Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: b887e69a by Salvatore Bonaccorso at 2024-04-03T11:37:16+02:00 Process some more NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -115,41 +115,41 @@ CVE-2024-30336 (Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution V CVE-2024-30166 (In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ...) TODO: check CVE-2024-2879 (The LayerSlider plugin for WordPress is vulnerable to SQL Injection vi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-2322 (The WooCommerce Cart Abandonment Recovery WordPress plugin before 1.2. ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-29734 (Uncontrolled search path element issue exists in SonicDICOM Media View ...) - TODO: check + NOT-FOR-US: SonicDICOM Media Viewer CVE-2024-29434 (An issue in the system image upload interface of Alldata v0.4.6 allows ...) - TODO: check + NOT-FOR-US: Alldata CVE-2024-29432 (Alldata v0.4.6 was discovered to contain a SQL injection vulnerability ...) - TODO: check + NOT-FOR-US: Alldata CVE-2024-28836 (An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiati ...) TODO: check CVE-2024-28755 (An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL co ...) TODO: check CVE-2024-28589 (An issue was discovered in Axigen Mail Server for Windows versions 10. ...) - TODO: check + NOT-FOR-US: Axigen Mail Server for Windows CVE-2024-28515 (Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx ...) - TODO: check + NOT-FOR-US: CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx CVE-2024-27605 (Alldata V0.4.6 is vulnerable to Insecure Permissions. Using users (tes ...) - TODO: check + NOT-FOR-US: Alldata CVE-2024-27604 (Alldata V0.4.6 is vulnerable to Command execution vulnerability. Syste ...) - TODO: check + NOT-FOR-US: Alldata CVE-2024-27602 (Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total of m ...) - TODO: check + NOT-FOR-US: Alldata CVE-2024-26495 (Cross Site Scripting (XSS) vulnerability in Friendica versions after v ...) - TODO: check + NOT-FOR-US: Friendica CVE-2024-25864 (Server Side Request Forgery (SSRF) vulnerability in Friendica versions ...) - TODO: check + NOT-FOR-US: Friendica CVE-2024-25075 (An issue was discovered in Softing uaToolkit Embedded before 1.41.1. W ...) - TODO: check + NOT-FOR-US: Softing uaToolkit Embedded CVE-2024-24724 (Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSetting ...) TODO: check CVE-2024-24506 (Cross Site Scripting (XSS) vulnerability in Lime Survey Community Edit ...) TODO: check CVE-2024-1327 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cro ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-35764 (Insufficient verification of data authenticity issue in Survey Maker p ...) TODO: check CVE-2023-34423 (Survey Maker prior to 3.6.4 contains a stored cross-site scripting vul ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b887e69ab96b79d7fcbaaf06c702a196f71ae198 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b887e69ab96b79d7fcbaaf06c702a196f71ae198 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits