Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
133f8843 by Salvatore Bonaccorso at 2024-11-12T09:49:28+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2024-9836 (The RSS Feed Widget WordPress plugin before 3.0.0 does not
validate an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9835 (The RSS Feed Widget WordPress plugin before 3.0.1 does not
escape the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9357 (The xili-tidy-tags plugin for WordPress is vulnerable to
Reflected Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8882 (A buffer overflow vulnerability in the CGI program in the Zyxel
GS1900 ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2024-8881 (A post-authentication command injection vulnerability in the
CGI progr ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2024-52533 (gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an
off-by-one erro ...)
TODO: check
CVE-2024-52532 (GNOME libsoup before 3.6.1 has an infinite loop, and memory
consumptio ...)
@@ -19,7 +19,7 @@ CVE-2024-52530 (GNOME libsoup before 3.6.0 allows HTTP
request smuggling in some
CVE-2024-52288 (libosdp is an implementation of IEC 60839-11-5 OSDP (Open
Supervised D ...)
TODO: check
CVE-2024-52286 (Stirling-PDF is a locally hosted web application that allows
you to pe ...)
- TODO: check
+ NOT-FOR-US: Stirling-PDF
CVE-2024-51992 (Orchid is a @laravel package that allows for rapid application
develop ...)
TODO: check
CVE-2024-51748 (Kanboard is project management software that focuses on the
Kanban met ...)
@@ -41,29 +41,29 @@ CVE-2024-51485 (Ampache is a web based audio/video
streaming application and fil
CVE-2024-51484 (Ampache is a web based audio/video streaming application and
file mana ...)
TODO: check
CVE-2024-51213 (Cross Site Scripting vulnerability in Online Shop Store v.1.0
allows a ...)
- TODO: check
+ NOT-FOR-US: Online Shop Store
CVE-2024-51190 (TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU
1.00b12 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2024-51189 (TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU
1.00b12 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2024-51188 (TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU
1.00b12 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2024-51187 (TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU
1.00b12 ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2024-51186 (D-Link DIR-820L 1.05b03 was discovered to contain a remote
code execut ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-51135 (An XML External Entity (XXE) vulnerability in the component
DocumentBu ...)
TODO: check
CVE-2024-51054 (A Cross Site Scriptng (XSS) vulnerability was found in
/omrs/admin/sea ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Online Marriage Registration System
CVE-2024-51026 (The NetAdmin IAM system (version 4.0.30319) has a Cross Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: NetAdmin IAM system
CVE-2024-50991 (A Cross Site Scripting (XSS) vulnerability was found in
/ums-sp/admin/ ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul User Management System
CVE-2024-50990 (A Reflected Cross Site Scriptng (XSS) vulnerability was found
in /omrs ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Online Marriage Registration System
CVE-2024-50989 (A SQL injection vulnerability in /omrs/admin/search.php in
PHPGurukul ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Online Marriage Registration System
CVE-2024-50667 (The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack
overflow vuln ...)
TODO: check
CVE-2024-50636 (PyMOL 2.5.0 contains a vulnerability in its "Run Script"
function, whi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/133f88436193741d7401b847885a856e97dec60a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/133f88436193741d7401b847885a856e97dec60a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
