Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0be368fb by Salvatore Bonaccorso at 2024-11-06T22:27:56+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30,85 +30,85 @@ CVE-2024-51754 (Twig is a template language for PHP. In a
sandbox, an attacker c
NOTE:
https://github.com/twigphp/Twig/security/advisories/GHSA-6377-hfv9-hqf6
NOTE: Fixed by:
https://github.com/twigphp/Twig/commit/2bb8c2460a2c519c498df9b643d5277117155a73
(v3.14.1)
CVE-2024-51751 (Gradio is an open-source Python package designed to enable
quick build ...)
- TODO: check
+ NOT-FOR-US: Gradio
CVE-2024-50637 (UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting
(XSS) in ...)
- TODO: check
+ NOT-FOR-US: UnoPim
CVE-2024-50315
REJECTED
CVE-2024-35146 (IBM Maximo Application Suite - Monitor Component 8.10.11,
8.11.8, and ...)
NOT-FOR-US: IBM
CVE-2024-20540 (A vulnerability in the web-based management interface of Cisco
Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20539 (A vulnerability in the web-based management interface of Cisco
ISE cou ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20538 (A vulnerability in the web-based management interface of Cisco
ISE cou ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20537 (A vulnerability in the web-based management interface of Cisco
ISE cou ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20536 (A vulnerability in a REST API endpoint and web-based
management interf ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20534 (A vulnerability in the web UI of Cisco Desk Phone 9800 Series,
Cisco I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20533 (A vulnerability in the web UI of Cisco Desk Phone 9800 Series,
Cisco I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20532 (A vulnerability in the API of Cisco ISE could allow an
authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20531 (A vulnerability in the API of Cisco ISE could allow an
authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20530 (A vulnerability in the web-based management interface of Cisco
ISE cou ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20529 (A vulnerability in the API of Cisco ISE could allow an
authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20528 (A vulnerability in the API of Cisco ISE could allow an
authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20527 (A vulnerability in the API of Cisco ISE could allow an
authenticated, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20525 (A vulnerability in the web-based management interface of Cisco
ISE cou ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20514 (A vulnerability in the web-based management interface of Cisco
Evolved ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20511 (A vulnerability in the web-based management interface of Cisco
Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20507 (A vulnerability in the logging subsystem of Cisco Meeting
Management c ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20504 (A vulnerability in the web-based management interface of Cisco
AsyncOS ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20487 (A vulnerability in the web-based management interface of Cisco
ISE cou ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20484 (A vulnerability in the External Agent Assignment Service
(EAAS) featur ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20476 (A vulnerability in the web-based management interface of Cisco
ISE cou ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20457 (A vulnerability in the logging component of Cisco Unified
Communicatio ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20445 (A vulnerability in the web UI of Cisco Desk Phone 9800 Series,
Cisco I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20418 (A vulnerability in the web-based management interface of Cisco
Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20371 (A vulnerability in the access control list (ACL) programming
of Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-10920 (A vulnerability was found in mariazevedo88 travels-java-api up
to 5.0. ...)
- TODO: check
+ NOT-FOR-US: mariazevedo88 travels-java-api
CVE-2024-10919 (A vulnerability has been found in didi Super-Jacoco 1.0 and
classified ...)
- TODO: check
+ NOT-FOR-US: didi Super-Jacoco
CVE-2024-10916 (A vulnerability classified as problematic has been found in
D-Link DNS ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-10915 (A vulnerability was found in D-Link DNS-320, DNS-320LW,
DNS-325 and DN ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-10914 (A vulnerability was found in D-Link DNS-320, DNS-320LW,
DNS-325 and DN ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-10715 (The MapPress Maps for WordPress plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10318 (A session fixation issue was discovered in the NGINX OpenID
Connect re ...)
TODO: check
CVE-2024-10186 (The Event post plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10168 (The Active Products Tables for WooCommerce. Use constructor to
create ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10082 (CodeChecker is an analyzer tooling, defect database and viewer
extensi ...)
- TODO: check
+ NOT-FOR-US: CodeChecker
CVE-2024-10081 (CodeChecker is an analyzer tooling, defect database and viewer
extensi ...)
- TODO: check
+ NOT-FOR-US: CodeChecker
CVE-2024-9946 (The Social Share, Social Login and Social Comments Plugin
\u2013 Super ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9934 (The Wp-ImageZoom WordPress plugin through 1.1.0 does not
sanitise and ...)
@@ -133,9 +133,9 @@ CVE-2024-52043 (Generation of Error Message Containing
Sensitive Informationin H
CVE-2024-51756 (The cap-std project is organized around the eponymous
`cap-std` crate, ...)
TODO: check
CVE-2024-51745 (Wasmtime is a fast and secure runtime for WebAssembly.
Wasmtime's file ...)
- TODO: check
+ NOT-FOR-US: wasmtime
CVE-2024-51358 (An issue in Linux Server Heimdall v.2.6.1 allows a remote
attacker to ...)
- TODO: check
+ NOT-FOR-US: Linux Server Heimdall
CVE-2024-51116 (Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer
overflo ...)
NOT-FOR-US: Tenda
CVE-2024-51115 (DCME-320 v7.4.12.90 was discovered to contain a command
injection vuln ...)
@@ -352176,7 +352176,7 @@ CVE-2020-11861 (Unauthorized escalation of local
privileges vulnerability on Mic
CVE-2020-11860 (Cross-Site Scripting vulnerability on Micro Focus ArcSight
Logger prod ...)
NOT-FOR-US: Micro Focus
CVE-2020-11859 (Improper Input Validation vulnerability in OpenText iManager
allows Cr ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2020-11858 (Code execution with escalated privileges vulnerability in
Micro Focus ...)
NOT-FOR-US: Micro Focus
CVE-2020-11857 (An Authorization Bypass vulnerability on Micro Focus Operation
Bridge ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0be368fbf9ba8e7e2954f10d4fc8c954829ea52b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0be368fbf9ba8e7e2954f10d4fc8c954829ea52b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
