Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5ca1e271 by Salvatore Bonaccorso at 2024-03-16T09:23:36+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,11 +1,11 @@ CVE-2024-2514 (A vulnerability classified as critical was found in MAGESH-K21 Online- ...) - TODO: check + NOT-FOR-US: MAGESH-K21 Online-College-Event-Hall-Reservation-System CVE-2024-2308 (The ElementInvader Addons for Elementor plugin for WordPress is vulner ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-2294 (The Backuply \u2013 Backup, Restore, Migrate and Clone plugin for Word ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-2042 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-28862 (The Ruby One Time Password library (ROTP) is an open source library fo ...) - ruby-rotp <unfixed> NOTE: https://github.com/mdp/rotp/security/advisories/GHSA-x2h8-qmj4-g62f @@ -13,59 +13,59 @@ CVE-2024-28862 (The Ruby One Time Password library (ROTP) is an open source libr CVE-2024-28859 (Symfony1 is a community fork of symfony 1.4 with DIC, form enhancement ...) TODO: check CVE-2024-28640 (Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B2020110 ...) - TODO: check + NOT-FOR-US: TOTOLink CVE-2024-28639 (Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B2020110 ...) - TODO: check + NOT-FOR-US: TOTOLink CVE-2024-28070 (A vulnerability in the legacy chat component of Mitel MiContact Center ...) - TODO: check + NOT-FOR-US: Mitel CVE-2024-28069 (A vulnerability in the legacy chat component of Mitel MiContact Center ...) - TODO: check + NOT-FOR-US: Mitel CVE-2024-27197 (Cross-Site Request Forgery (CSRF) vulnerability in Bee BeePress allows ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-27195 (Cross-Site Request Forgery (CSRF) vulnerability in Sandi Verdev Waterm ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-27194 (Cross-Site Request Forgery (CSRF) vulnerability in Andrei Ivasiuc Font ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-24845 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-24156 (Cross Site Scripting (XSS) vulnerability in Gnuboard g6 before Github ...) - TODO: check + NOT-FOR-US: Gnuboard CVE-2024-23523 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-23298 (A logic issue was addressed with improved state management.) - TODO: check + NOT-FOR-US: Apple CVE-2024-22513 (djangorestframework-simplejwt version 5.3.1 and before is vulnerable t ...) TODO: check CVE-2024-22259 (Applications that use UriComponentsBuilder in Spring Frameworkto parse ...) TODO: check CVE-2024-1733 (The Word Replacer Pro plugin for WordPress is vulnerable to unauthoriz ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1685 (The Social Media Share Buttons plugin for WordPress is vulnerable to P ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1239 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6525 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51521 (Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz An ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51512 (Cross Site Request Forgery (CSRF) vulnerability in WBW Product Table b ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51510 (Cross-Site Request Forgery (CSRF) vulnerability in Atlas Gondal Export ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51491 (Cross-Site Request Forgery (CSRF) vulnerability in Averta Depicter Sli ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51489 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Cr ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51487 (Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft ARI Stream ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51486 (Cross-Site Request Forgery (CSRF) vulnerability in RedNao WooCommerce ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51474 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu TerraClass ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51407 (Cross-Site Request Forgery (CSRF) vulnerability in Rocket Elements Spl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-36483 (An authorization bypass was discovered in the Carrier MASmobile Classi ...) - TODO: check + NOT-FOR-US: Carrier applications CVE-2021-47135 (In the Linux kernel, the following vulnerability has been resolved: m ...) - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/d874e6c06952382897d35bf4094193cd44ae91bd (5.13-rc5) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca1e2710923ae3ea0890ca9625cca2bb917c60a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca1e2710923ae3ea0890ca9625cca2bb917c60a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits