Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b739c116 by Salvatore Bonaccorso at 2024-11-08T09:23:57+01:00
Proces some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,81 +1,81 @@
CVE-2024-8810 (A GitHub App installed in organizations could upgrade some
permissions ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-8424 (Improper Privilege Management vulnerability in WatchGuard EPDR,
Panda ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2024-7982 (The Registrations for the Events Calendar WordPress plugin
before 2.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51998 (changedetection.io is a free open source web page change
detection too ...)
- TODO: check
+ NOT-FOR-US: changedetection.io
CVE-2024-51987 (Duende.AccessTokenManagement.OpenIdConnect is a set of .NET
libraries ...)
TODO: check
CVE-2024-51434 (Inconsistent <plaintext> tag parsing allows for XSS in Froala
WYSIWYG ...)
- TODO: check
+ NOT-FOR-US: Froala WYSIWYG editor
CVE-2024-50766 (SourceCodester Survey Application System 1.0 is vulnerable to
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Survey Application System
CVE-2024-50599 (A reflected Cross-Site Scripting (XSS) vulnerability has been
identifi ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-49524 (Adobe Experience Manager versions 6.5.20 and earlier are
affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49523 (Adobe Experience Manager versions 6.5.20 and earlier are
affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-48011 (Dell PowerProtect DD, versions prior to 7.7.5.50, contains an
Exposure ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-48010 (Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10,
7.10.1.40, ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-47072 (XStream is a simple library to serialize objects to XML and
back again ...)
TODO: check
CVE-2024-46961 (The Inshot com.downloader.privatebrowser (aka Video Downloader
- XDown ...)
- TODO: check
+ NOT-FOR-US: Inshot com.downloader.privatebrowser (aka Video Downloader
- XDownloader) application
CVE-2024-46960 (The ASD com.rocks.video.downloader (aka HD Video Downloader
All Format ...)
- TODO: check
+ NOT-FOR-US: ASD com.rocks.video.downloader application
CVE-2024-45759 (Dell PowerProtect Data Domain, versions prior to 8.1.0.0,
7.13.1.10, 7 ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-36064 (The NLL com.nll.cb (aka ACR Phone) application through
0.330-playStore ...)
- TODO: check
+ NOT-FOR-US: NLL com.nll.cb (aka ACR Phone) application
CVE-2024-36063 (The Goodwy com.goodwy.dialer (aka Right Dialer) application
through 5. ...)
- TODO: check
+ NOT-FOR-US: Goodwy com.goodwy.dialer (aka Right Dialer) application
CVE-2024-36062 (The com.callassistant.android (aka AI Call Assistant &
Screener) appli ...)
- TODO: check
+ NOT-FOR-US: com.callassistant.android (aka AI Call Assistant &
Screener) application
CVE-2024-24409 (Zohocorp ManageEngine ADManager Plus versions 7203 and prior
are vulne ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2024-21538 (Versions of the package cross-spawn before 7.0.5 are
vulnerable to Reg ...)
TODO: check
CVE-2024-11000 (A vulnerability classified as problematic was found in
CodeAstro Real ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Real Estate Management System
CVE-2024-10999 (A vulnerability classified as problematic has been found in
CodeAstro ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Real Estate Management System
CVE-2024-10998 (A vulnerability was found in 1000 Projects Bookstore
Management System ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10997 (A vulnerability was found in 1000 Projects Bookstore
Management System ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10996 (A vulnerability was found in 1000 Projects Bookstore
Management System ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10995 (A vulnerability was found in Codezips Hospital Appointment
System 1.0 ...)
- TODO: check
+ NOT-FOR-US: Codezips Hospital Appointment System
CVE-2024-10994 (A vulnerability has been found in Codezips Online Institute
Management ...)
- TODO: check
+ NOT-FOR-US: Codezips Online Institute Management System
CVE-2024-10993 (A vulnerability, which was classified as critical, was found
in Codezi ...)
- TODO: check
+ NOT-FOR-US: Codezips Online Institute Management System
CVE-2024-10991 (A vulnerability, which was classified as critical, has been
found in C ...)
- TODO: check
+ NOT-FOR-US: Codezips Hospital Appointment System
CVE-2024-10990 (A vulnerability classified as critical was found in
SourceCodester Onl ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Veterinary Appointment System
CVE-2024-10989 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects E-Health Care System
CVE-2024-10988 (A vulnerability was found in code-projects E-Health Care
System 1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects E-Health Care System
CVE-2024-10987 (A vulnerability was found in code-projects E-Health Care
System 1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects E-Health Care System
CVE-2024-10975 (Nomad Community and Nomad Enterprise ("Nomad") volume
specification is ...)
TODO: check
CVE-2024-10824 (An authorization bypass vulnerability was identified in GitHub
Enterpr ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-10621 (The Simple Shortcode for Google Maps plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10269 (The Easy SVG Support plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10007 (A path collision and arbitrary code execution vulnerability
was identi ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-50211 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 6.11.6-1
NOTE:
https://git.kernel.org/linus/c226964ec786f3797ed389a16392ce4357697d24 (6.12-rc2)
@@ -133226,7 +133226,7 @@ CVE-2023-27197 (PAX A930 device with
PayDroid_7.1.1_Virgo_V04.5.02_20220722 can
CVE-2023-27196
RESERVED
CVE-2023-27195 (Trimble TM4Web 22.2.0 allows unauthenticated attackers to
access /inc/ ...)
- TODO: check
+ NOT-FOR-US: Trimble TM4Web
CVE-2023-27194
RESERVED
CVE-2023-27193 (An issue found in DUALSPACE v.1.1.3 allows a local attacker to
gain pr ...)
@@ -360784,13 +360784,13 @@ CVE-2020-9008 (Stored Cross-site scripting (XSS)
vulnerability in Blackboard Lea
CVE-2019-20473 (An issue was discovered on TK-Star Q90 Junior GPS horloge
3.1042.9.865 ...)
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20472 (An issue was discovered on One2Track 2019-12-08 devices. Any
SIM card ...)
- TODO: check
+ NOT-FOR-US: One2Track
CVE-2019-20471 (An issue was discovered on TK-Star Q90 Junior GPS horloge
3.1042.9.865 ...)
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20470 (An issue was discovered on TK-Star Q90 Junior GPS horloge
3.1042.9.865 ...)
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20469 (An issue was discovered on One2Track 2019-12-08 devices.
Confidential ...)
- TODO: check
+ NOT-FOR-US: One2Track
CVE-2019-20468 (An issue was discovered in SeTracker2 for TK-Star Q90 Junior
GPS horlo ...)
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20467 (An issue was discovered on Sannce Smart HD Wifi Security
Camera EAN 2 ...)
@@ -360804,11 +360804,11 @@ CVE-2019-20464 (An issue was discovered on Sannce
Smart HD Wifi Security Camera
CVE-2019-20463 (An issue was discovered on Sannce Smart HD Wifi Security
Camera EAN 2 ...)
NOT-FOR-US: Sannce Smart HD Wifi Security Camera EAN 2 950004 595317
devices
CVE-2019-20462 (An issue was discovered on Alecto IVM-100 2019-11-12 devices.
The devi ...)
- TODO: check
+ NOT-FOR-US: Alecto
CVE-2019-20461 (An issue was discovered on Alecto IVM-100 2019-11-12 devices.
The devi ...)
- TODO: check
+ NOT-FOR-US: Alecto
CVE-2019-20460 (An issue was discovered on Epson Expression Home XP255
20.08.FM10I8 de ...)
- TODO: check
+ NOT-FOR-US: Epson
CVE-2019-20459 (An issue was discovered on Epson Expression Home XP255
20.08.FM10I8 de ...)
NOT-FOR-US: Epson Expression Home XP255
CVE-2019-20458 (An issue was discovered on Epson Expression Home XP255
20.08.FM10I8 de ...)
@@ -363379,7 +363379,7 @@ CVE-2020-8009 (AVB MOTU devices through 2020-01-22
allow /.. Directory Traversal
CVE-2020-8008
RESERVED
CVE-2020-8007 (The pwrstudio web application of EV Charger (in the server in
Circontr ...)
- TODO: check
+ NOT-FOR-US: pwrstudio web application of EV Charger
CVE-2020-8006 (The server in Circontrol Raption through 5.11.2 has a
pre-authenticati ...)
NOT-FOR-US: Circontrol Raption
CVE-2020-8005
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b739c116bc42d0e0d048d8cb862268502fb7d113
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b739c116bc42d0e0d048d8cb862268502fb7d113
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
