[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 31 21:33:42 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7a17a517 by Salvatore Bonaccorso at 2024-07-31T22:33:10+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,61 +1,61 @@
CVE-2024-7340 (The Weave server API allows remote users to fetch files from a specifi ...)
- TODO: check
+ NOT-FOR-US: Weave server
CVE-2024-7325 (A vulnerability was found in IObit Driver Booster 11.0.0.0. It has bee ...)
- TODO: check
+ NOT-FOR-US: IObit Driver Booster
CVE-2024-7324 (A vulnerability was found in IObit iTop Data Recovery Pro 4.4.0.687. I ...)
- TODO: check
+ NOT-FOR-US: IObit iTop Data Recovery Pro
CVE-2024-7321 (A vulnerability classified as problematic was found in itsourcecode On ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Online Blood Bank Management System
CVE-2024-7320 (A vulnerability classified as critical has been found in itsourcecode ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Online Blood Bank Management System
CVE-2024-7311 (A vulnerability was found in code-projects Online Bus Reservation Site ...)
- TODO: check
+ NOT-FOR-US: code-projects Online Bus Reservation Site
CVE-2024-7310 (A vulnerability was found in SourceCodester Record Management System 1 ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Record Management System
CVE-2024-7309 (A vulnerability was found in SourceCodester Record Management System 1 ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Record Management System
CVE-2024-7308 (A vulnerability was found in SourceCodester Establishment Billing Mana ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Establishment Billing Management System
CVE-2024-7307 (A vulnerability has been found in SourceCodester Establishment Billing ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Establishment Billing Management System
CVE-2024-7135 (The Tainacan plugin for WordPress is vulnerable to unauthorized access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6978 (Cato Networks Windows SDP Client Local root certificates can be instal ...)
- TODO: check
+ NOT-FOR-US: Cato Networks
CVE-2024-6977 (A vulnerability in Cato Networks SDP Client on Windows allows the inse ...)
- TODO: check
+ NOT-FOR-US: Cato Networks
CVE-2024-6975 (Cato Networks Windows SDP Client Local Privilege Escalation via openss ...)
- TODO: check
+ NOT-FOR-US: Cato Networks
CVE-2024-6974 (Cato Networks Windows SDP Client Local Privilege Escalation via self-u ...)
- TODO: check
+ NOT-FOR-US: Cato Networks
CVE-2024-6973 (Remote Code Execution in Cato Windows SDP client via crafted URLs. Thi ...)
- TODO: check
+ NOT-FOR-US: Cato Networks
CVE-2024-6725 (The Formidable Forms \u2013 Contact Form Plugin, Survey, Quiz, Payment ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6208 (The Download Manager plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-41955 (Mobile Security Framework (MobSF) is a security research platform for ...)
- TODO: check
+ NOT-FOR-US: Mobile Security Framework (MobSF)
CVE-2024-41954 (FOG is a cloning/imaging/rescue suite/inventory management system. The ...)
- TODO: check
+ NOT-FOR-US: FOG
CVE-2024-41953 (Zitadel is an open source identity management system. ZITADEL uses HTM ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2024-41952 (Zitadel is an open source identity management system. ZITADEL administ ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2024-41951 (Pheonix App is a Python application designed to streamline various tas ...)
- TODO: check
+ NOT-FOR-US: Pheonix App
CVE-2024-41950 (Haystack is an end-to-end LLM framework that allows you to build appli ...)
TODO: check
CVE-2024-41947 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2024-41660 (slpd-lite is a unicast SLP UDP server. Any OpenBMC system that include ...)
TODO: check
CVE-2024-41630 (Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-41108 (FOG is a free open-source cloning/imaging/rescue suite/inventory manag ...)
- TODO: check
+ NOT-FOR-US: FOG
CVE-2024-40645 (FOG is a cloning/imaging/rescue suite/inventory management system. An ...)
- TODO: check
+ NOT-FOR-US: FOG
CVE-2024-3083 (A \u201cCWE-352: Cross-Site Request Forgery (CSRF)\u201d can be exploi ...)
TODO: check
CVE-2024-3082 (A \u201cCWE-256: Plaintext Storage of a Password\u201d affecting the a ...)
@@ -63,31 +63,31 @@ CVE-2024-3082 (A \u201cCWE-256: Plaintext Storage of a Password\u201d affecting
CVE-2024-39694 (Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ...)
TODO: check
CVE-2024-39379 (Acrobat for Edge versions 126.0.2592.81 and earlier are affected by an ...)
- TODO: check
+ NOT-FOR-US: Acrobat for Edge
CVE-2024-39318 (The Ibexa Admin UI Bundle contains all the necessary parts to run the ...)
- TODO: check
+ NOT-FOR-US: Ibexa Admin UI Bundle
CVE-2024-37901 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2024-37900 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2024-37898 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2024-37142 (Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrol ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37135 (DM5500 5.16.0.0, contains an information disclosure vulnerability. A l ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37129 (Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path T ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37127 (Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrol ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-32857 (Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrol ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-31203 (A \u201cCWE-121: Stack-based Buffer Overflow\u201d in the wd210std.dll ...)
- TODO: check
+ NOT-FOR-US: ThermoscanIP installer
CVE-2024-31202 (A \u201cCWE-732: Incorrect Permission Assignment for Critical Resource ...)
- TODO: check
+ NOT-FOR-US: ThermoscanIP
CVE-2024-31201 (A \u201cCWE-428: Unquoted Search Path or Element\u201d affects the The ...)
- TODO: check
+ NOT-FOR-US: ThermoscanIP
CVE-2024-31200 (A \u201cCWE-201: Insertion of Sensitive Information Into Sent Data\u20 ...)
TODO: check
CVE-2024-31199 (A \u201cCWE-79: Improper Neutralization of Input During Web Page Gener ...)
@@ -141,13 +141,13 @@ CVE-2024-7274 (A vulnerability, which was classified as critical, has been found
CVE-2024-7273 (A vulnerability classified as critical was found in itsourcecode Alton ...)
NOT-FOR-US: itsourcecode Alton Management System
CVE-2024-7205 (When the device is shared,the homepage module are before 2.19.0 in eWe ...)
- TODO: check
+ NOT-FOR-US: eWeLink Cloud Service homepage module
CVE-2024-6980 (A verbose error handling issue in the proxy service implemented in the ...)
NOT-FOR-US: GravityZone Update Server
CVE-2024-6770 (The Lifetime free Drag & Drop Contact Form Builder for WordPress VForm ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6695 (it's possible for an attacker to gain administrative access without ha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6412 (The HTML Forms WordPress plugin before 1.3.34 does not have CSRF chec ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6408 (The Slider by 10Web WordPress plugin before 1.2.57 does not sanitise ...)
@@ -161,7 +161,7 @@ CVE-2024-6165 (The WANotifier WordPress plugin before 2.6.1 does not sanitise a
CVE-2024-5901 (The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to St ...)
NOT-FOR-US: WordPress plugin
CVE-2024-42381 (os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF fi ...)
- TODO: check
+ NOT-FOR-US: Homebrew brew
CVE-2024-39950 (A vulnerability has been found in Dahua products. Attackers can send c ...)
NOT-FOR-US: Dahua
CVE-2024-39949 (A vulnerability has been found in Dahua products.Attackers can send ca ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a17a51758897d51148ebb31f8e219b2893e5f4d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a17a51758897d51148ebb31f8e219b2893e5f4d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240731/456edb02/attachment.htm>
More information about the debian-security-tracker-commits
mailing list