[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 14 21:38:05 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
325f3634 by Salvatore Bonaccorso at 2024-08-14T22:37:25+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,199 +1,199 @@
CVE-2024-7792 (A vulnerability was found in SourceCodester Task Progress Tracker 1.0. ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Task Progress Tracker
CVE-2024-7790 (A stored cross site scripting vulnerabilities exists in DevikaAI from ...)
- TODO: check
+ NOT-FOR-US: DevikaAI
CVE-2024-7515 (CVE-2024-7515 IMPACT A denial-of-service vulnerability exists in the ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-7513 (CVE-2024-7513 IMPACT A code execution vulnerability exists in the aff ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-7507 (CVE-2024-7507 IMPACT A denial-of-service vulnerability exists in the ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-6532 (The Sheet to Table Live Sync for Google Sheet plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6078 (CVE-2024-6078 IMPACT An improper authentication vulnerability exists ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-5916 (An information exposure vulnerability in Palo Alto Networks PAN-OS sof ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2024-5915 (A privilege escalation (PE) vulnerability in the Palo Alto Networks Gl ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2024-5914 (A command injection issue in Palo Alto Networks Cortex XSOAR CommonScr ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2024-4389 (The Slider and Carousel slider by Depicter plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-42441 (Improper privilege management in the installer for Zoom Workplace Desk ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-42440 (Improper privilege management in the installer for Zoom Workplace Desk ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-42439 (Untrusted search path in the installer for Zoom Workplace Desktop App ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-42438 (Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-42437 (Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-42436 (Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-42435 (Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Ro ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-42434 (Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Ro ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-42360 (SequenceServer lets you rapidly set up a BLAST+ server with an intuiti ...)
TODO: check
CVE-2024-41866 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41865 (Dimension versions 3.4.11 and earlier are affected by an Untrusted Sea ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41864 (Substance3D - Designer versions 13.1.2 and earlier are affected by an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41863 (Substance3D - Sampler versions 4.5 and earlier are affected by an out- ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41862 (Substance3D - Sampler versions 4.5 and earlier are affected by an out- ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41861 (Substance3D - Sampler versions 4.5 and earlier are affected by an out- ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41860 (Substance3D - Sampler versions 4.5 and earlier are affected by an out- ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41858 (InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Ov ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41856 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an Impro ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41854 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41853 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41852 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41851 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41850 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41840 (Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-b ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41835 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41834 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41833 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41832 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41831 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41830 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41727 (In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-I ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-41723 (Undisclosed requests to BIG-IP iControl REST can lead to information l ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-41719 (When generating QKView of BIG-IP Next instance from the BIG-IP Next Ce ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-41164 (When TCP profile with Multipath TCP enabled (MPTCP) is configured on a ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-40620 (CVE-2024-40620 IMPACT A vulnerability exists in the affected product ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-40619 (CVE-2024-40619 IMPACT A denial-of-service vulnerability exists in the ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-39825 (Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allo ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-39824 (Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Ro ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-39823 (Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Ro ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-39822 (Sensitive information exposure in some Zoom Workplace Apps, SDKs, Room ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-39818 (Protection mechanism failure for some Zoom Workplace Apps and SDKs may ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-39809 (The Central Manager user session refresh token does not expire when a ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-39792 (When the NGINX Plus is configured to use the MQTT pre-read module, und ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-39778 (When a stateless virtual server is configured on BIG-IP system with a ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-39426 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39425 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39424 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39423 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39422 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39420 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39419 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39418 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39417 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39416 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39415 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39414 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39413 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39412 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39411 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39410 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39409 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39408 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39407 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39406 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39405 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39404 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39403 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39402 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39401 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39400 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39399 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39398 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39397 (Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39395 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39394 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39393 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39391 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39390 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39389 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39388 (Substance3D - Stager versions 3.0.2 and earlier are affected by a Use ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39387 (Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-b ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39386 (Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-b ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39383 (Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-39283 (Incomplete filtering of special elements in Intel(R) TDX module softwa ...)
TODO: check
CVE-2024-38483 (Dell BIOS contains an Improper Input Validation vulnerability in an ex ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37529 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 ...)
NOT-FOR-US: IBM
CVE-2024-37028 (BIG-IP Next Central Manager may allow an attacker to lock out an accou ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2024-35152 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 ...)
NOT-FOR-US: IBM
CVE-2024-35136 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) fede ...)
@@ -201,29 +201,29 @@ CVE-2024-35136 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server
CVE-2024-34163 (Improper input validation in firmware for some Intel(R) NUC may allow ...)
TODO: check
CVE-2024-34138 (Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL P ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34137 (Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL P ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34136 (Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL P ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34135 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34134 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34133 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34127 (InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34126 (Dimension versions 3.4.11 and earlier are affected by an out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34125 (Dimension versions 3.4.11 and earlier are affected by an out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34124 (Dimension versions 3.4.11 and earlier are affected by an out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34118 (Illustrator versions 28.5, 27.9.4 and earlier are affected by an Impro ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-34117 (Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-31882 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 ...)
NOT-FOR-US: IBM
CVE-2024-29015 (Uncontrolled search path in some Intel(R) VTune(TM) Profiler software ...)
@@ -329,9 +329,9 @@ CVE-2024-21769 (Uncontrolled search path in some Intel(R) Ethernet Connection I2
CVE-2024-21766 (Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library ...)
TODO: check
CVE-2024-20790 (Dimension versions 3.4.11 and earlier are affected by an out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-20789 (Dimension versions 3.4.11 and earlier are affected by a Use After Free ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-50315 (IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker w ...)
NOT-FOR-US: IBM
CVE-2023-50314 (IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 cou ...)
@@ -521,7 +521,7 @@ CVE-2024-38756 (Exposure of Sensitive Information to an Unauthorized Actor vulne
CVE-2024-38752 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-38749 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38747 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
NOT-FOR-US: WordPress plugin
CVE-2024-38742 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
@@ -709,7 +709,7 @@ CVE-2024-36446 (The provisioning manager component of Mitel MiVoice MX-ONE throu
CVE-2024-35124 (A vulnerability in the combination of the OpenBMC's FW1050.00 through ...)
NOT-FOR-US: IBM
CVE-2024-2259 (This vulnerability exists in InstaRISPACS software due to insufficient ...)
- TODO: check
+ NOT-FOR-US: InstaRISPACS
CVE-2024-29995 (Windows Kerberos Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-21981 (Improper key usage control in AMD Secure Processor (ASP) may allow an ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/325f3634516986acaa819dcaf03063aa39a38d59
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/325f3634516986acaa819dcaf03063aa39a38d59
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240814/17845bf6/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list