Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ca1e271 by Salvatore Bonaccorso at 2024-03-16T09:23:36+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2024-2514 (A vulnerability classified as critical was found in MAGESH-K21
Online- ...)
- TODO: check
+ NOT-FOR-US: MAGESH-K21 Online-College-Event-Hall-Reservation-System
CVE-2024-2308 (The ElementInvader Addons for Elementor plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2294 (The Backuply \u2013 Backup, Restore, Migrate and Clone plugin
for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2042 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28862 (The Ruby One Time Password library (ROTP) is an open source
library fo ...)
- ruby-rotp <unfixed>
NOTE:
https://github.com/mdp/rotp/security/advisories/GHSA-x2h8-qmj4-g62f
@@ -13,59 +13,59 @@ CVE-2024-28862 (The Ruby One Time Password library (ROTP)
is an open source libr
CVE-2024-28859 (Symfony1 is a community fork of symfony 1.4 with DIC, form
enhancement ...)
TODO: check
CVE-2024-28640 (Buffer Overflow vulnerability in TOTOLink X5000R
V9.1.0u.6118-B2020110 ...)
- TODO: check
+ NOT-FOR-US: TOTOLink
CVE-2024-28639 (Buffer Overflow vulnerability in TOTOLink X5000R
V9.1.0u.6118-B2020110 ...)
- TODO: check
+ NOT-FOR-US: TOTOLink
CVE-2024-28070 (A vulnerability in the legacy chat component of Mitel
MiContact Center ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-28069 (A vulnerability in the legacy chat component of Mitel
MiContact Center ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-27197 (Cross-Site Request Forgery (CSRF) vulnerability in Bee
BeePress allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27195 (Cross-Site Request Forgery (CSRF) vulnerability in Sandi
Verdev Waterm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27194 (Cross-Site Request Forgery (CSRF) vulnerability in Andrei
Ivasiuc Font ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24845 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24156 (Cross Site Scripting (XSS) vulnerability in Gnuboard g6 before
Github ...)
- TODO: check
+ NOT-FOR-US: Gnuboard
CVE-2024-23523 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23298 (A logic issue was addressed with improved state management.)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-22513 (djangorestframework-simplejwt version 5.3.1 and before is
vulnerable t ...)
TODO: check
CVE-2024-22259 (Applications that use UriComponentsBuilder in Spring
Frameworkto parse ...)
TODO: check
CVE-2024-1733 (The Word Replacer Pro plugin for WordPress is vulnerable to
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1685 (The Social Media Share Buttons plugin for WordPress is
vulnerable to P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1239 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6525 (The ElementsKit Elementor addons plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51521 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech
Quiz An ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51512 (Cross Site Request Forgery (CSRF) vulnerability in WBW Product
Table b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51510 (Cross-Site Request Forgery (CSRF) vulnerability in Atlas
Gondal Export ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51491 (Cross-Site Request Forgery (CSRF) vulnerability in Averta
Depicter Sli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51489 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic,
Inc. Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51487 (Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft
ARI Stream ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51486 (Cross-Site Request Forgery (CSRF) vulnerability in RedNao
WooCommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51474 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu
TerraClass ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51407 (Cross-Site Request Forgery (CSRF) vulnerability in Rocket
Elements Spl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36483 (An authorization bypass was discovered in the Carrier
MASmobile Classi ...)
- TODO: check
+ NOT-FOR-US: Carrier applications
CVE-2021-47135 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/d874e6c06952382897d35bf4094193cd44ae91bd (5.13-rc5)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca1e2710923ae3ea0890ca9625cca2bb917c60a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca1e2710923ae3ea0890ca9625cca2bb917c60a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
