Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8a84b909 by Salvatore Bonaccorso at 2024-05-09T23:02:38+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -45,11 +45,11 @@ CVE-2024-4446 (The Content Views \u2013 Post Grid & Filter, Recent Posts, Catego CVE-2024-4441 (The XML Sitemap & Google News plugin for WordPress is vulnerable to Lo ...) NOT-FOR-US: WordPress plugin CVE-2024-4425 (The access control inCemiPark software stores integration (e.g. FTP or ...) - TODO: check + NOT-FOR-US: CemiPark software CVE-2024-4424 (The access control inCemiPark software does not properly validate user ...) - TODO: check + NOT-FOR-US: CemiPark software CVE-2024-4423 (The access control inCemiPark software does not properly validate user ...) - TODO: check + NOT-FOR-US: CemiPark software CVE-2024-4411 (The Mihdan: Yandex Turbo Feed plugin for WordPress is vulnerable to St ...) NOT-FOR-US: WordPress plugin CVE-2024-4397 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vul ...) @@ -121,71 +121,71 @@ CVE-2024-3680 (The Enter Addons \u2013 Ultimate Template Builder for Elementor p CVE-2024-3595 (The Pure Chat \u2013 Live Chat Plugin & More! plugin for WordPress is ...) NOT-FOR-US: WordPress plugin CVE-2024-3461 (KioWare for Windows (versions all through 8.35)allows to brute force t ...) - TODO: check + NOT-FOR-US: KioWare for Windows CVE-2024-3460 (In KioWare for Windows (versions all through 8.34)it is possible to ex ...) - TODO: check + NOT-FOR-US: KioWare for Windows CVE-2024-3459 (KioWare for Windows (versions allthrough 8.34)allows to escape the env ...) - TODO: check + NOT-FOR-US: KioWare for Windows CVE-2024-3070 (The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable ...) NOT-FOR-US: WordPress plugin CVE-2024-3068 (The Custom Field Suite plugin for WordPress is vulnerable to Stored Cr ...) NOT-FOR-US: WordPress plugin CVE-2024-34559 (Insertion of Sensitive Information into Log File vulnerability in Ghos ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34557 (Cross-Site Request Forgery (CSRF) vulnerability in UkrSolution Barcode ...) TODO: check CVE-2024-34556 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) TODO: check CVE-2024-34550 (Insertion of Sensitive Information into Log File vulnerability in Alex ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34549 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34445 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34441 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34439 (Cross-Site Request Forgery (CSRF) vulnerability in divSpot DS Site Mes ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34437 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34436 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34433 (Deserialization of Untrusted Data vulnerability in OCDI One Click Demo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34432 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34431 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34430 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34429 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34428 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34427 (Cross-Site Request Forgery (CSRF) vulnerability in Huseyin Berberoglu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34426 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34425 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34424 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34423 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34422 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34421 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34420 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34419 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34418 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34417 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34415 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34354 (CMSaaSStarter is a SaaS template/boilerplate built with SvelteKit, Tai ...) TODO: check CVE-2024-34352 (1Panel is an open source Linux server operation and maintenance manage ...) @@ -197,45 +197,45 @@ CVE-2024-34350 (Next.js is a React framework that can provide building blocks to CVE-2024-34345 (The CycloneDX JavaScript library contains the core functionality of OW ...) TODO: check CVE-2024-34338 (A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and ea ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-34220 (Sourcecodester Human Resource Management System 1.0 is vulnerable to S ...) - TODO: check + NOT-FOR-US: Sourcecodester Human Resource Management System CVE-2024-34219 (TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vuln ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34218 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to co ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34217 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34215 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34213 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) TODO: check CVE-2024-34212 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34211 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hard ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34210 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to co ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34209 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34207 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34206 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to co ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34205 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a comm ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34204 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to co ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34203 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34202 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34201 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34200 (TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34074 (Frappe is a full-stack web application framework. Prior to 15.26.0 and ...) - TODO: check + NOT-FOR-US: Frappe Framework CVE-2024-33877 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__c ...) TODO: check CVE-2024-33876 (HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_d ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a84b909ab71236e573f6aaa5a87c1069135a280 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a84b909ab71236e573f6aaa5a87c1069135a280 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits