Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
592986da by Salvatore Bonaccorso at 2024-11-29T09:17:22+01:00
Process new NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2024-9852 (Uncontrolled Search Path Element vulnerability in ICONICS
GENESIS64 al ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi Electric
CVE-2024-9044 (A XML External Entity (XXE) vulnerability has been identified
in Easy ...)
- TODO: check
+ NOT-FOR-US: Easy Tax Client Software
CVE-2024-8300 (Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2,
10.97.2 ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi Electric
CVE-2024-8299 (Uncontrolled Search Path Element vulnerability in ICONICS
GENESIS64 al ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi Electric
CVE-2024-54124 (In Click Studios Passwordstate before build 9920, there is a
potential ...)
- TODO: check
+ NOT-FOR-US: Click Studios Passwordstate
CVE-2024-54123 (Backdrop CMS before 1.28.4 and 1.29.x before 1.29.2 allows XSS
via an ...)
TODO: check
CVE-2024-53701 (Multiple FCNT Android devices provide the original security
features s ...)
- TODO: check
+ NOT-FOR-US: FCNT Android devices
CVE-2024-45495 (MSA FieldServer Gateway 5.0.0 through 6.5.2 allows
cross-origin WebSoc ...)
TODO: check
CVE-2024-39162 (pyspider through 0.3.10 allows /update XSS. NOTE: This
vulnerability o ...)
@@ -69,25 +69,25 @@ CVE-2024-53732 (Cross-Site Request Forgery (CSRF)
vulnerability in WP WOX Footer
CVE-2024-53731 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2024-52501 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52499 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52498 (Path Traversal: '.../...//' vulnerability in Softpulse
Infotech SP Blo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52497 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52496 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52495 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52490 (Unrestricted Upload of File with Dangerous Type vulnerability
in Patho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52481 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52475 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52474 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-52338 (Deserialization of untrusted data in IPC and Parquet readers
in the Ap ...)
TODO: check
CVE-2024-52283 (Missing sanitation of inputs allowed arbitrary users to
conduct a stor ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592986da3213ee473e2cdb602895addb6694e87a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592986da3213ee473e2cdb602895addb6694e87a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
