Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b887e69a by Salvatore Bonaccorso at 2024-04-03T11:37:16+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -115,41 +115,41 @@ CVE-2024-30336 (Foxit PDF Reader AcroForm Use-After-Free
Remote Code Execution V
CVE-2024-30166 (In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious
client can c ...)
TODO: check
CVE-2024-2879 (The LayerSlider plugin for WordPress is vulnerable to SQL
Injection vi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2322 (The WooCommerce Cart Abandonment Recovery WordPress plugin
before 1.2. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29734 (Uncontrolled search path element issue exists in SonicDICOM
Media View ...)
- TODO: check
+ NOT-FOR-US: SonicDICOM Media Viewer
CVE-2024-29434 (An issue in the system image upload interface of Alldata
v0.4.6 allows ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-29432 (Alldata v0.4.6 was discovered to contain a SQL injection
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-28836 (An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When
negotiati ...)
TODO: check
CVE-2024-28755 (An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When
an SSL co ...)
TODO: check
CVE-2024-28589 (An issue was discovered in Axigen Mail Server for Windows
versions 10. ...)
- TODO: check
+ NOT-FOR-US: Axigen Mail Server for Windows
CVE-2024-28515 (Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213
Fall 20xx ...)
- TODO: check
+ NOT-FOR-US: CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx
CVE-2024-27605 (Alldata V0.4.6 is vulnerable to Insecure Permissions. Using
users (tes ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-27604 (Alldata V0.4.6 is vulnerable to Command execution
vulnerability. Syste ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-27602 (Alldata V0.4.6 is vulnerable to Incorrect Access Control. A
total of m ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-26495 (Cross Site Scripting (XSS) vulnerability in Friendica versions
after v ...)
- TODO: check
+ NOT-FOR-US: Friendica
CVE-2024-25864 (Server Side Request Forgery (SSRF) vulnerability in Friendica
versions ...)
- TODO: check
+ NOT-FOR-US: Friendica
CVE-2024-25075 (An issue was discovered in Softing uaToolkit Embedded before
1.41.1. W ...)
- TODO: check
+ NOT-FOR-US: Softing uaToolkit Embedded
CVE-2024-24724 (Gibbon through 26.0.00 allows
/modules/School%20Admin/messengerSetting ...)
TODO: check
CVE-2024-24506 (Cross Site Scripting (XSS) vulnerability in Lime Survey
Community Edit ...)
TODO: check
CVE-2024-1327 (The Jeg Elementor Kit plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35764 (Insufficient verification of data authenticity issue in Survey
Maker p ...)
TODO: check
CVE-2023-34423 (Survey Maker prior to 3.6.4 contains a stored cross-site
scripting vul ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b887e69ab96b79d7fcbaaf06c702a196f71ae198
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b887e69ab96b79d7fcbaaf06c702a196f71ae198
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
