Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0bb978b1 by Salvatore Bonaccorso at 2024-05-28T22:38:55+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -39,65 +39,65 @@ CVE-2024-35581 (A cross-site scripting (XSS) vulnerability
in Sourcecodester Lab
CVE-2024-35563 (CDG-Server-V5.6.2.126.139 and earlier was discovered to
contain a SQL ...)
TODO: check
CVE-2024-35510 (An arbitrary file upload vulnerability in
/dede/file_manage_control.ph ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-35403 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to
contain a sta ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-35401 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to
contain a com ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-35400 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to
contain a sta ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-35399 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to
contain a sta ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-35398 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to
contain a sta ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-35397 (TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to
contain a co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-35344 (Certain Anpviz products contain a hardcoded cryptographic key
stored i ...)
- TODO: check
+ NOT-FOR-US: Anpviz
CVE-2024-35343 (Certain Anpviz products allow unauthenticated users to
download arbitr ...)
- TODO: check
+ NOT-FOR-US: Anpviz
CVE-2024-35342 (Certain Anpviz products allow unauthenticated users to modify
or disab ...)
- TODO: check
+ NOT-FOR-US: Anpviz
CVE-2024-35341 (Certain Anpviz products allow unauthenticated users to
download the ru ...)
- TODO: check
+ NOT-FOR-US: Anpviz
CVE-2024-35324 (Douchat 4.0.5 suffers from an arbitrary file upload
vulnerability via ...)
- TODO: check
+ NOT-FOR-US: Douchat
CVE-2024-34854 (F-logic DataCube3 v1.0 is vulnerable to File Upload via
`/admin/transc ...)
- TODO: check
+ NOT-FOR-US: F-logic DataCube3
CVE-2024-34852 (F-logic DataCube3 v1.0 is affected by command injection due to
imprope ...)
- TODO: check
+ NOT-FOR-US: F-logic DataCube3
CVE-2024-33849 (ci solution CI-Out-of-Office Manager through 6.0.0.77 uses a
Hard-code ...)
- TODO: check
+ NOT-FOR-US: ci solution CI-Out-of-Office Manager
CVE-2024-33808 (A SQL injection vulnerability in /model/get_timetable.php in
campcodes ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33807 (A SQL injection vulnerability in
/model/get_teacher_timetable.php in c ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33806 (A SQL injection vulnerability in /model/get_grade.php in
campcodes Com ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33805 (A SQL injection vulnerability in /model/get_student.php in
campcodes C ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33804 (A SQL injection vulnerability in /model/get_subject.php in
campcodes C ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33803 (A SQL injection vulnerability in /model/get_exam.php in
campcodes Comp ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33802 (A SQL injection vulnerability in
/model/get_student_subject.php in cam ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33801 (A SQL injection vulnerability in
/model/get_subject_routing.php in cam ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33800 (A SQL injection vulnerability in /model/get_student1.php in
campcodes ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33799 (A SQL injection vulnerability in /model/get_teacher.php in
campcodes C ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-33450 (SQL Injection in Finereport v.8.0 allows a remote attacker to
obtain s ...)
- TODO: check
+ NOT-FOR-US: Finereport
CVE-2024-33402 (A SQL injection vulnerability in /model/approve_petty_cash.php
in camp ...)
- TODO: check
+ NOT-FOR-US: campcodes Complete Web-Based School Management System
CVE-2024-30212 (If a SCSI READ(10) command is initiated via USB using the
largest LBA ...)
TODO: check
CVE-2024-30165 (Amazon AWS Client VPN before 3.9.1 on macOS has a buffer
overflow that ...)
- TODO: check
+ NOT-FOR-US: Amazon AWS Client VPN
CVE-2024-30164 (Amazon AWS Client VPN has a buffer overflow that could
potentially all ...)
- TODO: check
+ NOT-FOR-US: Amazon AWS Client VPN
CVE-2024-2451 (Improper fingerprint validation in the TeamViewer Client (Full
& Host) ...)
TODO: check
CVE-2024-2199 (A denial of service vulnerability was found in 389-ds-base ldap
server ...)
@@ -105,35 +105,35 @@ CVE-2024-2199 (A denial of service vulnerability was
found in 389-ds-base ldap s
CVE-2024-29072 (A privilege escalation vulnerability exists in the Foxit
Reader 2024.2 ...)
NOT-FOR-US: Foxit Reader
CVE-2024-28061 (An issue was discovered in Apiris Kafeo 6.4.4. It permits a
bypass, of ...)
- TODO: check
+ NOT-FOR-US: Apiris Kafeo
CVE-2024-28060 (An issue was discovered in Apiris Kafeo 6.4.4. It permits DLL
hijackin ...)
- TODO: check
+ NOT-FOR-US: Apiris Kafeo
CVE-2024-26024 (SUBNET Solutions Inc. has identified vulnerabilities in
third-party co ...)
TODO: check
CVE-2024-24963 (A stack-based buffer overflow vulnerability exists in the
Programming ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24962 (A stack-based buffer overflow vulnerability exists in the
Programming ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24959 (Several out-of-bounds write vulnerabilities exist in the
Programming S ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24958 (Several out-of-bounds write vulnerabilities exist in the
Programming S ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24957 (Several out-of-bounds write vulnerabilities exist in the
Programming S ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24956 (Several out-of-bounds write vulnerabilities exist in the
Programming S ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24955 (Several out-of-bounds write vulnerabilities exist in the
Programming S ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24954 (Several out-of-bounds write vulnerabilities exist in the
Programming S ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24947 (A heap-based buffer overflow vulnerability exists in the
Programming S ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24946 (A heap-based buffer overflow vulnerability exists in the
Programming S ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24919 (Potentially allowing an attacker to read certain information
on Check ...)
- TODO: check
+ NOT-FOR-US: Check Point Security Gateways
CVE-2024-24851 (A heap-based buffer overflow vulnerability exists in the
Programming S ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect
CVE-2024-24686 (Multiple stack-based buffer overflow vulnerabilities exist in
the read ...)
TODO: check
CVE-2024-24685 (Multiple stack-based buffer overflow vulnerabilities exist in
the read ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bb978b1d45343fad1e6e6fd405936b5605b6583
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bb978b1d45343fad1e6e6fd405936b5605b6583
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
