Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f361a9bd by Salvatore Bonaccorso at 2024-01-31T21:42:36+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -5,97 +5,97 @@ CVE-2024-24566 (Lobe Chat is a chatbot framework that supports speech synthesis, CVE-2024-23637 (OctoPrint is a web interface for 3D printer.s OctoPrint versions up un ...) TODO: check CVE-2024-23508 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-23507 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-23505 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-23502 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22310 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22307 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22306 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22305 (Authorization Bypass Through User-Controlled Key vulnerability in ali ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22304 (Cross-Site Request Forgery (CSRF) vulnerability in Borbis Media FreshM ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22302 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22297 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22295 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22293 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22292 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22291 (Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi Browse ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22290 (Cross-Site Request Forgery (CSRF) vulnerability in AboZain,O7abeeb,Uni ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22289 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22287 (Cross-Site Request Forgery (CSRF) vulnerability in Lud\u011bk Melichar ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22286 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22285 (Cross-Site Request Forgery (CSRF) vulnerability in Elise Bosse Frontpa ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22282 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22163 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22162 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22161 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22160 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22159 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22158 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22153 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22150 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22146 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22143 (Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check.This ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22140 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-22136 (Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit E ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-21917 (A vulnerability exists in Rockwell Automation FactoryTalk\xae Service ...) - TODO: check + NOT-FOR-US: Rockwell Automation CVE-2024-21916 (A denial-of-service vulnerability exists in specific Rockwell Automati ...) - TODO: check + NOT-FOR-US: Rockwell Automation CVE-2024-21893 (A server-side request forgery vulnerability in the SAML component of I ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2024-21888 (A privilege escalation vulnerability in web component of Ivanti Connec ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2024-1116 (A vulnerability was found in openBI up to 1.0.8. It has been classifie ...) - TODO: check + NOT-FOR-US: openBI CVE-2024-1115 (A vulnerability was found in openBI up to 1.0.8 and classified as crit ...) - TODO: check + NOT-FOR-US: openBI CVE-2024-1114 (A vulnerability has been found in openBI up to 1.0.8 and classified as ...) - TODO: check + NOT-FOR-US: openBI CVE-2024-1113 (A vulnerability, which was classified as critical, was found in openBI ...) - TODO: check + NOT-FOR-US: openBI CVE-2024-1112 (Heap-based buffer overflow vulnerability in Resource Hacker, developed ...) TODO: check CVE-2024-1111 (A vulnerability, which was classified as problematic, has been found i ...) - TODO: check + NOT-FOR-US: SourceCodester QR Code Login System CVE-2024-1103 (A vulnerability was found in CodeAstro Real Estate Management System 1 ...) TODO: check CVE-2024-1099 (A vulnerability was found in Rebuild up to 3.5.5. It has been classifi ...) - TODO: check + NOT-FOR-US: Rebuild CVE-2024-1098 (A vulnerability was found in Rebuild up to 3.5.5 and classified as pro ...) - TODO: check + NOT-FOR-US: Rebuild CVE-2024-1087 REJECTED CVE-2024-1086 (A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab ...) @@ -109,25 +109,25 @@ CVE-2024-1085 (A use-after-free vulnerability in the Linux kernel's netfilter: n NOTE: https://kernel.dance/b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7 NOTE: https://git.kernel.org/linus/b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7 (6.8-rc1) CVE-2024-0833 (In Telerik Test Studio versions prior to v2023.3.1330, a privilege e ...) - TODO: check + NOT-FOR-US: Telerik CVE-2024-0832 (In Telerik Reporting versions prior to 2024 R1, a privilege elevation ...) - TODO: check + NOT-FOR-US: Telerik CVE-2024-0589 (Cross-site scripting (XSS) vulnerability in the entry overview tab in ...) - TODO: check + NOT-FOR-US: Devolutions Remote Desktop Manager CVE-2024-0219 (In Telerik JustDecompile versions prior to 2024 R1, a privilege elevat ...) - TODO: check + NOT-FOR-US: Telerik CVE-2023-7043 (Unquoted service path in ESET products allows to drop a prepared pro ...) TODO: check CVE-2023-5390 (An attacker could potentially exploit this vulnerability, leading to f ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-50357 (A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP webs ...) - TODO: check + NOT-FOR-US: AREAL SAS Websrv1 ASP website CVE-2023-50356 (SSL connections to NOVELL and Synology LDAP server are vulnerable to a ...) - TODO: check + NOT-FOR-US: AREAL Topkapi Vision (Server) CVE-2023-50166 (Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an ...) - TODO: check + NOT-FOR-US: Pega Platform CVE-2023-50165 (Pega Platform versions 8.2.1 to Infinity 23.1.0 are affected by an Gen ...) - TODO: check + NOT-FOR-US: Pega Platform CVE-2023-47116 (Label Studio is a popular open source data labeling tool. The vulnerab ...) TODO: check CVE-2023-44313 (Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f361a9bdd74d44b234db2d08293a160734b0750d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f361a9bdd74d44b234db2d08293a160734b0750d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits