[Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 11 09:47:26 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4d141112 by Salvatore Bonaccorso at 2024-09-11T10:47:06+02:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25,21 +25,21 @@ CVE-2024-7721 (The HTML5 Video Player \u2013 mp4 Video Player Plugin and Block p
CVE-2024-7716 (The Logo Slider WordPress plugin before 3.6.9 does not sanitise and e ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7626 (The WP Delicious \u2013 Recipe Plugin for Food Bloggers (formerly Deli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-45597 (Pluto is a superset of Lua 5.4 with a focus on general-purpose program ...)
TODO: check
CVE-2024-44107 (DLL hijacking in the management console of Ivanti Workspace Control ve ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-44106 (Insufficient server-side controls in the management console of Ivanti ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-44105 (Cleartext transmission of sensitive information in the management cons ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-44104 (An incorrectly implemented authentication scheme that is subjected to ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-44103 (DLL hijacking in the management console of Ivanti Workspace Control ve ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-43690 (Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in t ...)
- TODO: check
+ NOT-FOR-US: Gallagher
CVE-2024-40662 (In scheme of Uri.java, there is a possible way to craft a malformed Ur ...)
TODO: check
CVE-2024-40659 (In getRegistration of RemoteProvisioningService.java, there is a possi ...)
@@ -145,7 +145,7 @@ CVE-2024-45595 (D-Tale is a visualizer for Pandas data structures. Users hosting
CVE-2024-45593 (Nix is a package manager for Linux and other Unix systems. A bug in Ni ...)
TODO: check
CVE-2024-45592 (auditor-bundle, formerly known as DoctrineAuditBundle, integrates audi ...)
- TODO: check
+ NOT-FOR-US: auditor-bundle / DoctrineAuditBundle
CVE-2024-45591 (XWiki Platform is a generic wiki platform. The REST API exposes the hi ...)
NOT-FOR-US: XWiki
CVE-2024-45590 (body-parser is Node.js body parsing middleware. body-parser <1.20.3 is ...)
@@ -155,9 +155,9 @@ CVE-2024-45412 (Yeti bridges the gap between CTI and DFIR practitioners by provi
CVE-2024-45409 (The Ruby SAML library is for implementing the client side of a SAML au ...)
TODO: check
CVE-2024-45407 (Sunshine is a self-hosted game stream host for Moonlight. Clients that ...)
- TODO: check
+ NOT-FOR-US: Sunshine
CVE-2024-45393 (Computer Vision Annotation Tool (CVAT) is an interactive video and ima ...)
- TODO: check
+ NOT-FOR-US: Computer Vision Annotation Tool (CVAT)
CVE-2024-45323 (An improper access control vulnerability[CWE-284] in FortiEDR Manager ...)
NOT-FOR-US: FortiGuard
CVE-2024-45044 (Bareos is open source software for backup, archiving, and recovery of ...)
@@ -178,9 +178,9 @@ CVE-2024-44867 (phpok v3.0 was discovered to contain an arbitrary file read vuln
CVE-2024-44815 (Vulnerability in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a ph ...)
NOT-FOR-US: Hathway Skyworth Router CM5100
CVE-2024-44677 (eladmin v2.7 and before is vulnerable to Server-Side Request Forgery ( ...)
- TODO: check
+ NOT-FOR-US: eladmin
CVE-2024-44676 (eladmin v2.7 and before is vulnerable to Cross Site Scripting (XSS) wh ...)
- TODO: check
+ NOT-FOR-US: eladmin
CVE-2024-44667 (Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628 ...)
NOT-FOR-US: Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router
CVE-2024-44087 (A vulnerability has been identified in Automation License Manager V5 ( ...)
@@ -194,9 +194,9 @@ CVE-2024-43796 (Express.js minimalist web framework for node. In express < 4.20.
CVE-2024-43781 (A vulnerability has been identified in SINUMERIK 828D V4 (All versions ...)
NOT-FOR-US: Siemens
CVE-2024-43647 (A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-43495 (Windows libarchive Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-43492 (Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-43491 (Microsoft is aware of a vulnerability in Servicing Stack that has roll ...)
@@ -256,59 +256,59 @@ CVE-2024-43386 (A low privileged remote attacker can trigger the execution of ar
CVE-2024-43385 (A low privileged remote attacker can trigger theexecution of arbitrary ...)
TODO: check
CVE-2024-43040 (Renwoxing Enterprise Intelligent Management System before v3.0 was dis ...)
- TODO: check
+ NOT-FOR-US: Renwoxing Enterprise Intelligent Management System
CVE-2024-42425 (Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-42423 (Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains ...)
- TODO: check
+ NOT-FOR-US: Citrix Workspace App on Dell ThinOS 2311
CVE-2024-42345 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-42344 (A vulnerability has been identified in SINEMA Remote Connect Client (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-41171 (A vulnerability has been identified in SINUMERIK 828D V4 (All versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-41170 (A vulnerability has been identified in Tecnomatix Plant Simulation V23 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-40754 (Heap-based Buffer Overflow vulnerability in Samsung Open Source Escarg ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-39583 (Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-39582 (Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Cr ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-39581 (Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File o ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-39580 (Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Impro ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-39574 (Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-38263 (Windows Remote Desktop Licensing Service Remote Code Execution Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38260 (Windows Remote Desktop Licensing Service Remote Code Execution Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38259 (Microsoft Management Console Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38258 (Windows Remote Desktop Licensing Service Information Disclosure Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38257 (Microsoft AllJoyn API Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38256 (Windows Kernel-Mode Driver Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38254 (Windows Authentication Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38253 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38252 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38250 (Windows Graphics Component Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38249 (Windows Graphics Component Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38248 (Windows Storage Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38247 (Windows Graphics Component Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38246 (Win32k Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38245 (Kernel Streaming Service Driver Elevation of Privilege Vulnerability)
TODO: check
CVE-2024-38244 (Kernel Streaming Service Driver Elevation of Privilege Vulnerability)
@@ -320,89 +320,89 @@ CVE-2024-38242 (Kernel Streaming Service Driver Elevation of Privilege Vulnerabi
CVE-2024-38241 (Kernel Streaming Service Driver Elevation of Privilege Vulnerability)
TODO: check
CVE-2024-38240 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38239 (Windows Kerberos Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38238 (Kernel Streaming Service Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38237 (Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulne ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38236 (DHCP Server Service Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38235 (Windows Hyper-V Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38234 (Windows Networking Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38233 (Windows Networking Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38232 (Windows Networking Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38231 (Windows Remote Desktop Licensing Service Denial of Service Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38230 (Windows Standards-Based Storage Management Service Denial of Service V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38228 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38227 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38226 (Microsoft Publisher Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38225 (Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38220 (Azure Stack Hub Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38217 (Windows Mark of the Web Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38216 (Azure Stack Hub Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38194 (An authenticated attacker can exploit an improper authorization vulner ...)
TODO: check
CVE-2024-38188 (Azure Network Watcher VM Agent Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38119 (Windows Network Address Translation (NAT) Remote Code Execution Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38046 (PowerShell Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38045 (Windows TCP/IP Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38018 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-38014 (Windows Installer Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37995 (A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6G ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37994 (A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6G ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37993 (A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6G ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37992 (A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6G ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37991 (A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6G ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37990 (A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6G ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37980 (Microsoft SQL Server Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37966 (Microsoft SQL Server Native Scoring Information Disclosure Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37965 (Microsoft SQL Server Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37728 (Arbitrary File Read vulnerability in Xi'an Daxi Information Technology ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37342 (Microsoft SQL Server Native Scoring Information Disclosure Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37341 (Microsoft SQL Server Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37340 (Microsoft SQL Server Native Scoring Remote Code Execution Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37339 (Microsoft SQL Server Native Scoring Remote Code Execution Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37338 (Microsoft SQL Server Native Scoring Remote Code Execution Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37337 (Microsoft SQL Server Native Scoring Information Disclosure Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-37335 (Microsoft SQL Server Native Scoring Remote Code Execution Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-36511 (An improperly implemented security check for standard vulnerability [C ...)
TODO: check
CVE-2024-35783 (A vulnerability has been identified in SIMATIC BATCH V9.1 (All version ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d141112caf15ddf9c97a0bc07244d420450cff1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d141112caf15ddf9c97a0bc07244d420450cff1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240911/2aadb3b2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list