[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 06 Feb 2024 03:42:45 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
05bc55f4 by Salvatore Bonaccorso at 2024-02-06T12:42:06+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,177 +1,177 @@
 CVE-2024-24808 (pyLoad is an open-source Download Manager written in pure 
Python. Ther ...)
        - pyload <itp> (bug #1001980)
 CVE-2024-24807 (Sulu is a highly extensible open-source PHP content management 
system  ...)
-       TODO: check
+       NOT-FOR-US: Sulu
 CVE-2024-24595 (Allegro AI\u2019s open-source version of ClearML stores 
passwords in p ...)
        TODO: check
 CVE-2024-24574 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ 
and MySQL, ...)
-       TODO: check
+       NOT-FOR-US: phpMyFAQ
 CVE-2024-24559 (Vyper is a Pythonic Smart Contract Language for the EVM. There 
is an e ...)
-       TODO: check
+       NOT-FOR-US: Vyper
 CVE-2024-24543 (Buffer Overflow vulnerability in the function setSchedWifi in 
Tenda AC ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2024-24398 (Directory Traversal vulnerability in Stimulsoft GmbH 
Stimulsoft Dashbo ...)
-       TODO: check
+       NOT-FOR-US: Stimulsoft GmbH Stimulsoft Dashboard.JS
 CVE-2024-24112 (xmall v1.1 was discovered to contain a SQL injection 
vulnerability via ...)
-       TODO: check
+       NOT-FOR-US: Exrick xmall
 CVE-2024-23304 (Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote 
unauthentica ...)
-       TODO: check
+       NOT-FOR-US: Cybozu KUNAI for Android
 CVE-2024-23049 (An issue in symphony v.3.6.3 and before allows a remote 
attacker to ex ...)
        TODO: check
 CVE-2024-22853 (D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded 
password fo ...)
-       TODO: check
+       NOT-FOR-US: D-LINK
 CVE-2024-22852 (D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a 
stack-based buff ...)
-       TODO: check
+       NOT-FOR-US: D-LINK
 CVE-2024-22773 (Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password 
in Cookie ...)
-       TODO: check
+       NOT-FOR-US: Intelbras Roteador ACtion RF 1200
 CVE-2024-22208 (phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ 
and MySQL, ...)
-       TODO: check
+       NOT-FOR-US: phpMyFAQ
 CVE-2024-20828 (Improper authorization verification vulnerability in Samsung 
Internet  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20827 (Improper access control vulnerability in Samsung Gallery prior 
to vers ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20826 (Implicit intent hijacking vulnerability in UPHelper library 
prior to v ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20825 (Implicit intent hijacking vulnerability in IAP of Galaxy Store 
prior t ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20824 (Implicit intent hijacking vulnerability in VoiceSearch of 
Galaxy Store ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20823 (Implicit intent hijacking vulnerability in SamsungAccount of 
Galaxy St ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20822 (Implicit intent hijacking vulnerability in AccountActivity of 
Galaxy S ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20820 (Improper input validation in bootloader prior to SMR Feb-2024 
Release  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20819 (Out out bounds Write vulnerabilities in svc1td_vld_plh_ap of 
libsthmbc ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20818 (Out out bounds Write vulnerabilities in svc1td_vld_elh of 
libsthmbc.so ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20817 (Out out bounds Write vulnerabilities in svc1td_vld_slh of 
libsthmbc.so ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20816 (Improper authentication vulnerability in 
onCharacteristicWriteRequest  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20815 (Improper authentication vulnerability in 
onCharacteristicReadRequest i ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20814 (Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so 
prior to  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20813 (Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to 
SMR Feb-2 ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20812 (Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to 
SMR Feb-2 ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20811 (Improper caller verification in GameOptimizer prior to SMR 
Feb-2024 Re ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20810 (Implicit intent hijacking vulnerability in Smart Suggestions 
prior to  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-1210 (The LearnDash LMS plugin for WordPress is vulnerable to 
Sensitive Info ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1209 (The LearnDash LMS plugin for WordPress is vulnerable to 
Sensitive Info ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1208 (The LearnDash LMS plugin for WordPress is vulnerable to 
Sensitive Info ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1177 (The WP Club Manager \u2013 WordPress Sports Club Plugin plugin 
for Wor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1121 (The Advanced Forms for ACF plugin for WordPress is vulnerable 
to unaut ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1092 (The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, 
News & ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1075 (The Minimal Coming Soon \u2013 Coming Soon Page plugin for 
WordPress i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1072 (The Website Builder by SeedProd \u2014 Theme Builder, Landing 
Page Bui ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1052 (Boundary and Boundary Enterprise (\u201cBoundary\u201d) is 
vulnerable  ...)
        TODO: check
 CVE-2024-1046 (The Paid Membership Plugin, Ecommerce, User Registration Form, 
Login F ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0969 (The ARMember plugin for WordPress is vulnerable to Sensitive 
Informati ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0964 (A local file include could be remotely triggered in Gradio due 
to a vu ...)
        TODO: check
 CVE-2024-0961 (The SiteOrigin Widgets Bundle plugin for WordPress is 
vulnerable to St ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0954 (The Essential Addons for Elementor \u2013 Best Elementor 
Templates, Wi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0869 (The Instant Images \u2013 One Click Image Uploads from 
Unsplash, Openv ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0859 (The Affiliates Manager plugin for WordPress is vulnerable to 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0835 (The Royal Elementor Kit theme for WordPress is vulnerable to 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0834 (The Elementor Addon Elements plugin for WordPress is vulnerable 
to Sto ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0823 (The Exclusive Addons for Elementor plugin for WordPress is 
vulnerable  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0797 (The Active Products Tables for WooCommerce. Professional 
products tabl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0796 (The Active Products Tables for WooCommerce. Professional 
products tabl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0791 (The WOLF \u2013 WordPress Posts Bulk Editor and Manager 
Professional p ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0790 (The WOLF \u2013 WordPress Posts Bulk Editor and Manager 
Professional p ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0761 (The File Manager plugin for WordPress is vulnerable to 
Sensitive Infor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0709 (The Cryptocurrency Widgets \u2013 Price Ticker & Coins List 
plugin for ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0701 (The UserPro plugin for WordPress is vulnerable to Security 
Feature Byp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0699 (The AI Engine: Chatbots, Generators, Assistants, GPT 4 and 
more! plugi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0691 (The FileBird plugin for WordPress is vulnerable to Stored 
Cross-Site S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0678 (The Order Delivery Date for WP e-Commerce plugin for WordPress 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0668 (The Advanced Database Cleaner plugin for WordPress is 
vulnerable to PH ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0660 (The Formidable Forms \u2013 Contact Form, Survey, Quiz, 
Payment, Calcu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0659 (The Easy Digital Downloads \u2013 Sell Digital Files (eCommerce 
Store  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0630 (The WP RSS Aggregator plugin for WordPress is vulnerable to 
Stored Cro ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0612 (The Content Views \u2013 Post Grid, Slider, Accordion 
(Gutenberg Block ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0597 (The SEO Plugin by Squirrly SEO plugin for WordPress is 
vulnerable to S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0586 (The Essential Addons for Elementor \u2013 Best Elementor 
Templates, Wi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0585 (The Essential Addons for Elementor \u2013 Best Elementor 
Templates, Wi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0509 (The WP 404 Auto Redirect to Similar Post plugin for WordPress 
is vulne ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0508 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable 
to Store ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0448 (The Elementor Addons by Livemesh plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0428 (The Index Now plugin for WordPress is vulnerable to Cross-Site 
Request ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0384 (The WP Recipe Maker plugin for WordPress is vulnerable to 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0382 (The WP Recipe Maker plugin for WordPress is vulnerable to 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0380 (The WP Recipe Maker plugin for WordPress is vulnerable to 
Directory Tr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0374 (The Views for WPForms \u2013 Display & Edit WPForms Entries on 
your si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0373 (The Views for WPForms \u2013 Display & Edit WPForms Entries on 
your si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0372 (The Views for WPForms \u2013 Display & Edit WPForms Entries on 
your si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0371 (The Views for WPForms \u2013 Display & Edit WPForms Entries on 
your si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0370 (The Views for WPForms \u2013 Display & Edit WPForms Entries on 
your si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0366 (The Starbox \u2013 the Author Box for Humans plugin for 
WordPress is v ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0324 (The User Profile Builder \u2013 Beautiful User Registration 
Forms, Use ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0255 (The WP Recipe Maker plugin for WordPress is vulnerable to 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0254 (The (Simply) Guest Author Name plugin for WordPress is 
vulnerable to S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0244 (Buffer overflow in CPCA PCFAX number process of Office 
Multifunction P ...)
-       TODO: check
+       NOT-FOR-US: CPCA PCFAX
 CVE-2024-0221 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery 
plugin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0202 (A security vulnerability has been identified in the cryptlib 
cryptogra ...)
        TODO: check
 CVE-2023-7029 (The WordPress Button Plugin MaxButtons plugin for WordPress is 
vulnera ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05bc55f400ac48db2fa4f10b2e3d4080bdc86a1b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05bc55f400ac48db2fa4f10b2e3d4080bdc86a1b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to