Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 05bc55f4 by Salvatore Bonaccorso at 2024-02-06T12:42:06+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,177 +1,177 @@ CVE-2024-24808 (pyLoad is an open-source Download Manager written in pure Python. Ther ...) - pyload <itp> (bug #1001980) CVE-2024-24807 (Sulu is a highly extensible open-source PHP content management system ...) - TODO: check + NOT-FOR-US: Sulu CVE-2024-24595 (Allegro AI\u2019s open-source version of ClearML stores passwords in p ...) TODO: check CVE-2024-24574 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, ...) - TODO: check + NOT-FOR-US: phpMyFAQ CVE-2024-24559 (Vyper is a Pythonic Smart Contract Language for the EVM. There is an e ...) - TODO: check + NOT-FOR-US: Vyper CVE-2024-24543 (Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC ...) - TODO: check + NOT-FOR-US: Tenda CVE-2024-24398 (Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashbo ...) - TODO: check + NOT-FOR-US: Stimulsoft GmbH Stimulsoft Dashboard.JS CVE-2024-24112 (xmall v1.1 was discovered to contain a SQL injection vulnerability via ...) - TODO: check + NOT-FOR-US: Exrick xmall CVE-2024-23304 (Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthentica ...) - TODO: check + NOT-FOR-US: Cybozu KUNAI for Android CVE-2024-23049 (An issue in symphony v.3.6.3 and before allows a remote attacker to ex ...) TODO: check CVE-2024-22853 (D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password fo ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2024-22852 (D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buff ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2024-22773 (Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password in Cookie ...) - TODO: check + NOT-FOR-US: Intelbras Roteador ACtion RF 1200 CVE-2024-22208 (phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, ...) - TODO: check + NOT-FOR-US: phpMyFAQ CVE-2024-20828 (Improper authorization verification vulnerability in Samsung Internet ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20827 (Improper access control vulnerability in Samsung Gallery prior to vers ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20826 (Implicit intent hijacking vulnerability in UPHelper library prior to v ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20825 (Implicit intent hijacking vulnerability in IAP of Galaxy Store prior t ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20824 (Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20823 (Implicit intent hijacking vulnerability in SamsungAccount of Galaxy St ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20822 (Implicit intent hijacking vulnerability in AccountActivity of Galaxy S ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20820 (Improper input validation in bootloader prior to SMR Feb-2024 Release ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20819 (Out out bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20818 (Out out bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20817 (Out out bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20816 (Improper authentication vulnerability in onCharacteristicWriteRequest ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20815 (Improper authentication vulnerability in onCharacteristicReadRequest i ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20814 (Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20813 (Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2 ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20812 (Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2 ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20811 (Improper caller verification in GameOptimizer prior to SMR Feb-2024 Re ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-20810 (Implicit intent hijacking vulnerability in Smart Suggestions prior to ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-1210 (The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Info ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1209 (The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Info ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1208 (The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Info ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1177 (The WP Club Manager \u2013 WordPress Sports Club Plugin plugin for Wor ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1121 (The Advanced Forms for ACF plugin for WordPress is vulnerable to unaut ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1092 (The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News & ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1075 (The Minimal Coming Soon \u2013 Coming Soon Page plugin for WordPress i ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1072 (The Website Builder by SeedProd \u2014 Theme Builder, Landing Page Bui ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1052 (Boundary and Boundary Enterprise (\u201cBoundary\u201d) is vulnerable ...) TODO: check CVE-2024-1046 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0969 (The ARMember plugin for WordPress is vulnerable to Sensitive Informati ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0964 (A local file include could be remotely triggered in Gradio due to a vu ...) TODO: check CVE-2024-0961 (The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to St ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0954 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0869 (The Instant Images \u2013 One Click Image Uploads from Unsplash, Openv ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0859 (The Affiliates Manager plugin for WordPress is vulnerable to Cross-Sit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0835 (The Royal Elementor Kit theme for WordPress is vulnerable to unauthori ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0834 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0823 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0797 (The Active Products Tables for WooCommerce. Professional products tabl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0796 (The Active Products Tables for WooCommerce. Professional products tabl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0791 (The WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional p ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0790 (The WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional p ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0761 (The File Manager plugin for WordPress is vulnerable to Sensitive Infor ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0709 (The Cryptocurrency Widgets \u2013 Price Ticker & Coins List plugin for ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0701 (The UserPro plugin for WordPress is vulnerable to Security Feature Byp ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0699 (The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0691 (The FileBird plugin for WordPress is vulnerable to Stored Cross-Site S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0678 (The Order Delivery Date for WP e-Commerce plugin for WordPress is vuln ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0668 (The Advanced Database Cleaner plugin for WordPress is vulnerable to PH ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0660 (The Formidable Forms \u2013 Contact Form, Survey, Quiz, Payment, Calcu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0659 (The Easy Digital Downloads \u2013 Sell Digital Files (eCommerce Store ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0630 (The WP RSS Aggregator plugin for WordPress is vulnerable to Stored Cro ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0612 (The Content Views \u2013 Post Grid, Slider, Accordion (Gutenberg Block ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0597 (The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0586 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0585 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0509 (The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulne ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0508 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Store ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0448 (The Elementor Addons by Livemesh plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0428 (The Index Now plugin for WordPress is vulnerable to Cross-Site Request ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0384 (The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0382 (The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0380 (The WP Recipe Maker plugin for WordPress is vulnerable to Directory Tr ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0374 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0373 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0372 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0371 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0370 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0366 (The Starbox \u2013 the Author Box for Humans plugin for WordPress is v ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0324 (The User Profile Builder \u2013 Beautiful User Registration Forms, Use ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0255 (The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0254 (The (Simply) Guest Author Name plugin for WordPress is vulnerable to S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0244 (Buffer overflow in CPCA PCFAX number process of Office Multifunction P ...) - TODO: check + NOT-FOR-US: CPCA PCFAX CVE-2024-0221 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0202 (A security vulnerability has been identified in the cryptlib cryptogra ...) TODO: check CVE-2023-7029 (The WordPress Button Plugin MaxButtons plugin for WordPress is vulnera ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05bc55f400ac48db2fa4f10b2e3d4080bdc86a1b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05bc55f400ac48db2fa4f10b2e3d4080bdc86a1b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits