[Git][security-tracker-team/security-tracker][master] Proces some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 8 08:24:20 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b739c116 by Salvatore Bonaccorso at 2024-11-08T09:23:57+01:00
Proces some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,81 +1,81 @@
CVE-2024-8810 (A GitHub App installed in organizations could upgrade some permissions ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-8424 (Improper Privilege Management vulnerability in WatchGuard EPDR, Panda ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2024-7982 (The Registrations for the Events Calendar WordPress plugin before 2.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51998 (changedetection.io is a free open source web page change detection too ...)
- TODO: check
+ NOT-FOR-US: changedetection.io
CVE-2024-51987 (Duende.AccessTokenManagement.OpenIdConnect is a set of .NET libraries ...)
TODO: check
CVE-2024-51434 (Inconsistent <plaintext> tag parsing allows for XSS in Froala WYSIWYG ...)
- TODO: check
+ NOT-FOR-US: Froala WYSIWYG editor
CVE-2024-50766 (SourceCodester Survey Application System 1.0 is vulnerable to SQL Inje ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Survey Application System
CVE-2024-50599 (A reflected Cross-Site Scripting (XSS) vulnerability has been identifi ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-49524 (Adobe Experience Manager versions 6.5.20 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49523 (Adobe Experience Manager versions 6.5.20 and earlier are affected by a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-48011 (Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-48010 (Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-47072 (XStream is a simple library to serialize objects to XML and back again ...)
TODO: check
CVE-2024-46961 (The Inshot com.downloader.privatebrowser (aka Video Downloader - XDown ...)
- TODO: check
+ NOT-FOR-US: Inshot com.downloader.privatebrowser (aka Video Downloader - XDownloader) application
CVE-2024-46960 (The ASD com.rocks.video.downloader (aka HD Video Downloader All Format ...)
- TODO: check
+ NOT-FOR-US: ASD com.rocks.video.downloader application
CVE-2024-45759 (Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7 ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-36064 (The NLL com.nll.cb (aka ACR Phone) application through 0.330-playStore ...)
- TODO: check
+ NOT-FOR-US: NLL com.nll.cb (aka ACR Phone) application
CVE-2024-36063 (The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5. ...)
- TODO: check
+ NOT-FOR-US: Goodwy com.goodwy.dialer (aka Right Dialer) application
CVE-2024-36062 (The com.callassistant.android (aka AI Call Assistant & Screener) appli ...)
- TODO: check
+ NOT-FOR-US: com.callassistant.android (aka AI Call Assistant & Screener) application
CVE-2024-24409 (Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulne ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2024-21538 (Versions of the package cross-spawn before 7.0.5 are vulnerable to Reg ...)
TODO: check
CVE-2024-11000 (A vulnerability classified as problematic was found in CodeAstro Real ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Real Estate Management System
CVE-2024-10999 (A vulnerability classified as problematic has been found in CodeAstro ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Real Estate Management System
CVE-2024-10998 (A vulnerability was found in 1000 Projects Bookstore Management System ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10997 (A vulnerability was found in 1000 Projects Bookstore Management System ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10996 (A vulnerability was found in 1000 Projects Bookstore Management System ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Bookstore Management System
CVE-2024-10995 (A vulnerability was found in Codezips Hospital Appointment System 1.0 ...)
- TODO: check
+ NOT-FOR-US: Codezips Hospital Appointment System
CVE-2024-10994 (A vulnerability has been found in Codezips Online Institute Management ...)
- TODO: check
+ NOT-FOR-US: Codezips Online Institute Management System
CVE-2024-10993 (A vulnerability, which was classified as critical, was found in Codezi ...)
- TODO: check
+ NOT-FOR-US: Codezips Online Institute Management System
CVE-2024-10991 (A vulnerability, which was classified as critical, has been found in C ...)
- TODO: check
+ NOT-FOR-US: Codezips Hospital Appointment System
CVE-2024-10990 (A vulnerability classified as critical was found in SourceCodester Onl ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Veterinary Appointment System
CVE-2024-10989 (A vulnerability classified as critical has been found in code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects E-Health Care System
CVE-2024-10988 (A vulnerability was found in code-projects E-Health Care System 1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects E-Health Care System
CVE-2024-10987 (A vulnerability was found in code-projects E-Health Care System 1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects E-Health Care System
CVE-2024-10975 (Nomad Community and Nomad Enterprise ("Nomad") volume specification is ...)
TODO: check
CVE-2024-10824 (An authorization bypass vulnerability was identified in GitHub Enterpr ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-10621 (The Simple Shortcode for Google Maps plugin for WordPress is vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10269 (The Easy SVG Support plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10007 (A path collision and arbitrary code execution vulnerability was identi ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-50211 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.11.6-1
NOTE: https://git.kernel.org/linus/c226964ec786f3797ed389a16392ce4357697d24 (6.12-rc2)
@@ -133226,7 +133226,7 @@ CVE-2023-27197 (PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can
CVE-2023-27196
RESERVED
CVE-2023-27195 (Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/ ...)
- TODO: check
+ NOT-FOR-US: Trimble TM4Web
CVE-2023-27194
RESERVED
CVE-2023-27193 (An issue found in DUALSPACE v.1.1.3 allows a local attacker to gain pr ...)
@@ -360784,13 +360784,13 @@ CVE-2020-9008 (Stored Cross-site scripting (XSS) vulnerability in Blackboard Lea
CVE-2019-20473 (An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.865 ...)
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20472 (An issue was discovered on One2Track 2019-12-08 devices. Any SIM card ...)
- TODO: check
+ NOT-FOR-US: One2Track
CVE-2019-20471 (An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.865 ...)
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20470 (An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.865 ...)
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20469 (An issue was discovered on One2Track 2019-12-08 devices. Confidential ...)
- TODO: check
+ NOT-FOR-US: One2Track
CVE-2019-20468 (An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horlo ...)
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20467 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...)
@@ -360804,11 +360804,11 @@ CVE-2019-20464 (An issue was discovered on Sannce Smart HD Wifi Security Camera
CVE-2019-20463 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...)
NOT-FOR-US: Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices
CVE-2019-20462 (An issue was discovered on Alecto IVM-100 2019-11-12 devices. The devi ...)
- TODO: check
+ NOT-FOR-US: Alecto
CVE-2019-20461 (An issue was discovered on Alecto IVM-100 2019-11-12 devices. The devi ...)
- TODO: check
+ NOT-FOR-US: Alecto
CVE-2019-20460 (An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 de ...)
- TODO: check
+ NOT-FOR-US: Epson
CVE-2019-20459 (An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 de ...)
NOT-FOR-US: Epson Expression Home XP255
CVE-2019-20458 (An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 de ...)
@@ -363379,7 +363379,7 @@ CVE-2020-8009 (AVB MOTU devices through 2020-01-22 allow /.. Directory Traversal
CVE-2020-8008
RESERVED
CVE-2020-8007 (The pwrstudio web application of EV Charger (in the server in Circontr ...)
- TODO: check
+ NOT-FOR-US: pwrstudio web application of EV Charger
CVE-2020-8006 (The server in Circontrol Raption through 5.11.2 has a pre-authenticati ...)
NOT-FOR-US: Circontrol Raption
CVE-2020-8005
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b739c116bc42d0e0d048d8cb862268502fb7d113
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b739c116bc42d0e0d048d8cb862268502fb7d113
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241108/b6843bed/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list