Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 917df2bc by Salvatore Bonaccorso at 2024-05-10T22:32:31+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,129 +1,129 @@ CVE-2024-4735 (A vulnerability has been found in Campcodes Legal Case Management Syst ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4732 (A vulnerability, which was classified as problematic, has been found i ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4731 (A vulnerability classified as problematic was found in Campcodes Legal ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4730 (A vulnerability classified as problematic has been found in Campcodes ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4729 (A vulnerability was found in Campcodes Legal Case Management System 1. ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4728 (A vulnerability was found in Campcodes Legal Case Management System 1. ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4727 (A vulnerability was found in Campcodes Legal Case Management System 1. ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4726 (A vulnerability was found in Campcodes Legal Case Management System 1. ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4725 (A vulnerability has been found in Campcodes Legal Case Management Syst ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4724 (A vulnerability, which was classified as problematic, was found in Cam ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4723 (A vulnerability, which was classified as problematic, has been found i ...) - TODO: check + NOT-FOR-US: Campcodes Legal Case Management System CVE-2024-4722 (A vulnerability classified as problematic was found in Campcodes Compl ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4721 (A vulnerability classified as problematic has been found in Campcodes ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4720 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4719 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4718 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4717 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4716 (A vulnerability has been found in Campcodes Complete Web-Based School ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4715 (A vulnerability, which was classified as problematic, was found in Cam ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4714 (A vulnerability, which was classified as problematic, has been found i ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4713 (A vulnerability classified as problematic was found in Campcodes Compl ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4701 (A path traversal issue potentially leading to remote code execution in ...) TODO: check CVE-2024-4699 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified ...) - TODO: check + NOT-FOR-US: D-Link CVE-2024-4689 (Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPix ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4688 (A vulnerability classified as problematic was found in Campcodes Compl ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4687 (A vulnerability classified as problematic has been found in Campcodes ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4686 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) - TODO: check + NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4631 REJECTED CVE-2024-4490 (The Elegant Themes Divi theme, Extra theme, and Divi Page Builder plug ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4481 (The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vul ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4449 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4448 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4444 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vul ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4434 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vul ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4398 (The HTML5 Audio Player- Best WordPress Audio Player Plugin plugin for ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4280 (The White Label CMS plugin for WordPress is vulnerable to unauthorized ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4277 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vul ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4275 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4232 (This vulnerability exists in Digisol Router (DG-GR1321: Hardware versi ...) - TODO: check + NOT-FOR-US: Digisol Router CVE-2024-4231 (This vulnerability exists in Digisol Router (DG-GR1321: Hardware versi ...) - TODO: check + NOT-FOR-US: Digisol Router CVE-2024-4129 (Improper Authentication vulnerability in Snow Software AB Snow License ...) - TODO: check + NOT-FOR-US: Snow Software AB Snow License Manager CVE-2024-4044 (A deserialization of untrusted data vulnerability exists in common cod ...) TODO: check CVE-2024-4039 (The The Orders Tracking for WooCommerce plugin for WordPress for WordP ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3956 (The Pods \u2013 Custom Content Types and Fields plugin for WordPress i ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3941 (The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSR ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3940 (The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSR ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3828 (The Spectra Pro plugin for WordPress is vulnerable to privilege escala ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3547 (The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34974 (Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSe ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-34946 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-34945 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-34944 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-34943 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-34942 (Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-34828 (Cross-Site Request Forgery (CSRF) vulnerability in Andy Moyle Church A ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34827 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, Razvan ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34825 (Cross-Site Request Forgery (CSRF) vulnerability in Warfare Plugins Soc ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34823 (Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34818 (Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress.This i ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34817 (Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integrati ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34816 (Cross-Site Request Forgery (CSRF) vulnerability in Revmakx WPCal.Io \u ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34814 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeFuse Unyson.Th ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34695 (WOWS Karma is a reputation system for Wargaming's World of Warships. A ...) - TODO: check + NOT-FOR-US: WOWS Karma CVE-2024-34360 (go-spacemesh is a Go implementation of the Spacemesh protocol full nod ...) TODO: check CVE-2024-34359 (llama-cpp-python is the Python bindings for llama.cpp. `llama-cpp-pyth ...) @@ -131,9 +131,9 @@ CVE-2024-34359 (llama-cpp-python is the Python bindings for llama.cpp. `llama-cp CVE-2024-34349 (Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13 ...) TODO: check CVE-2024-34310 (Jin Fang Times Content Management System v3.2.3 was discovered to cont ...) - TODO: check + NOT-FOR-US: Jin Fang Times Content Management System CVE-2024-34245 (An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authen ...) - TODO: check + NOT-FOR-US: DedeCMS CVE-2024-34199 (TinyWeb 1.94 and below allows unauthenticated remote attackers to caus ...) TODO: check CVE-2024-34079 (octo-sts is a GitHub App that acts like a Security Token Service (STS) ...) @@ -141,41 +141,41 @@ CVE-2024-34079 (octo-sts is a GitHub App that acts like a Security Token Service CVE-2024-34070 (Froxlor is open source server administration software. Prior to 2.1.9, ...) - froxlor <itp> (bug #581792) CVE-2024-33819 (Globitel KSA SpeechLog v8.1 was discovered to contain a stored cross-s ...) - TODO: check + NOT-FOR-US: Globitel KSA SpeechLog CVE-2024-33818 (Globitel KSA SpeechLog v8.1 was discovered to contain an Insecure Dire ...) - TODO: check + NOT-FOR-US: Globitel KSA SpeechLog CVE-2024-33774 (A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2 ...) - TODO: check + NOT-FOR-US: D-Link CVE-2024-33773 (A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2 ...) - TODO: check + NOT-FOR-US: D-Link CVE-2024-33772 (A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2 ...) - TODO: check + NOT-FOR-US: D-Link CVE-2024-33771 (A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2 ...) - TODO: check + NOT-FOR-US: D-Link CVE-2024-32985 (Stellar-core is a reference implementation for the peer-to-peer agent ...) TODO: check CVE-2024-32964 (Lobe Chat is a chatbot framework that supports speech synthesis, multi ...) TODO: check CVE-2024-32776 (Missing Authorization vulnerability in AppPresser Team AppPresser.This ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31441 (DataEase is an open source data visualization analysis tool. Due to th ...) TODO: check CVE-2024-31113 (Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downlo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-30802 (An issue in Vehicle Management System 7.31.0.3_20230412 allows an atta ...) - TODO: check + NOT-FOR-US: Vehicle Management System CVE-2024-30801 (SQL Injection vulnerability in Cloud based customer service management ...) TODO: check CVE-2024-30055 (Microsoft Edge (Chromium-based) Spoofing Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2024-2749 (The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6. ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-2662 (The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-2441 (The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6. ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-2257 (This vulnerability exists in Digisol Router (DG-GR1321: Hardware versi ...) - TODO: check + NOT-FOR-US: Digisol Router CVE-2024-28781 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...) NOT-FOR-US: IBM CVE-2024-27269 (IBM QRadar SIEM 7.5 could allow a privileged user to configure user ma ...) @@ -187,7 +187,7 @@ CVE-2024-22344 (IBM TXSeries for Multiplatforms 8.2 is vulnerable to HTML inject CVE-2024-22343 (IBM TXSeries for Multiplatforms 8.2 allows web pages to be stored loca ...) NOT-FOR-US: IBM CVE-2024-22064 (ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi ...) - TODO: check + NOT-FOR-US: ZTE CVE-2024-0100 (NVIDIA Triton Inference Server for Linux contains a vulnerability in t ...) TODO: check CVE-2024-0098 (NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI ...) @@ -203,7 +203,7 @@ CVE-2024-0087 (NVIDIA Triton Inference Server for Linux contains a vulnerability CVE-2023-38264 (The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1 ...) NOT-FOR-US: IBM CVE-2023-37526 (HCL DRYiCE Lucy (now AEX) is affected by a Cross Origin Resource Shari ...) - TODO: check + NOT-FOR-US: HCL CVE-2024-4671 (Use after free in Visuals in Google Chrome prior to 124.0.6367.201 all ...) {DSA-5687-1} - chromium 124.0.6367.201-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/917df2bcc4206ded23ef187944d16b92a4fcc9c9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/917df2bcc4206ded23ef187944d16b92a4fcc9c9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits