Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6f25390e by Moritz Muehlenhoff at 2024-11-29T10:20:57+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,45 +13,45 @@ CVE-2024-54123 (Backdrop CMS before 1.28.4 and 1.29.x
before 1.29.2 allows XSS v
CVE-2024-53701 (Multiple FCNT Android devices provide the original security
features s ...)
NOT-FOR-US: FCNT Android devices
CVE-2024-45495 (MSA FieldServer Gateway 5.0.0 through 6.5.2 allows
cross-origin WebSoc ...)
- TODO: check
+ NOT-FOR-US: MSA FieldServer Gateway
CVE-2024-39162 (pyspider through 0.3.10 allows /update XSS. NOTE: This
vulnerability o ...)
- TODO: check
+ NOT-FOR-US: pyspider
CVE-2024-35451 (LinkStack 2.7.9 through 4.7.7 allows
resources\views\components\favico ...)
- TODO: check
+ NOT-FOR-US: LinkStack
CVE-2024-11983 (Certain models of routers from Billion Electric has an OS
Command Inje ...)
- TODO: check
+ NOT-FOR-US: Billion Electric routers
CVE-2024-11982 (Certain models of routers from Billion Electric has a
Plaintext Storag ...)
- TODO: check
+ NOT-FOR-US: Billion Electric routers
CVE-2024-11981 (Certain models of routers from Billion Electric has an
Authentication ...)
- TODO: check
+ NOT-FOR-US: Billion Electric routers
CVE-2024-11980 (Certain modes of routers from Billion Electric have a Missing
Authenti ...)
- TODO: check
+ NOT-FOR-US: Billion Electric routers
CVE-2024-11979 (DreamMaker from Interinfo has a Path Traversal vulnerability
and does ...)
- TODO: check
+ NOT-FOR-US: DreamMaker
CVE-2024-11978 (DreamMaker from Interinfo has a Path Traversal vulnerability,
allowing ...)
- TODO: check
+ NOT-FOR-US: DreamMaker
CVE-2024-11971 (A vulnerability classified as problematic was found in Guizhou
Xiaoma ...)
- TODO: check
+ NOT-FOR-US: Guizhou Xiaoma Technology
CVE-2024-11970 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects Concert Ticket Ordering System
CVE-2024-11482 (A vulnerability in ESM 11.6.10 allows unauthenticated access
to the in ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2024-11481 (A vulnerability in ESM 11.6.10 allows unauthenticated access
to the in ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2024-11014 (Cross-site request forgery (CSRF) vulnerability in NEC
Corporation UNI ...)
- TODO: check
+ NOT-FOR-US: NEC
CVE-2024-11013 (Command Injection vulnerability in NEC Corporation UNIVERGE IX
from Ve ...)
- TODO: check
+ NOT-FOR-US: NEC
CVE-2024-10980 (The Element Pack Elementor Addons (Header Footer, Template
Library, Dy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10704 (The Photo Gallery by 10Web WordPress plugin before 1.8.31
does not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9669 (The File Manager Pro \u2013 Filester plugin for WordPress is
vulnerabl ...)
NOT-FOR-US: WordPress plugin
CVE-2024-8672 (The Widget Options \u2013 The #1 WordPress Widget & Block
Control Plug ...)
NOT-FOR-US: WordPress plugin
CVE-2024-8308 (A low privileged remote attacker can insert a SQL injection
inthe web ...)
- TODO: check
+ NOT-FOR-US: UmweltOffice
CVE-2024-8066 (The File Manager Pro \u2013 Filester plugin for WordPress is
vulnerabl ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7747 (The Wallet for WooCommerce plugin for WordPress is vulnerable
to incor ...)
@@ -89,75 +89,75 @@ CVE-2024-52475 (Authentication Bypass Using an Alternate
Path or Channel vulnera
CVE-2024-52474 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2024-52338 (Deserialization of untrusted data in IPC and Parquet readers
in the Ap ...)
- TODO: check
+ NOT-FOR-US: Apache Arrow R package
CVE-2024-52283 (Missing sanitation of inputs allowed arbitrary users to
conduct a stor ...)
- TODO: check
+ NOT-FOR-US: SuSE hackweek
CVE-2024-49503 (A Improper Neutralization of Input During Web Page Generation
(XSS or ...)
- TODO: check
+ NOT-FOR-US: SUSE manager
CVE-2024-49502 (A Improper Neutralization of Input During Web Page Generation
(XSS or ...)
- TODO: check
+ NOT-FOR-US: SUSE manager
CVE-2024-22038 (Various problems in obs-scm-bridge allows attackers that
create specia ...)
- TODO: check
+ NOT-FOR-US: obs-scm-bridge
CVE-2024-22037 (The uyuni-server-attestation systemd service needs a
database_password ...)
- TODO: check
+ NOT-FOR-US: SUSE manager
CVE-2024-11969 (The NetCloud Exchange client for Windows, version 1.110.50,
contains a ...)
- TODO: check
+ NOT-FOR-US: NetCloud Exchange
CVE-2024-11968 (A vulnerability was found in code-projects Farmacia up to 1.0.
It has ...)
- TODO: check
+ NOT-FOR-US: code-projects Farmacia
CVE-2024-11967 (A vulnerability was found in PHPGurukul Complaint Management
system 1. ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2024-11966 (A vulnerability was found in PHPGurukul Complaint Management
system 1. ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2024-11965 (A vulnerability has been found in PHPGurukul Complaint
Management syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2024-11964 (A vulnerability, which was classified as critical, was found
in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2024-11963 (A vulnerability, which was classified as critical, has been
found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects Responsive Hotel Site
CVE-2024-11962 (A vulnerability classified as critical was found in
code-projects Simp ...)
- TODO: check
+ NOT-FOR-US: code-projects Simple Car Rental System
CVE-2024-11961 (A vulnerability was found in Guangzhou Huayi Intelligent
Technology Je ...)
- TODO: check
+ NOT-FOR-US: Guangzhou Huayi Intelligent Technology
CVE-2024-11960 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has
been decl ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-11959 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has
been clas ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-11788 (The StreamWeasels YouTube Integration plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11786 (The Login with Vipps and MobilePay plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11761 (The LegalWeb Cloud plugin for WordPress is vulnerable to
Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11685 (The `Kudos Donations \u2013 Easy donations and payments with
Mollie` p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11684 (The Kudos Donations \u2013 Easy donations and payments with
Mollie plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11620 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11599 (Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x
<= 9.11 ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-11458 (The FAQ Builder AYS plugin for WordPress is vulnerable to
Reflected Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11431 (The Ragic Shortcode plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11402 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11366 (The SEO Landing Page Generator plugin for WordPress is
vulnerable to R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11333 (The HLS Player plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11203 (The EmbedPress \u2013 Embed PDF, 3D Flipbook, Social Feeds,
Google Doc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11103 (The Contest Gallery plugin for WordPress is vulnerable to
privilege es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11082 (The Tumult Hype Animations plugin for WordPress is vulnerable
to arbit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10798 (The Royal Elementor Addons and Templates plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10780 (The Restaurant & Cafe Addon for Elementor plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10670 (The Primary Addon for Elementor plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52922 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f25390ef5e27413f9f8983785a95f1a98b1e084
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f25390ef5e27413f9f8983785a95f1a98b1e084
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
