Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1bc54873 by Salvatore Bonaccorso at 2024-11-07T21:31:25+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
CVE-2024-9926 (The Jetpack WordPress plugin does not have proper authorisation
in one ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8442 (The Prime Slider \u2013 Addons For Elementor (Revolution of a
slider, ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8378 (The Safe SVG WordPress plugin before 2.2.6 has its sanitisation
code i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51995 (Combodo iTop is a web based IT Service Management tool. An
attacker ca ...)
- TODO: check
+ NOT-FOR-US: Combodo iTop
CVE-2024-51994 (Combodo iTop is a web based IT Service Management tool. In
affected ve ...)
- TODO: check
+ NOT-FOR-US: Combodo iTop
CVE-2024-51993 (Combodo iTop is a web based IT Service Management tool. An
attacker ac ...)
- TODO: check
+ NOT-FOR-US: Combodo iTop
CVE-2024-51989 (Password Pusher is an open source application to communicate
sensitive ...)
TODO: check
CVE-2024-51758 (Filament is a collection of full-stack components for
accelerated Lara ...)
- TODO: check
+ NOT-FOR-US: Filament
CVE-2024-51504 (When using IPAuthenticationProvider in ZooKeeper Admin Server
there is ...)
TODO: check
CVE-2024-51428 (An issue in Espressif Esp idf v5.3.0 allows attackers to cause
a Denia ...)
TODO: check
CVE-2024-48954 (An issue was discovered in Logpoint before 7.5.0. Unvalidated
input du ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-48953 (An issue was discovered in Logpoint before 7.5.0. Endpoints
for creati ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-48952 (An issue was discovered in Logpoint before 7.5.0. SOAR uses a
static J ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-48951 (An issue was discovered in Logpoint before 7.5.0. Server-Side
Request ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-48950 (An issue was discovered in Logpoint before 7.5.0. An endpoint
used by ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2024-48290 (An issue in the Bluetooth Low Energy implementation of Realtek
RTL8762 ...)
- TODO: check
+ NOT-FOR-US: Realtek
CVE-2024-47073 (DataEase is an open source data visualization analysis tool
that helps ...)
- TODO: check
+ NOT-FOR-US: DataEase
CVE-2024-45794 (devtron is an open source tool integration platform for
Kubernetes. In ...)
- TODO: check
+ NOT-FOR-US: devtron
CVE-2024-43438 (A flaw was found in Feedback. Bulk messaging in the activity's
non-res ...)
TODO: check
CVE-2024-43436 (A SQL injection risk flaw was found in the XMLDB editor tool
available ...)
@@ -49,35 +49,35 @@ CVE-2024-43426 (A flaw was found in pdfTeX. Insufficient
sanitizing in the TeX n
CVE-2024-43425 (A flaw was found in Moodle. Additional restrictions are
required to av ...)
TODO: check
CVE-2024-40715 (A vulnerability in Veeam Backup & Replication Enterprise
Manager has b ...)
- TODO: check
+ NOT-FOR-US: Veeam
CVE-2024-30142 (HCL BigFix Compliance is affected by a missing secure flag on
a cookie ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-30141 (HCL BigFix Compliance is vulnerable to the generation of error
message ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-30140 (HCL BigFix Compliance is affected by unvalidated redirects and
forward ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-24914 (Authenticated Gaia users can inject code or commands by global
variabl ...)
TODO: check
CVE-2024-10969 (A vulnerability was found in 1000 Projects Bookstore
Management System ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10968 (A vulnerability was found in 1000 Projects Bookstore
Management System ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10967 (A vulnerability was found in code-projects E-Health Care
System 1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects E-Health Care System
CVE-2024-10966 (A vulnerability, which was classified as critical, has been
found in T ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-10965 (A vulnerability classified as problematic was found in emqx
neuron up ...)
- TODO: check
+ NOT-FOR-US: emqx neuron
CVE-2024-10964 (A vulnerability classified as critical has been found in emqx
neuron u ...)
- TODO: check
+ NOT-FOR-US: emqx neuron
CVE-2024-10963 (A vulnerability was found in pam_access due to the improper
handling o ...)
TODO: check
CVE-2024-10668 (There exists an auth bypass in Google Quickshare where an
attacker can ...)
TODO: check
CVE-2024-10526 (Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer
from a ...)
- TODO: check
+ NOT-FOR-US: Rapid7 Velociraptor MSI Installer
CVE-2024-10203 (Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21
and below ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2024-50172 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 6.11.6-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -352265,7 +352265,7 @@ CVE-2020-11928 (In the media-library-assistant plugin
before 2.82 for WordPress,
CVE-2020-11927
RESERVED
CVE-2020-11926 (An issue was discovered in Luvion Grand Elite 3 Connect
through 2020-0 ...)
- TODO: check
+ NOT-FOR-US: Luvion Grand Elite 3 Connect
CVE-2020-11925 (An issue was discovered in Luvion Grand Elite 3 Connect
through 2020-0 ...)
NOT-FOR-US: Luvion Grand Elite 3 Connect
CVE-2020-11924 (An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi
credentials ar ...)
@@ -352279,13 +352279,13 @@ CVE-2020-11921 (An issue was discovered in Lush 2
through 2020-02-25. Due to the
CVE-2020-11920 (An issue was discovered in Svakom Siime Eye
14.1.00000001.3.330.0.0.3. ...)
NOT-FOR-US: Svakom Siime Eye
CVE-2020-11919 (An issue was discovered in Siime Eye
14.1.00000001.3.330.0.0.3.14. The ...)
- TODO: check
+ NOT-FOR-US: Siime Eye
CVE-2020-11918 (An issue was discovered in Siime Eye
14.1.00000001.3.330.0.0.3.14. Whe ...)
- TODO: check
+ NOT-FOR-US: Siime Eye
CVE-2020-11917 (An issue was discovered in Siime Eye
14.1.00000001.3.330.0.0.3.14. It ...)
- TODO: check
+ NOT-FOR-US: Siime Eye
CVE-2020-11916 (An issue was discovered in Siime Eye
14.1.00000001.3.330.0.0.3.14. The ...)
- TODO: check
+ NOT-FOR-US: Siime Eye
CVE-2020-11915 (An issue was discovered in Svakom Siime Eye
14.1.00000001.3.330.0.0.3. ...)
NOT-FOR-US: Svakom Siime Eye
CVE-2019-20786 (handleIncomingPacket in conn.go in Pion DTLS before 1.5.2
lacks a chec ...)
@@ -360559,11 +360559,11 @@ CVE-2019-20461
CVE-2019-20460
RESERVED
CVE-2019-20459 (An issue was discovered on Epson Expression Home XP255
20.08.FM10I8 de ...)
- TODO: check
+ NOT-FOR-US: Epson Expression Home XP255
CVE-2019-20458 (An issue was discovered on Epson Expression Home XP255
20.08.FM10I8 de ...)
- TODO: check
+ NOT-FOR-US: Epson Expression Home XP255
CVE-2019-20457 (An issue was discovered on Brother MFC-J491DW C1806180757
devices. The ...)
- TODO: check
+ NOT-FOR-US: Brother
CVE-2020-9007 (Codoforum 4.8.8 allows self-XSS via the title of a new topic.)
NOT-FOR-US: Codoforum
CVE-2020-9006 (The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is
vulner ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bc54873c13e0c700a7ce116e01a1f5904d23123
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bc54873c13e0c700a7ce116e01a1f5904d23123
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
