[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Oct 23 21:28:24 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a344f8bb by Salvatore Bonaccorso at 2024-10-23T22:27:41+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,187 +1,187 @@
CVE-2024-9949 (Denial of Service in Forescout SecureConnector11.1.02.1019 on Windows ...)
- TODO: check
+ NOT-FOR-US: Forescout SecureConnector
CVE-2024-8500 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5764 (Use of Hard-coded Credentials vulnerability in Sonatype Nexus Reposito ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2024-50383 (Botan before 3.6.0, when certain GCC versions are used, has a compiler ...)
TODO: check
CVE-2024-50382 (Botan before 3.6.0, when certain LLVM versions are used, has compiler- ...)
TODO: check
CVE-2024-50050 (Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 ...)
- TODO: check
+ NOT-FOR-US: Llama Stack
CVE-2024-49756 (AshPostgres is the PostgreSQL data layer for Ash Framework. Starting i ...)
TODO: check
CVE-2024-49751 (Press, a Frappe custom app that runs Frappe Cloud, manages infrastruct ...)
TODO: check
CVE-2024-49701 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-49690 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49684 (Deserialization of Untrusted Data vulnerability in Revmakx Backup and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49676 (Unrestricted Upload of File with Dangerous Type vulnerability in Micha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49675 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49671 (Unrestricted Upload of File with Dangerous Type vulnerability in Dogu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49669 (Unrestricted Upload of File with Dangerous Type vulnerability in Alexa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49668 (Unrestricted Upload of File with Dangerous Type vulnerability in Admin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49658 (Unrestricted Upload of File with Dangerous Type vulnerability in Ecome ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49657 (Missing Authorization vulnerability in ReneeCussack 3D Work In Progres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49653 (Unrestricted Upload of File with Dangerous Type vulnerability in James ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49652 (Unrestricted Upload of File with Dangerous Type vulnerability in Renee ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49370 (Pimcore is an open source data and experience management platform. Whe ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2024-48964 (The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection w ...)
TODO: check
CVE-2024-48963 (The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection w ...)
TODO: check
CVE-2024-47904 (A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subsc ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-47903 (A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subsc ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-47902 (A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subsc ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-47901 (A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subsc ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-47575 (A missing authentication for critical function in FortiManager 7.6.0, ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-30124 (HCL Sametime is impacted by insecure services in-use on the UIM client ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-30122 (HCL Sametime is impacted by misconfigured security related HTTP header ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-20526 (A vulnerability in the SSH server of Cisco Adaptive Security Appliance ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20495 (A vulnerability in the Remote Access VPN feature of Cisco Adaptive Sec ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20494 (A vulnerability in the TLS cryptography functionality of Cisco Adaptiv ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20493 (A vulnerability in the login authentication functionality of the Remot ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20485 (A vulnerability in the VPN web server of Cisco Adaptive Security Appli ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20482 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20481 (A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adap ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20474 (A vulnerability in Internet Key Exchange version 2 (IKEv2) processing ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20473 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20472 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20471 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20431 (A vulnerability in the geolocation access control feature of Cisco Fir ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20426 (A vulnerability in the Internet Key Exchange version 2 (IKEv2) protoco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20424 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20415 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20412 (A vulnerability in Cisco Firepower Threat Defense (FTD) Software for C ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20410 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20409 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20408 (A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20407 (A vulnerability in the interaction between the TCP Intercept feature a ...)
TODO: check
CVE-2024-20403 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20402 (A vulnerability in the SSL VPN feature for Cisco Adaptive Security App ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20388 (A vulnerability in the password change feature of Cisco Firepower Mana ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20387 (A vulnerability in the web-based management interface of Cisco FMC Sof ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20386 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20384 (A vulnerability in the Network Service Group (NSG) feature of Cisco Ad ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20382 (A vulnerability in the VPN web client services feature of Cisco Adapti ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20379 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20377 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20374 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20372 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20370 (A vulnerability in the Cisco FXOS CLI feature on specific hardware pla ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20364 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20351 (A vulnerability in the TCP/IP traffic handling function of the Snort D ...)
TODO: check
CVE-2024-20342 (Multiple Cisco products are affected by a vulnerability in the rate fi ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20341 (A vulnerability in the VPN web client services feature of Cisco Adapti ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20340 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20339 (A vulnerability in the TLS processing feature of Cisco Firepower Threa ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20331 (A vulnerability in the session authentication functionality of the Rem ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20330 (A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engin ...)
TODO: check
CVE-2024-20329 (A vulnerability in the SSH subsystem of Cisco Adaptive Security Applia ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20300 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20299 (A vulnerability in the AnyConnect firewall for Cisco Adaptive Security ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20298 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20297 (A vulnerability in the AnyConnect firewall for Cisco Adaptive Security ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20275 (A vulnerability in the cluster backup feature of Cisco Secure Firewall ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20274 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20273 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20269 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20268 (A vulnerability in the Simple Network Management Protocol (SNMP) featu ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20264 (A vulnerability in the web-based management interface of Cisco Firepow ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20260 (A vulnerability in the VPN and management web servers of the Cisco Ada ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-10301 (A vulnerability, which was classified as critical, was found in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10300 (A vulnerability, which was classified as critical, has been found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10299 (A vulnerability classified as critical was found in PHPGurukul Medical ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10298 (A vulnerability classified as critical has been found in PHPGurukul Me ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10297 (A vulnerability was found in PHPGurukul Medical Card Generation System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10296 (A vulnerability was found in PHPGurukul Medical Card Generation System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Medical Card Generation System
CVE-2024-10293 (A vulnerability was found in ZZCMS 2023. It has been classified as cri ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-10292 (A vulnerability was found in ZZCMS 2023 and classified as critical. Th ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-10291 (A vulnerability has been found in ZZCMS 2023 and classified as critica ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-10290 (A vulnerability, which was classified as problematic, was found in ZZC ...)
- TODO: check
+ NOT-FOR-US: ZZCMS
CVE-2024-10289 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 t ...)
TODO: check
CVE-2024-10288 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 t ...)
@@ -191,27 +191,27 @@ CVE-2024-10287 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1
CVE-2024-10286 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 t ...)
TODO: check
CVE-2024-10283 (A vulnerability, which was classified as critical, has been found in T ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10282 (A vulnerability classified as critical was found in Tenda RX9 and RX9 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10281 (A vulnerability classified as critical has been found in Tenda RX9 and ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10280 (A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10279 (A vulnerability was found in ESAFENET CDG 5. It has been declared as c ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG
CVE-2024-10278 (A vulnerability was found in ESAFENET CDG 5. It has been classified as ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG
CVE-2024-10277 (A vulnerability was found in ESAFENET CDG 5 and classified as critical ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG
CVE-2024-10276 (A vulnerability has been found in Tektronix Sentry 6.0.9 and classifie ...)
TODO: check
CVE-2024-10250 (The Nioland theme for WordPress is vulnerable to Reflected Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-10041 (A vulnerability was found in PAM. The secret information is stored in ...)
TODO: check
CVE-2023-50310 (IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-9947 (The ProfilePress Pro plugin for WordPress is vulnerable to authenticat ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9927 (The WooCommerce Order Proposal plugin for WordPress is vulnerable to p ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a344f8bb4a823bd026e7ab7f61a59551de4a54a8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a344f8bb4a823bd026e7ab7f61a59551de4a54a8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241023/b4ecf49c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list