[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 12 20:12:59 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
36b1de61 by security tracker role at 2024-11-12T20:12:52+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,536 @@
-CVE-2024-49369
+CVE-2024-9999 (In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implem ...)
+ TODO: check
+CVE-2024-9998
+ REJECTED
+CVE-2024-9843 (A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows ...)
+ TODO: check
+CVE-2024-9842 (Incorrect permissions in Ivanti Secure Access Client before version 22 ...)
+ TODO: check
+CVE-2024-9420 (A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and ...)
+ TODO: check
+CVE-2024-8539 (Improper authorization in Ivanti Secure Access Client before version 2 ...)
+ TODO: check
+CVE-2024-8535 (Authenticated user can access unintended user capabilitiesinNetScaler ...)
+ TODO: check
+CVE-2024-8534 (Memory safety vulnerability leading to memory corruption and Denial of ...)
+ TODO: check
+CVE-2024-8495 (A null pointer dereference in Ivanti Connect Secure before version 22. ...)
+ TODO: check
+CVE-2024-8074 (Improper Privilege Management vulnerability in Nomysoft Informatics No ...)
+ TODO: check
+CVE-2024-8069 (Limited remote code execution with privilege of a NetworkService Accou ...)
+ TODO: check
+CVE-2024-8068 (Privilege escalation to NetworkService Account accessin Citrix Session ...)
+ TODO: check
+CVE-2024-7571 (Incorrect permissions in Ivanti Secure Access Client before 22.7R4 all ...)
+ TODO: check
+CVE-2024-7516 (A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow ...)
+ TODO: check
+CVE-2024-52301 (Laravel is a web application framework. When the register_argc_argv ph ...)
+ TODO: check
+CVE-2024-52297 (Tolgee is an open-source localization platform. Tolgee 3.81.1 included ...)
+ TODO: check
+CVE-2024-52296 (libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised D ...)
+ TODO: check
+CVE-2024-52010 (Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. A ...)
+ TODO: check
+CVE-2024-51750 (Element is a Matrix web client built using the Matrix React SDK. A mal ...)
+ TODO: check
+CVE-2024-51749 (Element is a Matrix web client built using the Matrix React SDK. Versi ...)
+ TODO: check
+CVE-2024-51722 (A local privilege escalation vulnerability in the SecuSUITE Server (Sy ...)
+ TODO: check
+CVE-2024-51721 (A code injection vulnerability in the SecuSUITE Server Web Administrat ...)
+ TODO: check
+CVE-2024-51720 (An insufficient entropy vulnerability in the SecuSUITE Secure Client A ...)
+ TODO: check
+CVE-2024-51566 (The NVMe driver queue processing is vulernable to guest-induced infini ...)
+ TODO: check
+CVE-2024-51565 (The hda driver is vulnerable to a buffer over-read from a guest-contro ...)
+ TODO: check
+CVE-2024-51564 (A guest can trigger an infinite loop in the hda audio driver.)
+ TODO: check
+CVE-2024-51563 (The virtio_vq_recordon function is subject to a time-of-check to time- ...)
+ TODO: check
+CVE-2024-51562 (The NVMe driver function nvme_opc_get_log_page is vulnerable to a buff ...)
+ TODO: check
+CVE-2024-50572 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6G ...)
+ TODO: check
+CVE-2024-50561 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6G ...)
+ TODO: check
+CVE-2024-50560 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6G ...)
+ TODO: check
+CVE-2024-50559 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6G ...)
+ TODO: check
+CVE-2024-50558 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6G ...)
+ TODO: check
+CVE-2024-50557 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6G ...)
+ TODO: check
+CVE-2024-50386 (Account users in Apache CloudStack by default are allowed to register ...)
+ TODO: check
+CVE-2024-50336 (matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for Jav ...)
+ TODO: check
+CVE-2024-50331 (An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 a ...)
+ TODO: check
+CVE-2024-50330 (SQL injection in Ivanti Endpoint Manager before 2024 November Security ...)
+ TODO: check
+CVE-2024-50329 (Path traversal in Ivanti Endpoint Manager before 2024 November Securit ...)
+ TODO: check
+CVE-2024-50328 (SQL injection in Ivanti Endpoint Manager before 2024 November Security ...)
+ TODO: check
+CVE-2024-50327 (SQL injection in Ivanti Endpoint Manager before 2024 November Security ...)
+ TODO: check
+CVE-2024-50326 (SQL injection in Ivanti Endpoint Manager before 2024 November Security ...)
+ TODO: check
+CVE-2024-50324 (Path traversal in Ivanti Endpoint Manager before 2024 November Securit ...)
+ TODO: check
+CVE-2024-50323 (SQL injection in Ivanti Endpoint Manager before 2024 November Security ...)
+ TODO: check
+CVE-2024-50322 (Path traversal in Ivanti Endpoint Manager before 2024 November Securit ...)
+ TODO: check
+CVE-2024-50321 (An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unau ...)
+ TODO: check
+CVE-2024-50320 (An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unau ...)
+ TODO: check
+CVE-2024-50319 (An infinite loop in Ivanti Avalanche before 6.4.6 allows a remote unau ...)
+ TODO: check
+CVE-2024-50318 (A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a r ...)
+ TODO: check
+CVE-2024-50317 (A null pointer dereference in Ivanti Avalanche before 6.4.6 allows a r ...)
+ TODO: check
+CVE-2024-50313 (A vulnerability has been identified in Mendix Runtime V10 (All version ...)
+ TODO: check
+CVE-2024-50310 (A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543 ...)
+ TODO: check
+CVE-2024-49528 (Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of- ...)
+ TODO: check
+CVE-2024-49527 (Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of- ...)
+ TODO: check
+CVE-2024-49526 (Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use Afte ...)
+ TODO: check
+CVE-2024-49525 (Substance3D - Painter versions 10.1.0 and earlier are affected by a He ...)
+ TODO: check
+CVE-2024-49521 (Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Sid ...)
+ TODO: check
+CVE-2024-49520 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-49519 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-49518 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-49517 (Substance3D - Painter versions 10.1.0 and earlier are affected by a He ...)
+ TODO: check
+CVE-2024-49516 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-49515 (Substance3D - Painter versions 10.1.0 and earlier are affected by an U ...)
+ TODO: check
+CVE-2024-49514 (Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by a ...)
+ TODO: check
+CVE-2024-49056 (Authentication bypass by assumed-immutable data on airlift.microsoft.c ...)
+ TODO: check
+CVE-2024-49051 (Microsoft PC Manager Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-49050 (Visual Studio Code Python Extension Remote Code Execution Vulnerabilit ...)
+ TODO: check
+CVE-2024-49049 (Visual Studio Code Remote Extension Elevation of Privilege Vulnerabili ...)
+ TODO: check
+CVE-2024-49048 (TorchGeo Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49046 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-49044 (Visual Studio Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-49043 (Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vul ...)
+ TODO: check
+CVE-2024-49042 (Azure Database for PostgreSQL Flexible Server Extension Elevation of P ...)
+ TODO: check
+CVE-2024-49040 (Microsoft Exchange Server Spoofing Vulnerability)
+ TODO: check
+CVE-2024-49039 (Windows Task Scheduler Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-49033 (Microsoft Word Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2024-49032 (Microsoft Office Graphics Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49031 (Microsoft Office Graphics Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49030 (Microsoft Excel Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49029 (Microsoft Excel Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49028 (Microsoft Excel Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49027 (Microsoft Excel Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49026 (Microsoft Excel Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49021 (Microsoft SQL Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49019 (Active Directory Certificate Services Elevation of Privilege Vulnerabi ...)
+ TODO: check
+CVE-2024-49018 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49017 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49016 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49015 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49014 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49013 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49012 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49011 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49010 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49009 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49008 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49007 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49006 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49005 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49004 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49003 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49002 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49001 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-49000 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-48999 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-48998 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-48997 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-48996 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-48995 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-48994 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-48993 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-47942 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
+ TODO: check
+CVE-2024-47941 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
+ TODO: check
+CVE-2024-47940 (A vulnerability has been identified in Solid Edge SE2024 (All versions ...)
+ TODO: check
+CVE-2024-47909 (A stack-based buffer overflow in Ivanti Connect Secure before version ...)
+ TODO: check
+CVE-2024-47907 (A stack-based buffer overflow in IPsec of Ivanti Connect Secure before ...)
+ TODO: check
+CVE-2024-47906 (Excessive binary privileges in Ivanti Connect Secure which affects ver ...)
+ TODO: check
+CVE-2024-47905 (A stack-based buffer overflow in Ivanti Connect Secure before version ...)
+ TODO: check
+CVE-2024-47808 (A vulnerability has been identified in SINEC NMS (All versions < V3.0 ...)
+ TODO: check
+CVE-2024-47783 (A vulnerability has been identified in SIPORT (All versions < V3.4.0). ...)
+ TODO: check
+CVE-2024-47535 (Netty is an asynchronous event-driven network application framework fo ...)
+ TODO: check
+CVE-2024-47458 (Bridge versions 13.0.9, 14.1.2 and earlier are affected by a NULL Poin ...)
+ TODO: check
+CVE-2024-47457 (Illustrator versions 28.7.1 and earlier are affected by a NULL Pointer ...)
+ TODO: check
+CVE-2024-47456 (Illustrator versions 28.7.1 and earlier are affected by an out-of-boun ...)
+ TODO: check
+CVE-2024-47455 (Illustrator versions 28.7.1 and earlier are affected by an out-of-boun ...)
+ TODO: check
+CVE-2024-47454 (Illustrator versions 28.7.1 and earlier are affected by an out-of-boun ...)
+ TODO: check
+CVE-2024-47453 (Illustrator versions 28.7.1 and earlier are affected by an out-of-boun ...)
+ TODO: check
+CVE-2024-47452 (Illustrator versions 28.7.1 and earlier are affected by an out-of-boun ...)
+ TODO: check
+CVE-2024-47451 (Illustrator versions 28.7.1 and earlier are affected by an out-of-boun ...)
+ TODO: check
+CVE-2024-47450 (Illustrator versions 28.7.1 and earlier are affected by a Heap-based B ...)
+ TODO: check
+CVE-2024-47449 (Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of ...)
+ TODO: check
+CVE-2024-47446 (After Effects versions 23.6.9, 24.6.2 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47445 (After Effects versions 23.6.9, 24.6.2 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47444 (After Effects versions 23.6.9, 24.6.2 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47443 (After Effects versions 23.6.9, 24.6.2 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47442 (After Effects versions 23.6.9, 24.6.2 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47441 (After Effects versions 23.6.9, 24.6.2 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47440 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47439 (Substance3D - Painter versions 10.1.0 and earlier are affected by a NU ...)
+ TODO: check
+CVE-2024-47438 (Substance3D - Painter versions 10.1.0 and earlier are affected by a Wr ...)
+ TODO: check
+CVE-2024-47437 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47436 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47435 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47434 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47433 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47432 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47431 (Substance3D - Painter versions 10.1.0 and earlier are affected by a He ...)
+ TODO: check
+CVE-2024-47430 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47429 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47428 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47427 (Substance3D - Painter versions 10.1.0 and earlier are affected by an o ...)
+ TODO: check
+CVE-2024-47426 (Substance3D - Painter versions 10.1.0 and earlier are affected by a Do ...)
+ TODO: check
+CVE-2024-46894 (A vulnerability has been identified in SINEC INS (All versions < V1.0 ...)
+ TODO: check
+CVE-2024-46892 (A vulnerability has been identified in SINEC INS (All versions < V1.0 ...)
+ TODO: check
+CVE-2024-46891 (A vulnerability has been identified in SINEC INS (All versions < V1.0 ...)
+ TODO: check
+CVE-2024-46890 (A vulnerability has been identified in SINEC INS (All versions < V1.0 ...)
+ TODO: check
+CVE-2024-46889 (A vulnerability has been identified in SINEC INS (All versions < V1.0 ...)
+ TODO: check
+CVE-2024-46888 (A vulnerability has been identified in SINEC INS (All versions < V1.0 ...)
+ TODO: check
+CVE-2024-45289 (The fetch(3) library uses environment variables for passing certain in ...)
+ TODO: check
+CVE-2024-45147 (Bridge versions 13.0.9, 14.1.2 and earlier are affected by an out-of-b ...)
+ TODO: check
+CVE-2024-45114 (Illustrator versions 28.7.1 and earlier are affected by an out-of-boun ...)
+ TODO: check
+CVE-2024-44102 (A vulnerability has been identified in PP TeleControl Server Basic 100 ...)
+ TODO: check
+CVE-2024-43646 (Windows Secure Kernel Mode Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43645 (Windows Defender Application Control (WDAC) Security Feature Bypass Vu ...)
+ TODO: check
+CVE-2024-43644 (Windows Client-Side Caching Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43643 (Windows USB Video Class System Driver Elevation of Privilege Vulnerabi ...)
+ TODO: check
+CVE-2024-43642 (Windows SMB Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-43641 (Windows Registry Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43640 (Windows Kernel-Mode Driver Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43639 (Windows Kerberos Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43638 (Windows USB Video Class System Driver Elevation of Privilege Vulnerabi ...)
+ TODO: check
+CVE-2024-43637 (Windows USB Video Class System Driver Elevation of Privilege Vulnerabi ...)
+ TODO: check
+CVE-2024-43636 (Win32k Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43635 (Windows Telephony Service Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43634 (Windows USB Video Class System Driver Elevation of Privilege Vulnerabi ...)
+ TODO: check
+CVE-2024-43633 (Windows Hyper-V Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-43631 (Windows Secure Kernel Mode Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43630 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43629 (Windows DWM Core Library Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43628 (Windows Telephony Service Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43627 (Windows Telephony Service Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43626 (Windows Telephony Service Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43625 (Microsoft Windows VMSwitch Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43624 (Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerabili ...)
+ TODO: check
+CVE-2024-43623 (Windows NT OS Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43622 (Windows Telephony Service Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43621 (Windows Telephony Service Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43620 (Windows Telephony Service Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43613 (Azure Database for PostgreSQL Flexible Server Extension Elevation of P ...)
+ TODO: check
+CVE-2024-43602 (Azure CycleCloud Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43598 (LightGBM Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43530 (Windows Update Stack Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43499 (.NET and Visual Studio Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-43498 (.NET and Visual Studio Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43462 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43459 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43452 (Windows Registry Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2024-43451 (NTLM Hash Disclosure Spoofing Vulnerability)
+ TODO: check
+CVE-2024-43450 (Windows DNS Spoofing Vulnerability)
+ TODO: check
+CVE-2024-43449 (Windows USB Video Class System Driver Elevation of Privilege Vulnerabi ...)
+ TODO: check
+CVE-2024-43447 (Windows SMBv3 Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-43415 (An improper neutralization of special elements used in an SQL command ...)
+ TODO: check
+CVE-2024-42442 (APTIOV contains a vulnerability in the BIOS where a user or attacker m ...)
+ TODO: check
+CVE-2024-40592 (An improper verification of cryptographic signature vulnerability [CWE ...)
+ TODO: check
+CVE-2024-39281 (The command ctl_persistent_reserve_out allows the caller to specify an ...)
+ TODO: check
+CVE-2024-38264 (Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability)
+ TODO: check
+CVE-2024-38255 (SQL Server Native Client Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2024-38203 (Windows Package Library Manager Information Disclosure Vulnerability)
+ TODO: check
+CVE-2024-37365 (A remote code execution vulnerability exists in the affected product. ...)
+ TODO: check
+CVE-2024-36513 (A privilege context switching error vulnerability [CWE-270] in FortiCl ...)
+ TODO: check
+CVE-2024-36509 (An exposure of sensitive system information to an unauthorized control ...)
+ TODO: check
+CVE-2024-36507 (A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, ...)
+ TODO: check
+CVE-2024-36140 (A vulnerability has been identified in OZW672 (All versions < V5.2), O ...)
+ TODO: check
+CVE-2024-35274 (An improper limitation of a pathname to a restricted directory ('Path ...)
+ TODO: check
+CVE-2024-33660 (An exploit is possible where an actor with physical access can manipul ...)
+ TODO: check
+CVE-2024-33658 (APTIOV contains a vulnerability in BIOS where an attacker may cause an ...)
+ TODO: check
+CVE-2024-33510 (Animproper neutralization of special elements in output used by a down ...)
+ TODO: check
+CVE-2024-33505 (A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 t ...)
+ TODO: check
+CVE-2024-32118 (Multiple improper neutralization of special elements used in an OS com ...)
+ TODO: check
+CVE-2024-32117 (An improper limitation of a pathname to a restricted directory ('Path ...)
+ TODO: check
+CVE-2024-32116 (Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet ...)
+ TODO: check
+CVE-2024-31496 (A stack-based buffer overflow vulnerability [CWE-121] in Fortinet Fort ...)
+ TODO: check
+CVE-2024-30133 (HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control ...)
+ TODO: check
+CVE-2024-2315 (APTIOV contains a vulnerability in BIOS where may cause Improper Acces ...)
+ TODO: check
+CVE-2024-2208 (Potential vulnerabilities have been identified in the audio package fo ...)
+ TODO: check
+CVE-2024-2207 (Potential vulnerabilities have been identified in the audio package fo ...)
+ TODO: check
+CVE-2024-29119 (A vulnerability has been identified in Spectrum Power 7 (All versions ...)
+ TODO: check
+CVE-2024-26011 (A missing authentication for critical function in Fortinet FortiManage ...)
+ TODO: check
+CVE-2024-23666 (A client-side enforcement of server-side security in Fortinet FortiAna ...)
+ TODO: check
+CVE-2024-21976 (Improper input validation in the NPU driver could allow an attacker to ...)
+ TODO: check
+CVE-2024-21975 (Improper input validation in the NPU driver could allow an attacker to ...)
+ TODO: check
+CVE-2024-21974 (Improper input validation in the NPU driver could allow an attacker to ...)
+ TODO: check
+CVE-2024-21958 (Incorrect default permissions in the AMD Provisioning Console installa ...)
+ TODO: check
+CVE-2024-21957 (Incorrect default permissions in the AMD Management Console installati ...)
+ TODO: check
+CVE-2024-21949 (Improper validation of user input in the NPU driver could allow an att ...)
+ TODO: check
+CVE-2024-21946 (Incorrect default permissions in the AMD RyzenTM Master Utility instal ...)
+ TODO: check
+CVE-2024-21945 (Incorrect default permissions in the AMD RyzenTM Master monitoring SDK ...)
+ TODO: check
+CVE-2024-21939 (Incorrect default permissions in the AMD Cloud Manageability Service ( ...)
+ TODO: check
+CVE-2024-21938 (Incorrect default permissions in the AMD Management Plugin for the Mic ...)
+ TODO: check
+CVE-2024-21937 (Incorrect default permissions in the AMD HIP SDK installation director ...)
+ TODO: check
+CVE-2024-11138 (A vulnerability classified as problematic has been found in DedeCMS 5. ...)
+ TODO: check
+CVE-2024-11130 (A vulnerability was found in ZZCMS up to 2023. It has been rated as pr ...)
+ TODO: check
+CVE-2024-11127 (A vulnerability was found in code-projects Job Recruitment up to 1.0. ...)
+ TODO: check
+CVE-2024-11126 (A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been cla ...)
+ TODO: check
+CVE-2024-11125 (A vulnerability was found in GetSimpleCMS 3.3.16 and classified as pro ...)
+ TODO: check
+CVE-2024-11124 (A vulnerability has been found in TimGeyssens UIOMatic 5 and classifie ...)
+ TODO: check
+CVE-2024-11123 (A vulnerability, which was classified as problematic, was found in \u4 ...)
+ TODO: check
+CVE-2024-11122 (A vulnerability, which was classified as critical, has been found in \ ...)
+ TODO: check
+CVE-2024-11121 (A vulnerability classified as critical was found in \u4e0a\u6d77\u7075 ...)
+ TODO: check
+CVE-2024-11007 (Command injection in Ivanti Connect Secure before version 22.7R2.1 and ...)
+ TODO: check
+CVE-2024-11006 (Command injection in Ivanti Connect Secure before version 22.7R2.1 and ...)
+ TODO: check
+CVE-2024-11005 (Command injection in Ivanti Connect Secure before version 22.7R2.1 and ...)
+ TODO: check
+CVE-2024-11004 (Reflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Iva ...)
+ TODO: check
+CVE-2024-10971 (Improper access control in the Password History feature in Devolutions ...)
+ TODO: check
+CVE-2024-10945 (A Local Privilege Escalation vulnerability exists in the affected prod ...)
+ TODO: check
+CVE-2024-10944 (A Remote Code Execution vulnerability exists in the affected product. ...)
+ TODO: check
+CVE-2024-10943 (An authentication bypass vulnerability exists in the affected product. ...)
+ TODO: check
+CVE-2024-10923 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-10245 (The Relais 2FA plugin for WordPress is vulnerable to authentication by ...)
+ TODO: check
+CVE-2024-10218 (XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility),monito ...)
+ TODO: check
+CVE-2024-10217 (XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility),monito ...)
+ TODO: check
+CVE-2023-52268 (The End-User Portal module before 1.0.65 for FreeScout sometimes allow ...)
+ TODO: check
+CVE-2023-50176 (A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and ...)
+ TODO: check
+CVE-2023-47543 (An authorization bypass through user-controlled key vulnerability [CWE ...)
+ TODO: check
+CVE-2023-44255 (An exposure of sensitive information to an unauthorized actor [CWE-200 ...)
+ TODO: check
+CVE-2023-32736 (A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All vers ...)
+ TODO: check
+CVE-2024-49369 (Icinga is a monitoring system which checks the availability of network ...)
- icinga2 2.14.3-1 (bug #1087384)
NOTE: https://icinga.com/blog/2024/11/12/critical-icinga-2-security-releases-2-14-3/
NOTE: Fixed by: https://github.com/Icinga/icinga2/commit/2febc5e18ae0c93d989e64ebc2a9fd90e7205ad8 (v2.14.3)
@@ -8577,7 +9109,7 @@ CVE-2024-47874 (Starlette is an Asynchronous Server Gateway Interface (ASGI) fra
NOTE: https://github.com/encode/starlette/commit/fd038f3070c302bff17ef7d173dbb0b007617733 (0.40.0)
CVE-2024-47824 (matrix-react-sdk is react-based software development kit for inserting ...)
NOT-FOR-US: matrix-react-sdk
-CVE-2024-47779 (Element is a Matrix web client built using the Matrix React SDK .Eleme ...)
+CVE-2024-47779 (Element is a Matrix web client built using the Matrix React SDK. Eleme ...)
- element-web <itp> (bug #866502)
CVE-2024-47771 (Element Desktop is a Matrix client for desktop platforms. Element Desk ...)
NOT-FOR-US: Element Desktop
@@ -16233,7 +16765,7 @@ CVE-2024-35282 (A cleartext storage of sensitive information in memory vulnerabi
NOT-FOR-US: Fortinet
CVE-2024-34831 (cross-site scripting (XSS) vulnerability in Gibbon Core v26.0.00 allow ...)
NOT-FOR-US: Gibbon Core
-CVE-2024-33698 (A vulnerability has been identified in SIMATIC Information Server 2022 ...)
+CVE-2024-33698 (A vulnerability has been identified in Opcenter Execution Foundation ( ...)
NOT-FOR-US: Siemens
CVE-2024-33508 (An improper neutralization of special elements used in a command('Comm ...)
NOT-FOR-US: Fortinet
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36b1de617cc3744e1b988cdf9225d2d7aa38c950
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36b1de617cc3744e1b988cdf9225d2d7aa38c950
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241112/b6f54559/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list