Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3e5efa63 by Moritz Muehlenhoff at 2025-01-15T09:39:11+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -535,7 +535,7 @@ CVE-2024-7344 (Howyar UEFI Application "Reloader" (32-bit
and 64-bit) is vulne
CVE-2024-5175
REJECTED
CVE-2024-56841 (A vulnerability has been identified in Mendix LDAP (All
versions < V1. ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56497 (An improper neutralization of special elements used in an os
command ( ...)
NOT-FOR-US: FortiGuard
CVE-2024-56374 (An issue was discovered in Django 5.1 before 5.1.5, 5.0 before
5.0.11, ...)
@@ -575,9 +575,9 @@ CVE-2024-53996
CVE-2024-53649 (A vulnerability has been identified in SIPROTEC 5 6MD84
(CP300) (All v ...)
NOT-FOR-US: Siemens
CVE-2024-53563 (A stored cross-site scripting (XSS) vulnerability in Arcadyan
Meteor 2 ...)
- TODO: check
+ NOT-FOR-US: Arcadyan Meteor
CVE-2024-53561 (A remote code execution (RCE) vulnerability in Arcadyan Meteor
2 CPE F ...)
- TODO: check
+ NOT-FOR-US: Arcadyan Meteor
CVE-2024-53263 (Git LFS is a Git extension for versioning large files. When
Git LFS re ...)
- git-lfs <unfixed> (bug #1093048)
NOTE:
https://github.com/git-lfs/git-lfs/security/advisories/GHSA-q6r2-x2cc-vrp7
@@ -597,7 +597,7 @@ CVE-2024-50564 (A use of hard-coded cryptographic key in
Fortinet FortiClientWin
CVE-2024-50338 (Git Credential Manager (GCM) is a secure Git credential helper
built o ...)
TODO: check
CVE-2024-49375 (Open source machine learning framework. A vulnerability has
been ident ...)
- TODO: check
+ NOT-FOR-US: Rasa
CVE-2024-48893 (An improper neutralization of input during web page generation
vulnera ...)
NOT-FOR-US: FortiGuard
CVE-2024-48890 (An improper neutralization of special elements used in an OS
command ( ...)
@@ -607,193 +607,193 @@ CVE-2024-48886 (A weak authentication in Fortinet
FortiOS versions 7.4.0 through
CVE-2024-48884 (A improper limitation of a pathname to a restricted directory
('path t ...)
NOT-FOR-US: FortiGuard
CVE-2024-48858 (Improper input validation in the PCX image codec in QNX SDP
versions 8 ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2024-48857 (NULL pointer dereference in the PCX image codec in QNX SDP
versions 8. ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2024-48856 (Out-of-bounds write in the PCX image codec in QNX SDP versions
8.0, 7. ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2024-48855 (Out-of-bounds read in the TIFF image codec in QNX SDP versions
8.0, 7. ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2024-48854 (Off-by-one error in the TIFF image codec in QNX SDP versions
8.0, 7.1 ...)
- TODO: check
+ NOT-FOR-US: QNX
CVE-2024-47572 (An improper neutralization of formula elements in a csv file
in Fortin ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-47571 (An operation on a resource after expiration or release in
Fortinet For ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-47566 (A improper limitation of a pathname to a restricted directory
('path t ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-47100 (A vulnerability has been identified in SIMATIC S7-1200 CPU
1211C AC/DC ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-46670 (AnOut-of-bounds Read vulnerability [CWE-125] in FortiOS
version 7.6.0, ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-46669 (AnInteger Overflow or Wraparound vulnerability [CWE-190] in
version 7. ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-46668 (An allocation of resources without limits or throttling
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-46667 (A allocation of resources without limits or throttling in
Fortinet For ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-46666 (An allocation of resources without limits or throttling
[CWE-770] vuln ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-46665 (An insertion of sensitive information into sent data
vulnerability [CW ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-46664 (A relative path traversal in Fortinet FortiRecorder [CWE-23]
version 7 ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-45627 (In Apache Linkis <1.7.0, due to the lack of effective
filtering of par ...)
- TODO: check
+ NOT-FOR-US: Apache Linkis
CVE-2024-45385 (A vulnerability has been identified in Industrial Edge
Management OS ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-45326 (AnImproper Access Control vulnerability [CWE-284] in
FortiDeceptor ver ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-42444 (APTIOV contains a vulnerability in BIOS where an attacker may
cause a ...)
- TODO: check
+ NOT-FOR-US: AMI
CVE-2024-40587 (An improper neutralization of special elements used in an OS
command ( ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-39803 (Multiple buffer overflow vulnerabilities exist in the qos.cgi
qos_sett ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39802 (Multiple buffer overflow vulnerabilities exist in the qos.cgi
qos_sett ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39801 (Multiple buffer overflow vulnerabilities exist in the qos.cgi
qos_sett ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39800 (Multiple external config control vulnerabilities exists in the
openvpn ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39799 (Multiple external config control vulnerabilities exists in the
openvpn ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39798 (Multiple external config control vulnerabilities exists in the
openvpn ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39795 (Multiple external config control vulnerabilities exist in the
nas.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39794 (Multiple external config control vulnerabilities exist in the
nas.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39793 (Multiple external config control vulnerabilities exist in the
nas.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39790 (Multiple external config control vulnerabilities exist in the
nas.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39789 (Multiple external config control vulnerabilities exist in the
nas.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39788 (Multiple external config control vulnerabilities exist in the
nas.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39787 (Multiple directory traversal vulnerabilities exist in the
nas.cgi add_ ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39786 (Multiple directory traversal vulnerabilities exist in the
nas.cgi add_ ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39785 (Multiple command execution vulnerabilities exist in the
nas.cgi add_di ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39784 (Multiple command execution vulnerabilities exist in the
nas.cgi add_di ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39783 (Multiple OS command injection vulnerabilities exist in the
adm.cgi sch ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39782 (Multiple OS command injection vulnerabilities exist in the
adm.cgi sch ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39781 (Multiple OS command injection vulnerabilities exist in the
adm.cgi sch ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39774 (A buffer overflow vulnerability exists in the adm.cgi
set_sys_adm() fu ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39773 (An information disclosure vulnerability exists in the
testsave.sh func ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39770 (Multiple buffer overflow vulnerabilities exist in the
internet.cgi set ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39769 (Multiple buffer overflow vulnerabilities exist in the
internet.cgi set ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39768 (Multiple buffer overflow vulnerabilities exist in the
internet.cgi set ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39765 (Multiple OS command injection vulnerabilities exist in the
internet.cg ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39764 (Multiple OS command injection vulnerabilities exist in the
internet.cg ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39763 (Multiple OS command injection vulnerabilities exist in the
internet.cg ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39762 (Multiple OS command injection vulnerabilities exist in the
internet.cg ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39761 (Multiple OS command injection vulnerabilities exist in the
login.cgi s ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39760 (Multiple OS command injection vulnerabilities exist in the
login.cgi s ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39759 (Multiple OS command injection vulnerabilities exist in the
login.cgi s ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39757 (A stack-based buffer overflow vulnerability exists in the
wireless.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39756 (A buffer overflow vulnerability exists in the adm.cgi
rep_as_router() ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39754 (A static login vulnerability exists in the wctrls
functionality of Wav ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39608 (A firmware update vulnerability exists in the login.cgi
functionality ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39604 (A command execution vulnerability exists in the
update_filter_url.sh f ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39603 (A stack-based buffer overflow vulnerability exists in the
wireless.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39602 (An external config control vulnerability exists in the nas.cgi
set_nas ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39370 (An arbitrary code execution vulnerability exists in the
adm.cgi set_Me ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39367 (An os command injection vulnerability exists in the
firewall.cgi iptab ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39363 (A cross-site scripting (xss) vulnerability exists in the
login.cgi set ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39360 (An os command injection vulnerability exists in the nas.cgi
remove_dir ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39359 (A stack-based buffer overflow vulnerability exists in the
wireless.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39358 (A buffer overflow vulnerability exists in the adm.cgi
set_wzap() funct ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39357 (A stack-based buffer overflow vulnerability exists in the
wireless.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39299 (A buffer overflow vulnerability exists in the qos.cgi
qos_sta_settings ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39294 (A buffer overflow vulnerability exists in the adm.cgi
set_wzdgw4G() fu ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39288 (A buffer overflow vulnerability exists in the internet.cgi
set_add_rou ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39280 (An external config control vulnerability exists in the nas.cgi
set_smb ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-39273 (A firmware update vulnerability exists in the fw_check.sh
functionalit ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-38666 (An external config control vulnerability exists in the
openvpn.cgi ope ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-37357 (A buffer overflow vulnerability exists in the adm.cgi
set_TR069() func ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-37186 (An os command injection vulnerability exists in the adm.cgi
set_ledono ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-37184 (A buffer overflow vulnerability exists in the adm.cgi
rep_as_bridge() ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-36512 (An improper limitation of a pathname to a restricted directory
('path ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-36510 (An observable response discrepancy vulnerability [CWE-204] in
FortiCli ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-36506 (An improper verification of source of a communication channel
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-36504 (An out-of-bounds read vulnerability [CWE-125] in FortiOS
SSLVPN web po ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-36493 (A stack-based buffer overflow vulnerability exists in the
wireless.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-36295 (A command execution vulnerability exists in the qos.cgi
qos_sta() func ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-36290 (A buffer overflow vulnerability exists in the login.cgi
Goto_chidx() f ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-36272 (A buffer overflow vulnerability exists in the usbip.cgi
set_info() fun ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-36258 (A stack-based buffer overflow vulnerability exists in the
touchlist_sy ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-35278 (A improper neutralization of special elements used in an sql
command ( ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-35277 (A missing authentication for critical function in Fortinet
FortiPortal ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-35276 (A stack-based buffer overflow in Fortinet FortiAnalyzer
versions 7.4.0 ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-35275 (A improper neutralization of special elements used in an sql
command ( ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-35273 (A out-of-bounds write in Fortinet FortiManager version 7.4.0
through 7 ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-34544 (A command injection vulnerability exists in the wireless.cgi
AddMac() ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-34166 (An os command injection vulnerability exists in the
touchlist_sync.cgi ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2024-33503 (A improper privilege management in Fortinet FortiManager
version 7.4.0 ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-33502 (An improper limitation of a pathname to a restricted directory
('path ...)
TODO: check
CVE-2024-32115 (A relative path traversal vulnerability [CWE-23] in Fortinet
FortiMana ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-29980 (Improper Check for Unusual or Exceptional Conditions
vulnerability in ...)
TODO: check
CVE-2024-29979 (Improper Check for Unusual or Exceptional Conditions
vulnerability in ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e5efa63527279fd120fa5f74e24f4c553bf1115
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e5efa63527279fd120fa5f74e24f4c553bf1115
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
