Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6ded1a6e by Salvatore Bonaccorso at 2024-11-22T13:30:36+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -51,101 +51,101 @@ CVE-2024-52053 (Stored Cross-Site Scripting in the
Manager component of Wowza St
CVE-2024-52052 (Wowza Streaming Engine below 4.9.1 permits an authenticated
Streaming ...)
NOT-FOR-US: Wowza
CVE-2024-51367 (An arbitrary file upload vulnerability in the component
\Users\usernam ...)
- TODO: check
+ NOT-FOR-US: BlackBoard
CVE-2024-51366 (An arbitrary file upload vulnerability in the component
\Roaming\Omega ...)
- TODO: check
+ NOT-FOR-US: OmegaT
CVE-2024-51365 (An arbitrary file upload vulnerability in the importSettings
method of ...)
TODO: check
CVE-2024-51364 (An arbitrary file upload vulnerability in ModbusMechanic v3.0
allows a ...)
- TODO: check
+ NOT-FOR-US: ModbusMechanic
CVE-2024-51337 (Cross Site Scripting vulnerability in Gibbon before v.27.0.01
and fixe ...)
- TODO: check
+ NOT-FOR-US: GibbonEdu Gibbon
CVE-2024-49588 (Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to
0.543.0 ...)
TODO: check
CVE-2024-49529 (InDesign Desktop versions 19.0, 20.0 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-48747 (An issue in alist-tvbox v1.7.1 allows a remote attacker to
execute arb ...)
TODO: check
CVE-2024-48288 (TP-Link TL-IPC42C V4.0_20211227_1.0.16 is vulnerable to
command inject ...)
TODO: check
CVE-2024-48286 (Linksys E3000 1.0.06.002_US is vulnerable to command injection
via the ...)
- TODO: check
+ NOT-FOR-US: Linksys E3000
CVE-2024-47142 (AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and
IXG-2C7-L ...)
- TODO: check
+ NOT-FOR-US: AIPHONE
CVE-2024-45837 (Use of hard-coded cryptographic key issue exists in AIPHONE IX
SYSTEM, ...)
- TODO: check
+ NOT-FOR-US: AIPHONE
CVE-2024-45517 (An issue was discovered in Zimbra Collaboration (ZCS) through
10.1. A ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-45514 (An issue was discovered in Zimbra Collaboration (ZCS) through
v10.1. A ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-45513 (An issue was discovered in Zimbra Collaboration (ZCS) through
10.1. A ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-45512 (An issue was discovered in webmail in Zimbra Collaboration
(ZCS) throu ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-45194 (In Zimbra Collaboration (ZCS) 9.0 and 10.0, a vulnerability in
the Web ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-39290 (Insufficiently protected credentials issue exists in AIPHONE
IX SYSTEM ...)
- TODO: check
+ NOT-FOR-US: AIPHONE
CVE-2024-38296 (Dell Edge Gateway 5200 (Coffee Lake S), versions prior to
12.0.94.2380 ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-31408 (OS command injection vulnerability exists in AIPHONE IX SYSTEM
and IXG ...)
- TODO: check
+ NOT-FOR-US: AIPHONE
CVE-2024-29224 (An OS command injection vulnerability exists in the NAT
parameter of G ...)
- TODO: check
+ NOT-FOR-US: GoCast
CVE-2024-28892 (An OS command injection vulnerability exists in the name
parameter of ...)
- TODO: check
+ NOT-FOR-US: GoCast
CVE-2024-28027 (Three OS command injection vulnerabilities exist in the web
interface ...)
- TODO: check
+ NOT-FOR-US: MC Technologies MC LR Router
CVE-2024-28026 (Three OS command injection vulnerabilities exist in the web
interface ...)
- TODO: check
+ NOT-FOR-US: MC Technologies MC LR Router
CVE-2024-28025 (Three OS command injection vulnerabilities exist in the web
interface ...)
- TODO: check
+ NOT-FOR-US: MC Technologies MC LR Router
CVE-2024-21855 (A lack of authentication vulnerability exists in the HTTP API
function ...)
- TODO: check
+ NOT-FOR-US: GoCast
CVE-2024-21786 (An OS command injection vulnerability exists in the web
interface conf ...)
- TODO: check
+ NOT-FOR-US: MC Technologies MC LR Router
CVE-2024-11601 (The Sky Addons for Elementor (Free Templates Library, Live
Copy, Anima ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11592 (A vulnerability has been found in 1000 Projects Beauty Parlour
Managem ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Beauty Parlour Management System
CVE-2024-11591 (A vulnerability, which was classified as critical, was found
in 1000 P ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Beauty Parlour Management System
CVE-2024-11590 (A vulnerability, which was classified as critical, has been
found in 1 ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-11589 (A vulnerability classified as critical was found in
itsourcecode Tailo ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-11588 (A vulnerability was found in AVL-DiTEST-DiagDev libdoip 1.0.0.
It has ...)
TODO: check
CVE-2024-11587 (A vulnerability was found in idcCMS 1.60. It has been
classified as pr ...)
- TODO: check
+ NOT-FOR-US: idcCMS
CVE-2024-11456 (The Run Contests, Raffles, and Giveaways with ContestsWP
plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11381 (The Control horas plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11371 (The Theater for WordPress plugin for WordPress is vulnerable
to Reflec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11355 (The Ultimate YouTube Video & Shorts Player With Vimeo plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11320 (Arbitrary commands execution on the server by exploiting a
command inj ...)
- TODO: check
+ NOT-FOR-US: Pandora FMS
CVE-2024-11225 (The Premium Packages \u2013 Sell Digital Products Securely
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11104 (The Sky Addons for Elementor (Free Templates Library, Live
Copy, Anima ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11089 (The Anonymous Restricted Content plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11088 (The Simple Membership plugin for WordPress is vulnerable to
Sensitive ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10792 (The Easiest Funnel Builder For WordPress & WooCommerce by
WPFunnels pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10675 (The affiliate-toolkit plugin for WordPress is vulnerable to
Reflected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10666 (The Easy Twitter Feed \u2013 Twitter feeds plugin for WP
plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10316 (The Stratum \u2013 Elementor Widgets plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10034 (The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video
, YouTub ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52067 (Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through
2.0.0-M4 includ ...)
NOT-FOR-US: Apache NiFi
CVE-2024-11596 (ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to
4.2.8 al ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ded1a6eb3621bbf6e25a3d5a999066ed39a01de
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ded1a6eb3621bbf6e25a3d5a999066ed39a01de
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
