Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a1c499ca by Salvatore Bonaccorso at 2024-03-31T22:52:47+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,107 +1,107 @@
CVE-2024-31123 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31122 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31121 (Contributor Cross Site Scripting (XSS) in HeartThis <= 0.1.0
versions.)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31120 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31117 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31116 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31115 (Unrestricted Upload of File with Dangerous Type vulnerability
in Quant ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31114 (Unrestricted Upload of File with Dangerous Type vulnerability
in biplo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31112 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31110 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31108 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31107 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31106 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31104 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31103 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31102 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31101 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31100 (Cross-Site Request Forgery (CSRF) vulnerability in Festi-Team
Popup Ca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31097 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31096 (Cross-Site Request Forgery (CSRF) vulnerability in kopatheme
Nictitate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31095 (Authorization Bypass Through User-Controlled Key vulnerability
in Rica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31094 (Deserialization of Untrusted Data vulnerability in Filter
Custom Field ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31092 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31091 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31090 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31089 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31087 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31085 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31084 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30561 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30559 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30558 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30557 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30556 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30555 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30554 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30553 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30552 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30551 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30550 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30549 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30548 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30543 (Authorization Bypass Through User-Controlled Key vulnerability
in UPQO ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30541 (Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS
Optimize.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30536 (Cross-Site Request Forgery (CSRF) vulnerability in WPFactory
Slugs Man ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30535 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30533 (Unrestricted Upload of File with Dangerous Type vulnerability
in Teche ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30530 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30526 (Cross-Site Request Forgery (CSRF) vulnerability in Easy Social
Feed.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30524 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30523 (Insertion of Sensitive Information into Log File vulnerability
in Paid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30489 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25027 (IBM Security Verify Access 10.0.6 could disclose sensitive
snapshot in ...)
NOT-FOR-US: IBM
CVE-2024-22353 (IBM WebSphere Application Server Liberty 17.0.0.3 through
24.0.0.3 is ...)
@@ -111,9 +111,9 @@ CVE-2023-50959 (IBM Cloud Pak for Business Automation
18.0.0, 18.0.1, 18.0.2,19.
CVE-2023-50311 (IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3
transmits ...)
NOT-FOR-US: IBM
CVE-2020-36828 (A vulnerability was found in DiscuzX up to 3.4-20200818. It
has been c ...)
- TODO: check
+ NOT-FOR-US: DiscuzX
CVE-2017-20191 (A vulnerability was found in Zimbra zm-admin-ajax up to 8.8.1.
It has ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2024-XXXX [mediawiki: XSS in edit summary parser]
- mediawiki 1:1.39.7-1
[bookworm] - mediawiki 1:1.39.7-1~deb12u1
@@ -193,7 +193,7 @@ CVE-2024-0367 (The Unlimited Elements For Elementor plugin
for WordPress is vuln
CVE-2024-3081 (A vulnerability was found in EasyCorp EasyAdmin up to 4.8.9. It
has be ...)
NOT-FOR-US: EasyCorp EasyAdmin
CVE-2024-3078 (A vulnerability was found in Qdrant up to 1.6.1/1.7.4/1.8.2 and
classi ...)
- TODO: check
+ NOT-FOR-US: Qdrant
CVE-2024-3077 (An malicious BLE device can crash BLE victim device by sending
malform ...)
NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2024-3061 (The HUSKY \u2013 Products Filter Professional for WooCommerce
plugin f ...)
@@ -433,7 +433,7 @@ CVE-2024-2108 (The Ninja Forms Contact Form \u2013 The Drag
and Drop Form Builde
CVE-2024-29904 (CodeIgniter is a PHP full-stack web framework A vulnerability
was foun ...)
- codeigniter <itp> (bug #471583)
CVE-2024-29901 (The AuthKit library for Next.js provides helpers for
authentication an ...)
- TODO: check
+ NOT-FOR-US: AuthKit library for Next.js
CVE-2024-29900 (Electron Packager bundles Electron-based application source
code with ...)
TODO: check
CVE-2024-29893 (Argo CD is a declarative, GitOps continuous delivery tool for
Kubernet ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1c499cae3d9988c261da3943263ea97a9c875b0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1c499cae3d9988c261da3943263ea97a9c875b0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
