[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 10 20:48:53 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
706be4d1 by Salvatore Bonaccorso at 2024-12-10T21:43:52+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,247 +31,247 @@ CVE-2024-54751 (COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcode
CVE-2024-54152 (Angular Expressions provides expressions for the Angular.JS web framew ...)
TODO: check
CVE-2024-54095 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54094 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54093 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54091 (A vulnerability has been identified in Parasolid V36.1 (All versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54008 (An authenticated Remote Code Execution (RCE) vulnerability exists in t ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2024-54005 (A vulnerability has been identified in COMOS V10.3 (All versions < V10 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-53866 (The package manager pnpm prior to version 9.15.0 seems to mishandle ov ...)
TODO: check
CVE-2024-53832 (A vulnerability has been identified in CPCI85 Central Processing/Commu ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-53481 (A Cross Site Scripting (XSS) vulnerability in the profile.php of PHPGu ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Beauty Parlour Management System
CVE-2024-53480 (Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQ ...)
- TODO: check
+ NOT-FOR-US: Phpgurukul's Beauty Parlour Management System
CVE-2024-53247 (In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versi ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53246 (In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53245 (In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53244 (In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53243 (In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versio ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53242 (A vulnerability has been identified in Teamcenter Visualization V14.2 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-53041 (A vulnerability has been identified in Teamcenter Visualization V14.2 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-52538 (Dell Avamar, version(s) 19.9, contain(s) an Improper Neutralization of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-52051 (A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All vers ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-51165 (SQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLogi ...)
- TODO: check
+ NOT-FOR-US: JEPAAS
CVE-2024-50931 (Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insec ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs Z-Wave Series 500
CVE-2024-50930 (An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs Z-Wave Series 500
CVE-2024-50929 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series 700 and 800
CVE-2024-50928 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series
CVE-2024-50924 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series
CVE-2024-50921 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series
CVE-2024-50920 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series
CVE-2024-50699 (TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-49849 (A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All vers ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-49704 (A vulnerability has been identified in COMOS V10.3 (All versions < V10 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-49554 (Media Encoder versions 25.0, 24.6.3 and earlier are affected by a NULL ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49553 (Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49552 (Media Encoder versions 25.0, 24.6.3 and earlier are affected by a Heap ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49551 (Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49535 (Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49534 (Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49533 (Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49532 (Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49531 (Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49530 (Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49142 (Microsoft Access Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49138 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49132 (Windows Remote Desktop Services Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49129 (Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49128 (Windows Remote Desktop Services Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49127 (Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49126 (Windows Local Security Authority Subsystem Service (LSASS) Remote Code ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49125 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49124 (Lightweight Directory Access Protocol (LDAP) Client Remote Code Execut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49123 (Windows Remote Desktop Services Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49122 (Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49121 (Windows Lightweight Directory Access Protocol (LDAP) Denial of Service ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49120 (Windows Remote Desktop Services Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49119 (Windows Remote Desktop Services Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49118 (Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49117 (Windows Hyper-V Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49116 (Windows Remote Desktop Services Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49115 (Windows Remote Desktop Services Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49114 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49113 (Windows Lightweight Directory Access Protocol (LDAP) Denial of Service ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49112 (Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49111 (Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49110 (Windows Mobile Broadband Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49109 (Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49108 (Windows Remote Desktop Services Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49107 (WmsRepair Service Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49106 (Windows Remote Desktop Services Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49105 (Remote Desktop Client Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49104 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49103 (Windows Wireless Wide Area Network Service (WwanSvc) Information Discl ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49102 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49101 (Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49099 (Windows Wireless Wide Area Network Service (WwanSvc) Information Discl ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49098 (Windows Wireless Wide Area Network Service (WwanSvc) Information Discl ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49097 (Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49096 (Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49095 (Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49094 (Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49093 (Windows Resilient File System (ReFS) Elevation of Privilege Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49092 (Windows Mobile Broadband Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49091 (Windows Domain Name Service Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49090 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49089 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49088 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49087 (Windows Mobile Broadband Driver Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49086 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49085 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49084 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49083 (Windows Mobile Broadband Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49082 (Windows File Explorer Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49081 (Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49080 (Windows IP Routing Management Snapin Remote Code Execution Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49079 (Input Method Editor (IME) Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49078 (Windows Mobile Broadband Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49077 (Windows Mobile Broadband Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49076 (Windows Virtualization-Based Security (VBS) Enclave Elevation of Privi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49075 (Windows Remote Desktop ServicesDenial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49074 (Windows Kernel-Mode Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49073 (Windows Mobile Broadband Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49072 (Windows Task Scheduler Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49070 (Microsoft SharePoint Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49069 (Microsoft Excel Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49068 (Microsoft SharePoint Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49065 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49064 (Microsoft SharePoint Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49063 (Microsoft/Muzic Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49062 (Microsoft SharePoint Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49059 (Microsoft Office Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49057 (Microsoft Defender for Endpoint on Android Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-47977 (Dell Avamar, version(s) 19.9, contain(s) an Improper Neutralization of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-47484 (Dell Avamar, version(s) 19.9, contain(s) an Improper Neutralization of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-47117 (IBM Carbon Design System (Carbon Charts 0.4.0 through 1.13.16) is vuln ...)
NOT-FOR-US: IBM
CVE-2024-46657 (Artifex Software mupdf v1.24.9 was discovered to contain a segmentatio ...)
TODO: check
CVE-2024-46442 (An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows attacke ...)
- TODO: check
+ NOT-FOR-US: BYD Dilink Headunit System
CVE-2024-46341 (TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-46340 (TP-Link TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discov ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-45709 (SolarWinds Web Help Desk was susceptible to a local file read vulnerab ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-45494 (An issue was discovered in MSA Safety FieldServer Gateways and Embedde ...)
TODO: check
CVE-2024-45493 (An issue was discovered in MSA Safety FieldServer Gateways and Embedde ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-43600 (Microsoft Office Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-43594 (System Center Operations Manager Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-12323 (The turboSMTP plugin for WordPress is vulnerable to Reflected Cross-Si ...)
TODO: check
CVE-2024-12286 (MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH t ...)
@@ -339,7 +339,7 @@ CVE-2024-54149 (Winter is a free, open-source content management system (CMS) ba
CVE-2024-53919 (An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and C ...)
NOT-FOR-US: Barco
CVE-2024-53552 (CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password res ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2024-50628 (An issue was discovered in the web services of Digi ConnectPort LTS be ...)
NOT-FOR-US: Digi ConnectPort LTS
CVE-2024-50627 (An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privi ...)
@@ -353,7 +353,7 @@ CVE-2024-47946 (If the attacker has access to a valid Poweruser session, remote
CVE-2024-47585 (SAP NetWeaver Application Server for ABAP and ABAP Platform allows an ...)
NOT-FOR-US: SAP
CVE-2024-47582 (Due to missing validation of XML input, an unauthenticated attacker co ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-47581 (SAP HCM Approve Timesheets Version 4 application does not perform nece ...)
NOT-FOR-US: SAP
CVE-2024-47580 (An attacker authenticated as an administrator can use an exposed webse ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/706be4d1d4708a204285f979806759ccd878393b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/706be4d1d4708a204285f979806759ccd878393b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241210/b3df5772/attachment.htm>
More information about the debian-security-tracker-commits
mailing list