Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d1651411 by Salvatore Bonaccorso at 2024-05-04T10:29:37+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,17 +1,17 @@ CVE-2024-3868 (The Folders Pro plugin for WordPress is vulnerable to Stored Cross-Sit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3240 (The ConvertPlug plugin for WordPress is vulnerable to PHP Object Injec ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3237 (The ConvertPlug plugin for WordPress is vulnerable to unauthorized mod ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34461 (Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snip ...) - TODO: check + NOT-FOR-US: Zenario CVE-2024-34460 (The Tree Explorer tool from Organizer in Zenario before 9.5.60602 is a ...) - TODO: check + NOT-FOR-US: Zenario CVE-2024-1050 (The Import and export users and customers plugin for WordPress is vuln ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-7065 (The Stop Spammers Security | Block Spam Users, Comments, Forms plugin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4466 (SQL injection vulnerability in Gescen on the centrosdigitales.net plat ...) NOT-FOR-US: Gescen CVE-2024-4461 (Unquoted path or search item vulnerability in SugarSync versions prior ...) @@ -875,9 +875,9 @@ CVE-2023-47220 (An OS command injection vulnerability has been reported to affec CVE-2023-44472 (Missing Authorization vulnerability in ThemeFuse Unyson.This issue aff ...) NOT-FOR-US: WordPress plugin CVE-2023-44452 (Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Exe ...) - TODO: check + NOT-FOR-US: Linux Mint Xreader CVE-2023-44451 (Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code E ...) - TODO: check + NOT-FOR-US: Linux Mint Xreader CVE-2023-44450 (NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch ...) NOT-FOR-US: Netgear CVE-2023-44449 (NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injectio ...) @@ -909,7 +909,7 @@ CVE-2023-44432 (Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code CVE-2023-44431 (BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Exec ...) TODO: check CVE-2023-44430 (Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vul ...) - TODO: check + NOT-FOR-US: Bentley CVE-2023-44428 (MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Exec ...) TODO: check CVE-2023-44427 (D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injecti ...) @@ -1895,11 +1895,11 @@ CVE-2023-32159 (PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote C CVE-2023-32158 (PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Ex ...) NOT-FOR-US: PDF-XChange Editor CVE-2023-32157 (Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code ...) - TODO: check + NOT-FOR-US: Tesla CVE-2023-32156 (Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerabili ...) - TODO: check + NOT-FOR-US: Tesla CVE-2023-32155 (Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vu ...) - TODO: check + NOT-FOR-US: Tesla CVE-2023-32154 (Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vuln ...) NOT-FOR-US: Mikrotik RouterOS CVE-2023-32153 (D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vuln ...) @@ -325182,13 +325182,13 @@ CVE-2019-19757 (An internal product security audit of Lenovo XClarity Administra CVE-2019-19756 (An internal product security audit of Lenovo XClarity Administrator (L ...) NOT-FOR-US: Lenovo CVE-2019-19755 (ethOS through 1.3.3 ships with SSH host keys baked into the installati ...) - TODO: check + NOT-FOR-US: ethOS CVE-2019-19754 (HiveOS through 0.6-102@191212 ships with SSH host keys baked into the ...) - TODO: check + NOT-FOR-US: HiveOS CVE-2019-19753 (SimpleMiningOS through v1259 ships with SSH host keys baked into the i ...) NOT-FOR-US: SimpleMiningOS CVE-2019-19752 (nvOC through 3.2 ships with SSH host keys baked into the installation ...) - TODO: check + NOT-FOR-US: nvOC CVE-2019-19751 (easyMINE before 2019-12-05 ships with SSH host keys baked into the ins ...) NOT-FOR-US: easyMINE CVE-2019-19750 (minerstat msOS before 2019-10-23 does not have a unique SSH key for ea ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d165141147842d59ddbb1a64557b9180ca2f5bbc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d165141147842d59ddbb1a64557b9180ca2f5bbc You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits