)
TODO: check
CVE-2024-48312 (WebLaudos v20.8 (118) was discovered to contain a cross-site
scripting ...)
- TODO: check
+ NOT-FOR-US: WebLaudos
CVE-2024-47255 (In 2N Access Commander versions 3.1.1.2 and prior, a local
attacker ca ...)
- TODO: check
+ NOT-FOR-US: 2N Access Commander
CVE-2024-47254 (In 2N Access Commander versions 3.1.1.2 and prior, an
Insufficient Ve ...)
- TODO: check
+ NOT-FOR-US: 2N Access Commander
CVE-2024-47253 (In 2N Access Commander versions 3.1.1.2 and prior, a Path
Traversal vu ...)
- TODO: check
+ NOT-FOR-US: 2N Access Commander
CVE-2024-10845 (A vulnerability has been found in 1000 Projects Bookstore
Management S ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10844 (A vulnerability, which was classified as critical, was found
in 1000 P ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10842 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: romadebrian WEB-Sekolah
CVE-2024-10841 (A vulnerability classified as critical was found in
romadebrian WEB-Se ...)
- TODO: check
+ NOT-FOR-US: romadebrian WEB-Sekolah
CVE-2024-10840 (A vulnerability classified as problematic has been found in
romadebria ...)
- TODO: check
+ NOT-FOR-US: romadebrian WEB-Sekolah
CVE-2024-10711 (The WooCommerce Report plugin for WordPress is vulnerable to
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10687 (The Photos, Files, YouTube, Twitter, Instagram, TikTok,
Ecommerce Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10329 (The Ultimate Bootstrap Elements for Elementor plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10319 (The 140+ Widgets | Xpro Addons For Elementor \u2013 FREE
plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10263 (The Tickera \u2013 WordPress Event Ticketing plugin for
WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10114 (The WooCommerce - Social Login plugin for WordPress is
vulnerable to a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0134 (NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux
contain a U ...)
TODO: check
CVE-2024-50138 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
@@ -125822,31 +125822,31 @@ CVE-2023-29128 (A vulnerability has been identified
in SIMATIC Cloud Connect 7 C
CVE-2023-29127
RESERVED
CVE-2023-29126 (The Waybox Enel X web management application contains a
PHP-type juggl ...)
- TODO: check
+ NOT-FOR-US: Waybox Enel X
CVE-2023-29125 (A heap buffer overflow could be triggered by sending a
specific packet ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29124
RESERVED
CVE-2023-29123
RESERVED
CVE-2023-29122 (Under certain conditions, access to service libraries is
granted to ac ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29121 (Waybox Enel TCF Agent service could be used to get
administrator\u2019 ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29120 (Waybox Enel X web management application could be used to
execute arbi ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29119 (Waybox Enel X web management application could execute
arbitrary reque ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29118 (Waybox Enel X web management application could execute
arbitrary reque ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29117 (Waybox Enel X web management API authentication could be
bypassed and ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29116 (Under certain conditions, through a request directed to the
Waybox Ene ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29115 (In certain conditions a request directed to the Waybox Enel X
Web mana ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29114 (System logs could be accessed through web management
application due t ...)
- TODO: check
+ NOT-FOR-US: Enel X
CVE-2023-29113
RESERVED
CVE-2023-29112 (The SAP Application Interface (Message Monitoring) - versions
600, 700 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bda53c11b2c57473ab1c254c066f58aff18639af
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bda53c11b2c57473ab1c254c066f58aff18639af
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
