Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
706be4d1 by Salvatore Bonaccorso at 2024-12-10T21:43:52+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,247 +31,247 @@ CVE-2024-54751 (COMFAST CF-WR630AX v2.7.0.2 was
discovered to contain a hardcode
CVE-2024-54152 (Angular Expressions provides expressions for the Angular.JS
web framew ...)
TODO: check
CVE-2024-54095 (A vulnerability has been identified in Solid Edge SE2024 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54094 (A vulnerability has been identified in Solid Edge SE2024 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54093 (A vulnerability has been identified in Solid Edge SE2024 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54091 (A vulnerability has been identified in Parasolid V36.1 (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-54008 (An authenticated Remote Code Execution (RCE) vulnerability
exists in t ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2024-54005 (A vulnerability has been identified in COMOS V10.3 (All
versions < V10 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-53866 (The package manager pnpm prior to version 9.15.0 seems to
mishandle ov ...)
TODO: check
CVE-2024-53832 (A vulnerability has been identified in CPCI85 Central
Processing/Commu ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-53481 (A Cross Site Scripting (XSS) vulnerability in the profile.php
of PHPGu ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Beauty Parlour Management System
CVE-2024-53480 (Phpgurukul's Beauty Parlour Management System v1.1 is
vulnerable to SQ ...)
- TODO: check
+ NOT-FOR-US: Phpgurukul's Beauty Parlour Management System
CVE-2024-53247 (In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7,
and versi ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53246 (In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7
and Splunk ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53245 (In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7
and Splunk ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53244 (In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7
and Splunk ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53243 (In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7
and versio ...)
- TODO: check
+ NOT-FOR-US: Splunk Enterprise
CVE-2024-53242 (A vulnerability has been identified in Teamcenter
Visualization V14.2 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-53041 (A vulnerability has been identified in Teamcenter
Visualization V14.2 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-52538 (Dell Avamar, version(s) 19.9, contain(s) an Improper
Neutralization of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-52051 (A vulnerability has been identified in SIMATIC S7-PLCSIM V17
(All vers ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-51165 (SQL injection vulnerability in JEPAAS7.2.8, via
/je/rbac/rbac/loadLogi ...)
- TODO: check
+ NOT-FOR-US: JEPAAS
CVE-2024-50931 (Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to
contain insec ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs Z-Wave Series 500
CVE-2024-50930 (An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows
attackers to ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs Z-Wave Series 500
CVE-2024-50929 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series
700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series 700 and 800
CVE-2024-50928 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series
700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series
CVE-2024-50924 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series
700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series
CVE-2024-50921 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series
700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series
CVE-2024-50920 (Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series
700 and 80 ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs (SiLabs) Z-Wave Series
CVE-2024-50699 (TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and
TL-WR845N ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-49849 (A vulnerability has been identified in SIMATIC S7-PLCSIM V16
(All vers ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-49704 (A vulnerability has been identified in COMOS V10.3 (All
versions < V10 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-49554 (Media Encoder versions 25.0, 24.6.3 and earlier are affected
by a NULL ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49553 (Media Encoder versions 25.0, 24.6.3 and earlier are affected
by an out ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49552 (Media Encoder versions 25.0, 24.6.3 and earlier are affected
by a Heap ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49551 (Media Encoder versions 25.0, 24.6.3 and earlier are affected
by an out ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49535 (Acrobat Reader versions 24.005.20307, 24.001.30213,
24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49534 (Acrobat Reader versions 24.005.20307, 24.001.30213,
24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49533 (Acrobat Reader versions 24.005.20307, 24.001.30213,
24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49532 (Acrobat Reader versions 24.005.20307, 24.001.30213,
24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49531 (Acrobat Reader versions 24.005.20307, 24.001.30213,
24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49530 (Acrobat Reader versions 24.005.20307, 24.001.30213,
24.001.30193, 20.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-49142 (Microsoft Access Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49138 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49132 (Windows Remote Desktop Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49129 (Windows Remote Desktop Gateway (RD Gateway) Denial of Service
Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49128 (Windows Remote Desktop Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49127 (Windows Lightweight Directory Access Protocol (LDAP) Remote
Code Execu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49126 (Windows Local Security Authority Subsystem Service (LSASS)
Remote Code ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49125 (Windows Routing and Remote Access Service (RRAS) Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49124 (Lightweight Directory Access Protocol (LDAP) Client Remote
Code Execut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49123 (Windows Remote Desktop Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49122 (Microsoft Message Queuing (MSMQ) Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49121 (Windows Lightweight Directory Access Protocol (LDAP) Denial of
Service ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49120 (Windows Remote Desktop Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49119 (Windows Remote Desktop Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49118 (Microsoft Message Queuing (MSMQ) Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49117 (Windows Hyper-V Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49116 (Windows Remote Desktop Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49115 (Windows Remote Desktop Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49114 (Windows Cloud Files Mini Filter Driver Elevation of Privilege
Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49113 (Windows Lightweight Directory Access Protocol (LDAP) Denial of
Service ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49112 (Windows Lightweight Directory Access Protocol (LDAP) Remote
Code Execu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49111 (Wireless Wide Area Network Service (WwanSvc) Elevation of
Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49110 (Windows Mobile Broadband Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49109 (Wireless Wide Area Network Service (WwanSvc) Elevation of
Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49108 (Windows Remote Desktop Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49107 (WmsRepair Service Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49106 (Windows Remote Desktop Services Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49105 (Remote Desktop Client Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49104 (Windows Routing and Remote Access Service (RRAS) Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49103 (Windows Wireless Wide Area Network Service (WwanSvc)
Information Discl ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49102 (Windows Routing and Remote Access Service (RRAS) Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49101 (Wireless Wide Area Network Service (WwanSvc) Elevation of
Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49099 (Windows Wireless Wide Area Network Service (WwanSvc)
Information Discl ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49098 (Windows Wireless Wide Area Network Service (WwanSvc)
Information Discl ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49097 (Windows PrintWorkflowUserSvc Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49096 (Microsoft Message Queuing (MSMQ) Denial of Service
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49095 (Windows PrintWorkflowUserSvc Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49094 (Wireless Wide Area Network Service (WwanSvc) Elevation of
Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49093 (Windows Resilient File System (ReFS) Elevation of Privilege
Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49092 (Windows Mobile Broadband Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49091 (Windows Domain Name Service Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49090 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49089 (Windows Routing and Remote Access Service (RRAS) Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49088 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49087 (Windows Mobile Broadband Driver Information Disclosure
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49086 (Windows Routing and Remote Access Service (RRAS) Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49085 (Windows Routing and Remote Access Service (RRAS) Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49084 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49083 (Windows Mobile Broadband Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49082 (Windows File Explorer Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49081 (Wireless Wide Area Network Service (WwanSvc) Elevation of
Privilege Vu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49080 (Windows IP Routing Management Snapin Remote Code Execution
Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49079 (Input Method Editor (IME) Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49078 (Windows Mobile Broadband Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49077 (Windows Mobile Broadband Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49076 (Windows Virtualization-Based Security (VBS) Enclave Elevation
of Privi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49075 (Windows Remote Desktop ServicesDenial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49074 (Windows Kernel-Mode Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49073 (Windows Mobile Broadband Driver Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49072 (Windows Task Scheduler Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49070 (Microsoft SharePoint Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49069 (Microsoft Excel Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49068 (Microsoft SharePoint Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49065 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49064 (Microsoft SharePoint Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49063 (Microsoft/Muzic Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49062 (Microsoft SharePoint Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49059 (Microsoft Office Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-49057 (Microsoft Defender for Endpoint on Android Spoofing
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-47977 (Dell Avamar, version(s) 19.9, contain(s) an Improper
Neutralization of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-47484 (Dell Avamar, version(s) 19.9, contain(s) an Improper
Neutralization of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-47117 (IBM Carbon Design System (Carbon Charts 0.4.0 through 1.13.16)
is vuln ...)
NOT-FOR-US: IBM
CVE-2024-46657 (Artifex Software mupdf v1.24.9 was discovered to contain a
segmentatio ...)
TODO: check
CVE-2024-46442 (An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows
attacke ...)
- TODO: check
+ NOT-FOR-US: BYD Dilink Headunit System
CVE-2024-46341 (TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit
credentials ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-46340 (TP-Link TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219
was discov ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-45709 (SolarWinds Web Help Desk was susceptible to a local file read
vulnerab ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-45494 (An issue was discovered in MSA Safety FieldServer Gateways and
Embedde ...)
TODO: check
CVE-2024-45493 (An issue was discovered in MSA Safety FieldServer Gateways and
Embedde ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-43600 (Microsoft Office Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-43594 (System Center Operations Manager Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-12323 (The turboSMTP plugin for WordPress is vulnerable to Reflected
Cross-Si ...)
TODO: check
CVE-2024-12286 (MOBATIME Network Master Clock - DTS 4801 allows attackers to
use SSH t ...)
@@ -339,7 +339,7 @@ CVE-2024-54149 (Winter is a free, open-source content
management system (CMS) ba
CVE-2024-53919 (An injection vulnerability in Barco ClickShare CX-30/20,
C-5/10, and C ...)
NOT-FOR-US: Barco
CVE-2024-53552 (CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles
password res ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2024-50628 (An issue was discovered in the web services of Digi
ConnectPort LTS be ...)
NOT-FOR-US: Digi ConnectPort LTS
CVE-2024-50627 (An issue was discovered in Digi ConnectPort LTS before 1.4.12.
A Privi ...)
@@ -353,7 +353,7 @@ CVE-2024-47946 (If the attacker has access to a valid
Poweruser session, remote
CVE-2024-47585 (SAP NetWeaver Application Server for ABAP and ABAP Platform
allows an ...)
NOT-FOR-US: SAP
CVE-2024-47582 (Due to missing validation of XML input, an unauthenticated
attacker co ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-47581 (SAP HCM Approve Timesheets Version 4 application does not
perform nece ...)
NOT-FOR-US: SAP
CVE-2024-47580 (An attacker authenticated as an administrator can use an
exposed webse ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/706be4d1d4708a204285f979806759ccd878393b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/706be4d1d4708a204285f979806759ccd878393b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
