[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Tue, 26 Nov 2024 00:55:22 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
805f893a by Moritz Muehlenhoff at 2024-11-26T09:46:27+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,15 +17,15 @@ CVE-2024-53597 (masterstack_imgcap v0.0.1 was discovered to 
contain a SQL inject
 CVE-2024-53556 (An Open Redirect vulnerability in Taiga v6.8.1 allows 
attackers to red ...)
        NOT-FOR-US: Taiga
 CVE-2024-53554 (A Client-Side Template Injection (CSTI) vulnerability in the 
component ...)
-       TODO: check
+       NOT-FOR-US: Taiga
 CVE-2024-53278 (Cross-site scripting vulnerability exists in WP Admin UI 
Customize ver ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-52899 (IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could 
allow an au ...)
        NOT-FOR-US: IBM
 CVE-2024-50672 (A NoSQL injection vulnerability in Adapt Learning Adapt 
Authoring Tool ...)
-       TODO: check
+       NOT-FOR-US: Adapt Learning Adapt Authoring Tool
 CVE-2024-50671 (Incorrect access control in Adapt Learning Adapt Authoring 
Tool <= 0.1 ...)
-       TODO: check
+       NOT-FOR-US: Adapt Learning Adapt Authoring Tool
 CVE-2024-49597 (Dell Wyse Management Suite, versions WMS 4.4 and prior, 
contain an Imp ...)
        NOT-FOR-US: Dell
 CVE-2024-49596 (Dell Wyse Management Suite, version WMS 4.4 and prior, contain 
a Missi ...)
@@ -37,35 +37,35 @@ CVE-2024-49353 (IBM Watson Speech Services Cartridge for 
IBM Cloud Pak for Data
 CVE-2024-49351 (IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user 
credentials in  ...)
        NOT-FOR-US: IBM
 CVE-2024-47257 (Florent Thi\xe9ry has found that selected Axis devices were 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: AXIS
 CVE-2024-36254 (Out-of-bounds read vulnerability exists in Sharp Corporation 
and Toshi ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-36251 (The web interface of the affected devices process some crafted 
HTTP re ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-36249 (Cross-site scripting vulnerability exists in Sharp Corporation 
and Tos ...)
        NOT-FOR-US: Sharp
 CVE-2024-36248 (API keys for some cloud services are hardcoded in the "main" 
binary. A ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-35244 (There are several hidden accounts. Some of them are intended 
for maint ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-34162 (The web interface of the affected devices is designed to hide 
the LDAP ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-33616 (Admin authentication can be bypassed with some specific 
invalid creden ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-33610 ("sessionlist.html" and "sys_trayentryreboot.html" are 
accessible with  ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-33605 (Improper processing of some parameters of 
installed_emanual_list.html  ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-32151 (User passwords are decrypted and stored on memory before any 
user logg ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-29978 (User passwords are decrypted and stored on memory before any 
user logg ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-29146 (User passwords are decrypted and stored on memory before any 
user logg ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-28955 (Affected devices create coredump files when crashed, storing 
them with ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-28038 (The web interface of the affected devices processes a cookie 
value imp ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2024-11678 (A vulnerability was found in CodeAstro Hospital Management 
System 1.0. ...)
        NOT-FOR-US: CodeAstro Hospital Management System
 CVE-2024-11677 (A vulnerability was found in CodeAstro Hospital Management 
System 1.0. ...)
@@ -125,7 +125,7 @@ CVE-2024-53096 (In the Linux kernel, the following 
vulnerability has been resolv
        [bookworm] - linux 6.1.119-1
        NOTE: 
https://git.kernel.org/linus/5de195060b2e251a835f622759550e6202167641 (6.12-rc7)
 CVE-2024-8272 (The com.uaudio.bsd.helperservice, responsible for handling 
privileged  ...)
-       TODO: check
+       NOT-FOR-US: Universal Audio UAConnect
 CVE-2024-7915 (The application Sensei Mac Cleaner contains a local privilege 
escalati ...)
        NOT-FOR-US: Sensei Mac Cleaner
 CVE-2024-7056 (The WPForms  WordPress plugin before 1.9.1.6 does not sanitise 
and esc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/805f893ae428c66ed912bfadb2e416aa89355603

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/805f893ae428c66ed912bfadb2e416aa89355603
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to