Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e55d5bf4 by Salvatore Bonaccorso at 2024-02-21T11:27:19+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -19,39 +19,39 @@ CVE-2024-25601 (Stored cross-site scripting (XSS) vulnerability in Expando modul CVE-2024-25428 (SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run ar ...) NOT-FOR-US: MRCMS CVE-2024-25152 (Stored cross-site scripting (XSS) vulnerability in Message Board widge ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25151 (The Calendar module in Liferay Portal 7.2.0 through 7.4.2, and older u ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25147 (Cross-site scripting (XSS) vulnerability in HtmlUtil.escapeJsLink in L ...) - TODO: check + NOT-FOR-US: Liferay CVE-2024-25141 (When sslwas enabled for Mongo Hook, default settings included "allow_i ...) NOT-FOR-US: Apache Airflow Mongo Provider CVE-2024-24876 (Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin M ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-24872 (Cross-Site Request Forgery (CSRF) vulnerability in Themify Themify Bui ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-24849 (Cross-Site Request Forgery (CSRF) vulnerability in Mark Stockton Quick ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-24843 (Cross-Site Request Forgery (CSRF) vulnerability in PowerPack Addons fo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-24837 (Cross-Site Request Forgery (CSRF) vulnerability in Fr\xe9d\xe9ric GILL ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-24802 (Cross-Site Request Forgery (CSRF) vulnerability in John Tendik JTRT Re ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-24798 (Cross-Site Request Forgery (CSRF) vulnerability in SoniNow Team Debug. ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-23830 (MantisBT is an open source issue tracker. Prior to version 2.26.1, an ...) - mantis <removed> CVE-2024-23758 (An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to vi ...) - TODO: check + NOT-FOR-US: Unisys CVE-2024-22235 (VMware Aria Operations contains a local privilege escalation vulnerabi ...) - TODO: check + NOT-FOR-US: VMware CVE-2024-1631 (Impact: The library offers a function to generate an ed25519 key pair ...) TODO: check CVE-2024-1562 (The WooCommerce Google Sheet Connector plugin for WordPress is vulnera ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1501 (The Database Reset plugin for WordPress is vulnerable to Cross-Site Re ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1108 (The Plugin Groups plugin for WordPress is vulnerable to unauthorized m ...) TODO: check CVE-2024-1081 (The 3D FlipBook \u2013 PDF Flipbook WordPress plugin for WordPress is ...) @@ -376,81 +376,81 @@ CVE-2024-1546 (When storing and re-accessing data on a networking channel, the l NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1546 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1546 CVE-2024-1519 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1496 (The Featured Image from URL (FIFU) plugin for WordPress is vulnerable ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1492 (The WPify Woo Czech plugin for WordPress is vulnerable to unauthorized ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1475 (The Coming Soon Maintenance Mode plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1472 (The WP Maintenance plugin for WordPress is vulnerable to Information E ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1470 (Authorization Bypass Through User-Controlled Key vulnerability in NetI ...) - TODO: check + NOT-FOR-US: Microfocus CVE-2024-1448 (The Social Sharing Plugin \u2013 Sassy Social Share plugin for WordPre ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1447 (The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross- ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1445 (The Page scroll to id plugin for WordPress is vulnerable to Stored Cro ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1425 (The EmbedPress \u2013 Embed PDF, YouTube, Google Docs, Vimeo, Wistia V ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1411 (The PowerPack Addons for Elementor plugin for WordPress is vulnerable ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1408 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1390 (The Paid Membership Subscriptions \u2013 Effortless Memberships, Recur ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1389 (The Paid Membership Subscriptions \u2013 Effortless Memberships, Recur ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1349 (The EmbedPress \u2013 Embed PDF, YouTube, Google Docs, Vimeo, Wistia V ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1340 (The Login Lockdown \u2013 Protect Login Form plugin for WordPress is v ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1339 (The ImageRecycle pdf & image compression plugin for WordPress is vulne ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1338 (The ImageRecycle pdf & image compression plugin for WordPress is vulne ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1337 (The SKT Page Builder plugin for WordPress is vulnerable to unauthorize ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1336 (The ImageRecycle pdf & image compression plugin for WordPress is vulne ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1335 (The ImageRecycle pdf & image compression plugin for WordPress is vulne ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1334 (The ImageRecycle pdf & image compression plugin for WordPress is vulne ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1322 (The Directorist \u2013 WordPress Business Directory Plugin with Classi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1318 (The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News & ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1317 (The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News & ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1294 (The Sunshine Photo Cart: Free Client Galleries for Photographers plugi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1288 (The Schema & Structured Data for WP & AMP plugin for WordPress is vuln ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1282 (The Email Encoder \u2013 Protect Email Addresses and Phone Numbers plu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1277 (The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Sit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1276 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1242 (The Premium Addons for Elementor plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1236 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1235 (The Elementor Addons by Livemesh plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1218 (The Contact Form builder with drag & drop for WordPress \u2013 Kali Fo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1217 (The Contact Form builder with drag & drop for WordPress \u2013 Kali Fo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1206 (The WP Recipe Maker plugin for WordPress is vulnerable to SQL Injectio ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1172 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1171 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1156 (Incorrect directory permissions for the shared NI RabbitMQ service may ...) TODO: check CVE-2024-1155 (Incorrect permissions in the installation directories for shared Syste ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e55d5bf46324f4ff8d307f646c4c38c22c42f7f6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e55d5bf46324f4ff8d307f646c4c38c22c42f7f6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits