Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3893f87b by Salvatore Bonaccorso at 2024-12-17T21:33:15+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
CVE-2024-9819 (Authorization Bypass Through User-Controlled Key vulnerability
in Next ...)
- TODO: check
+ NOT-FOR-US: NextGeography NG Analyser
CVE-2024-9654 (The Easy Digital Downloads plugin for WordPress is vulnerable
to Impro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8972 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Mobil365 Informatics Saha365 App
CVE-2024-8475 (Authentication Bypass by Assumed-Immutable Data vulnerability
in Digit ...)
- TODO: check
+ NOT-FOR-US: Digital Operation Services WiFiBurada
CVE-2024-8429 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Digital Operation Services WiFiBurada
CVE-2024-8326 (The s2Member \u2013 Excellent for All Kinds of Memberships,
Content Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56139 (pdftools is a high level tools to convert PDF files to ePUB
formats. I ...)
TODO: check
CVE-2024-55516 (A vulnerability was found in Raisecom MSG1200, MSG2100E,
MSG2200, and ...)
- TODO: check
+ NOT-FOR-US: Raisecom
CVE-2024-55515 (A vulnerability was found in Raisecom MSG1200, MSG2100E,
MSG2200, and ...)
- TODO: check
+ NOT-FOR-US: Raisecom
CVE-2024-55514 (A vulnerability was found in Raisecom MSG1200, MSG2100E,
MSG2200, and ...)
- TODO: check
+ NOT-FOR-US: Raisecom
CVE-2024-55513 (A vulnerability was found in Raisecom MSG1200, MSG2100E,
MSG2200, and ...)
- TODO: check
+ NOT-FOR-US: Raisecom
CVE-2024-55496 (A vulnerability has been found in the 1000projects Bookstore
Managemen ...)
- TODO: check
+ NOT-FOR-US: 1000projects Bookstore Management System PHP MySQL Project
CVE-2024-54677 (Uncontrolled Resource Consumption vulnerability in the
examples web ap ...)
TODO: check
CVE-2024-54662 (Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect
access contro ...)
TODO: check
CVE-2024-52542 (Dell AppSync, version 4.6.0.x, contain a Symbolic Link
(Symlink) Follo ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-51479 (Next.js is a React framework for building full-stack web
applications. ...)
TODO: check
CVE-2024-50379 (Time-of-check Time-of-use (TOCTOU) Race Condition
vulnerability during ...)
@@ -45,65 +45,65 @@ CVE-2024-49816 (IBM Security Guardium Key Lifecycle Manager
4.1, 4.1.1, 4.2.0, a
CVE-2024-49194 (Databricks JDBC Driver before 2.6.40 could potentially allow
remote co ...)
TODO: check
CVE-2024-42194 (An improper handling of insufficient permissions or privileges
affects ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-37607 (A Buffer overflow vulnerability in D-Link DAP-2555
REVA_FIRMWARE_1.20 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-37606 (A Stack overflow vulnerability in D-Link DCS-932L
REVB_FIRMWARE_2.18.0 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-37605 (A NULL pointer dereference in D-Link DIR-860L
REVB_FIRMWARE_2.04.B04_i ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-36832 (A NULL pointer dereference in D-Link DAP-1513
REVA_FIRMWARE_1.01 allow ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-36831 (A NULL pointer dereference in the
plugins_call_handle_uri_clean functi ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-12671 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12670 (A maliciously crafted DWF file, when parsed through Autodesk
Naviswork ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12669 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12601 (The Calculated Fields Form plugin for WordPress is vulnerable
to Denia ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12469 (The WP BASE Booking of Appointments, Services and Events
plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12395 (The WooCommerce Additional Fees On Checkout (Free) plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12293 (The User Role Editor plugin for WordPress is vulnerable to
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12200 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12199 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12198 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12197 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12194 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12193 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12192 (A maliciously crafted DWF file, when parsed through Autodesk
Naviswork ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12191 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12179 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12178 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-12127 (The Learning Management System, eLearning, Course Builder,
WordPress L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12024 (The EventPrime \u2013 Events Calendar, Bookings and Tickets
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11422 (A maliciously crafted DWFX file, when parsed through Autodesk
Naviswor ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-11294 (The Memberful plugin for WordPress is vulnerable to Sensitive
Informat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11280 (The PPWP \u2013 Password Protect Pages plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10476 (Default credentials are used in the above listed BD Diagnostic
Solutio ...)
- TODO: check
+ NOT-FOR-US: BD Diagnostic Solutions
CVE-2024-10356 (The ElementsReady Addons for Elementor plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11614
- dpdk 24.11.1-1
NOTE: Introduced by:
https://git.dpdk.org/dpdk/commit/?id=ca7036b4af3a82d258cca914e71171434b3d0320
(main, v21.05-rc2)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3893f87b9843db799df34ffa1211ae16fc233aec
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3893f87b9843db799df34ffa1211ae16fc233aec
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
