Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2ac2cc4e by Salvatore Bonaccorso at 2024-11-13T22:17:05+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
CVE-2024-9682 (The Royal Elementor Addons and Templates plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9668 (The Royal Elementor Addons and Templates plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9477 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: AirTies Air4443 Firmware
CVE-2024-9476 (A vulnerability in Grafana Labs Grafana OSS and Enterprise
allows Priv ...)
TODO: check
CVE-2024-9413 (The transport_message_handler function in SCP-Firmware release
version ...)
TODO: check
CVE-2024-9059 (The Royal Elementor Addons and Templates plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8049 (In Progress Telerik Document Processing Libraries, versions
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: Progress Telerik
CVE-2024-8001 (A vulnerability was found in VIWIS LMS 9.11. It has been
classified as ...)
- TODO: check
+ NOT-FOR-US: VIWIS LMS
CVE-2024-7295 (In Progress\xae Telerik\xae Report Server versions prior to
2024 Q4 (1 ...)
- TODO: check
+ NOT-FOR-US: Progress Telerik
CVE-2024-52306 (FileManager provides a Backpack admin interface for files and
folder. ...)
TODO: check
CVE-2024-52305 (UnoPim is an open-source Product Information Management (PIM)
system b ...)
@@ -27,33 +27,33 @@ CVE-2024-52299 (macro-pdfviewer is a PDF Viewer Macro for
XWiki using Mozilla pd
CVE-2024-52298 (macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla
pdf.js. ...)
TODO: check
CVE-2024-52295 (DataEase is an open source data visualization analysis tool.
Prior to ...)
- TODO: check
+ NOT-FOR-US: DataEase
CVE-2024-52293 (Craft is a content management system (CMS). Prior to 4.12.2
and 5.4.3, ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2024-52292 (Craft is a content management system (CMS). The dataUrl
function can b ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2024-52291 (Craft is a content management system (CMS). A vulnerability in
CraftCM ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2024-51996 (Symphony process is a module for the Symphony PHP framework
which exec ...)
TODO: check
CVE-2024-50972 (A SQL injection vulnerability in printtool.php of Itsourcecode
Constru ...)
- TODO: check
+ NOT-FOR-US: Itsourcecode Construction Management System
CVE-2024-50971 (A SQL injection vulnerability in print.php of Itsourcecode
Constructio ...)
- TODO: check
+ NOT-FOR-US: Itsourcecode Construction Management System
CVE-2024-50970 (A SQL injection vulnerability in orderview1.php of
Itsourcecode Online ...)
- TODO: check
+ NOT-FOR-US: Itsourcecode Online Furniture Shopping Project
CVE-2024-50969 (A Reflected cross-site scripting (XSS) vulnerability in
browse.php of ...)
- TODO: check
+ NOT-FOR-US: Code-projects Jonnys Liquor
CVE-2024-50854 (Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack
overflow v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-50853 (Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command
injectio ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-50852 (Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command
injectio ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-49506 (Insecure creation of temporary files allows local users on
systems wit ...)
TODO: check
CVE-2024-49505 (A Improper Neutralization of Input During Web Page Generation
('Cross- ...)
- TODO: check
+ NOT-FOR-US: openSUSE Tumbleweed MirrorCache
CVE-2024-49504 (grub2 allowed attackers with access to the grub shell to
access files ...)
TODO: check
CVE-2024-49379 (Umbrel is a home server OS for self-hosting. The login
functionality o ...)
@@ -65,7 +65,7 @@ CVE-2024-48900 (A vulnerability was found in Moodle.
Additional checks are requi
CVE-2024-48510 (Directory Traversal vulnerability in DotNetZip v.1.16.0 and
before all ...)
TODO: check
CVE-2024-47574 (A authentication bypass using an alternate path or channel in
Fortinet ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-45594 (Decidim is a participatory democracy framework. The meeting
embeds fea ...)
TODO: check
CVE-2024-43093 (In shouldHideDocument of ExternalStorageProvider.java, there
is a poss ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ac2cc4e5425444e12a05c33be42f5e6a1c0dae5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ac2cc4e5425444e12a05c33be42f5e6a1c0dae5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
