Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9acd1d42 by Moritz Muehlenhoff at 2024-12-03T14:51:19+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24,73 +24,73 @@ CVE-2024-53986 (rails-html-sanitizer is responsible for
sanitizing HTML fragment
CVE-2024-53985 (rails-html-sanitizer is responsible for sanitizing HTML
fragments in R ...)
NOT-FOR-US: rails-html-sanitizer
CVE-2024-53941 (An issue was discovered in Victure RX1800 WiFi 6 Router
(software EN_V ...)
- TODO: check
+ NOT-FOR-US: Victure RX1800 WiFi 6 Route
CVE-2024-53940 (An issue was discovered in Victure RX1800 WiFi 6 Router
(software EN_V ...)
- TODO: check
+ NOT-FOR-US: Victure RX1800 WiFi 6 Route
CVE-2024-53939 (An issue was discovered in Victure RX1800 WiFi 6 Router
(software EN_V ...)
- TODO: check
+ NOT-FOR-US: Victure RX1800 WiFi 6 Route
CVE-2024-53938 (An issue was discovered in Victure RX1800 WiFi 6 Router
(software EN_V ...)
- TODO: check
+ NOT-FOR-US: Victure RX1800 WiFi 6 Route
CVE-2024-53937 (An issue was discovered on Victure RX1800 WiFi 6 Router
(software EN_V ...)
- TODO: check
+ NOT-FOR-US: Victure RX1800 WiFi 6 Route
CVE-2024-53477 (JFinal CMS 5.1.0 is vulnerable to Command Execution via
unauthorized e ...)
- TODO: check
+ NOT-FOR-US: JFinal CMS
CVE-2024-53375 (Authenticated remote code execution (RCE) vulnerabilities
affect TP-Li ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-49581 (Restricted Views backed objects (OSV1) could be bypassed under
specifi ...)
- TODO: check
+ NOT-FOR-US: Palantir
CVE-2024-49421 (Path traversal in Quick Share Agent prior to version 3.5.14.47
in Andr ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-49420 (Improper handling of responses in GamingHub prior to version
6.1.04.6 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-49419 (Insufficient verification of url authenticity in GamingHub
prior to ve ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-49418 (Insufficient verification of url authenticity in GamingHub
prior to ve ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-49417 (Use of implicit intent for sensitive communication in Smart
Touch Call ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-49416 (Use of implicit intent for sensitive communication in
SmartThings prio ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-49415 (Out-of-bound write in libsaped.so prior to SMR Dec-2024
Release 1 allo ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-49414 (Authentication Bypass Using an Alternate Path in Dex Mode
prior to SMR ...)
TODO: check
CVE-2024-49413 (Improper Verification of Cryptographic Signature in
SmartSwitch prior ...)
TODO: check
CVE-2024-49412 (Improper input validation in Settings prior to SMR Dec-2024
Release 1 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-49411 (Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1
allows p ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-49410 (Out-of-bounds write in libswmfextractor.so prior to SMR
Dec-2024 Relea ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-45068 (Authentication credentials leakage vulnerability in Hitachi
Ops Center ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-39890 (An issue was discovered in Samsung Mobile Processor, Wearable
Processo ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-11898 (The Scratch & Win \u2013 Giveaways and Contests. Boost
subscribers, tr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11853 (The jAlbum Bridge plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11805 (The Quick License Manager \u2013 WooCommerce Plugin plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11732 (The BP Profile Shortcodes Extra plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11707 (The My auctions allegro plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11461 (The Form Data Collector plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11453 (The WordPress Pinterest Plugin \u2013 Make a Popup, User
Profile, Maso ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10893 (The WP Booking Calendar WordPress plugin before 10.6.5 does
not saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10484 (The Spectra \u2013 WordPress Gutenberg Blocks plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8785 (In WhatsUp Gold versions released before 2024.0.1, aremote
unauthentic ...)
NOT-FOR-US: WhatsUp
CVE-2024-5890 (ServiceNow has addressed an HTML injection vulnerability that
was iden ...)
NOT-FOR-US: ServiceNow
CVE-2024-53992 (unzip-bot is a Telegram bot to extract various types of
archives. User ...)
- TODO: check
+ NOT-FOR-US: unzip-bot
CVE-2024-53990 (The AsyncHttpClient (AHC) library allows Java applications to
easily e ...)
TODO: check
CVE-2024-53984 (Nanopb is a small code-size Protocol Buffers implementation.
When the ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9acd1d42c4fdd555ba96b8fe78005b6057fc13a9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9acd1d42c4fdd555ba96b8fe78005b6057fc13a9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
