Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8cdf05aa by Salvatore Bonaccorso at 2024-04-12T22:23:37+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,157 +1,157 @@ CVE-2024-3707 (Information exposure vulnerability in OpenGnsys affecting version 1.1. ...) - TODO: check + NOT-FOR-US: OpenGnsys CVE-2024-3706 (Information exposure vulnerability in OpenGnsys affecting version 1.1. ...) - TODO: check + NOT-FOR-US: OpenGnsys CVE-2024-3705 (Unrestricted file upload vulnerability in OpenGnsys affecting version ...) - TODO: check + NOT-FOR-US: OpenGnsys CVE-2024-3704 (SQL Injection Vulnerability has been found on OpenGnsys product affect ...) - TODO: check + NOT-FOR-US: OpenGnsys CVE-2024-3698 (A vulnerability was found in Campcodes House Rental Management System ...) - TODO: check + NOT-FOR-US: Campcodes House Rental Management System CVE-2024-3697 (A vulnerability was found in Campcodes House Rental Management System ...) - TODO: check + NOT-FOR-US: Campcodes House Rental Management System CVE-2024-3696 (A vulnerability was found in Campcodes House Rental Management System ...) - TODO: check + NOT-FOR-US: Campcodes House Rental Management System CVE-2024-3695 (A vulnerability has been found in SourceCodester Computer Laboratory M ...) - TODO: check + NOT-FOR-US: SourceCodester Computer Laboratory Management System CVE-2024-3691 (A vulnerability, which was classified as critical, has been found in P ...) - TODO: check + NOT-FOR-US: PHPGurukul Small CRM CVE-2024-3690 (A vulnerability classified as critical was found in PHPGurukul Small C ...) - TODO: check + NOT-FOR-US: PHPGurukul Small CRM CVE-2024-3689 (A vulnerability classified as problematic has been found in Zhejiang L ...) - TODO: check + NOT-FOR-US: Zhejiang Land Zongheng Network Technology O2OA CVE-2024-3688 (A vulnerability was found in Xiamen Four-Faith RMP Router Management P ...) - TODO: check + NOT-FOR-US: Xiamen Four-Faith RMP Router Management Platform CVE-2024-3687 (A vulnerability was found in bihell Dice 3.1.0 and classified as probl ...) - TODO: check + NOT-FOR-US: bihell Dice CVE-2024-3686 (A vulnerability has been found in DedeCMS 5.7.112-UTF8 and classified ...) - TODO: check + NOT-FOR-US: DedeCMS CVE-2024-3685 (A vulnerability, which was classified as critical, was found in DedeCM ...) - TODO: check + NOT-FOR-US: DedeCMS CVE-2024-3211 (The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3054 (WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-32000 (matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging ...) TODO: check CVE-2024-31839 (Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allo ...) - TODO: check + NOT-FOR-US: tiagorlampert CHAOS CVE-2024-31818 (Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote at ...) - TODO: check + NOT-FOR-US: DerbyNet CVE-2024-31372 (Cross-Site Request Forgery (CSRF) vulnerability in Arnan de Gans No-Bo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31371 (Cross-Site Request Forgery (CSRF) vulnerability in Xylus Themes WP Eve ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31364 (Cross-Site Request Forgery (CSRF) vulnerability in ELEXtensions ELEX W ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31363 (Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.This issu ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31362 (Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGr ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31360 (Cross-Site Request Forgery (CSRF) vulnerability in Coded Commerce, LLC ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31354 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31305 (Cross-Site Request Forgery (CSRF) vulnerability in rtCamp Transcoder.T ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31303 (Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign- ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31301 (Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31293 (Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downlo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31289 (Cross-Site Request Forgery (CSRF) vulnerability in Elementor Hello Ele ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31279 (Cross-Site Request Forgery (CSRF) vulnerability in Catch Plugins Gener ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31272 (Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31271 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Ultimate ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31269 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Goog ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31268 (Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team App ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31265 (Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This is ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31264 (Unauthenticated Cross Site Request Forgery (CSRF) in Post Views Counte ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31263 (Cross-Site Request Forgery (CSRF) vulnerability in aerin Loan Repaymen ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31262 (Cross-Site Request Forgery (CSRF) vulnerability in Jcodex WooCommerce ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31251 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31250 (Cross-Site Request Forgery (CSRF) vulnerability in Saumya Majumder WP ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31239 (Cross-Site Request Forgery (CSRF) vulnerability in Nudgify Nudgify Soc ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31238 (Cross-Site Request Forgery (CSRF) vulnerability in Zaytech Smart Onlin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31235 (Cross-Site Request Forgery (CSRF) vulnerability in WebToffee WordPress ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-31069 (IO-1020 Micro ELD web server uses a default password for authenticatio ...) - TODO: check + NOT-FOR-US: IO-1020 Micro ELD web server CVE-2024-30845 (Cross Site Scripting vulnerability in Rainbow external link network di ...) - TODO: check + NOT-FOR-US: Rainbow external link network disk CVE-2024-30410 (An Incorrect Behavior Order in the routing engine (RE) of Juniper Netw ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30409 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30407 (The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Net ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30406 (A Cleartext Storage in a File on Disk vulnerability in Juniper Network ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30405 (An Incorrect Calculation of Buffer Size vulnerability in Juniper Netwo ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30403 (A NULL Pointer Dereference vulnerability in the Packet Forwarding Engi ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30402 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30401 (An Out-of-bounds Read vulnerability in the advanced forwarding managem ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30398 (An Improper Restriction of Operations within the Bounds of a Memory Bu ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30397 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30395 (AnImproper Validation of Specified Type of Input vulnerability in Rout ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30394 (AStack-based Buffer Overflow vulnerability in the Routing Protocol Dae ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30392 (A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30391 (A Missing Authentication for Critical Function vulnerability in the Pa ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30390 (An Improper Restriction of Excessive Authentication Attempts vulnerabi ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30389 (An Incorrect Behavior Order vulnerability in the Packet Forwarding Eng ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30388 (An Improper Isolation or Compartmentalization vulnerability in the Pac ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30387 (AMissing Synchronization vulnerability in the Packet Forwarding Engine ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30386 (A Use-After-Free vulnerability in theLayer 2 Address Learning Daemon ( ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30384 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30382 (An Improper Handling of Exceptional Conditions vulnerability in the ro ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30381 (An Exposure of Sensitive Information to an Unauthorized Actor vulnerab ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-30210 (IO-1020 Micro ELD uses a default WIFI password that could allow an adj ...) - TODO: check + NOT-FOR-US: IO-1020 Micro ELD CVE-2024-2397 (Due to a bug in packet data buffers management, the PPP printer in tcp ...) TODO: check CVE-2024-29461 (An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a remote a ...) - TODO: check + NOT-FOR-US: Floodlight CVE-2024-28878 (IO-1020 Micro ELD downloads source code or an executable from an adja ...) - TODO: check + NOT-FOR-US: IO-1020 Micro ELD CVE-2024-28718 (An issue in OpenStack magnum yoga-eom version allows a remote attacker ...) TODO: check CVE-2024-27261 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could al ...) NOT-FOR-US: IBM CVE-2024-25545 (An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to e ...) - TODO: check + NOT-FOR-US: Weave Weave Desktop CVE-2024-22359 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...) NOT-FOR-US: IBM CVE-2024-22358 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...) @@ -161,31 +161,31 @@ CVE-2024-22339 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1 CVE-2024-22334 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...) NOT-FOR-US: IBM CVE-2024-21618 (An Access of Memory Location After End of Buffer vulnerability in the ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-21615 (An Incorrect Default Permissions vulnerability in Juniper Networks Jun ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-21610 (An Improper Handling of Exceptional Conditions vulnerability in the Cl ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-21609 (A Missing Release of Memory after Effective Lifetime vulnerability in ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-21605 (An Exposure of Resource to Wrong Sphere vulnerability in the Packet Fo ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-21598 (An Improper Validation of Syntactic Correctness of Input vulnerability ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-21593 (An Improper Check or Handling of Exceptional Conditions vulnerability ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-21590 (An Improper Input Validation vulnerability in Juniper Tunnel Driver (j ...) - TODO: check + NOT-FOR-US: Juniper CVE-2024-0157 (Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session ...) - TODO: check + NOT-FOR-US: Dell CVE-2023-52211 (Missing Authorization vulnerability in Automattic WP Job Manager.This ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51515 (Missing Authorization vulnerability in Undsgn Uncode Core allows Privi ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51499 (Missing Authorization vulnerability in WooCommerce WooCommerce Shippin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-51409 (Unrestricted Upload of File with Dangerous Type vulnerability in Jordy ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-47714 (IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1 ...) NOT-FOR-US: IBM CVE-2024-31391 (Insertion of Sensitive Information into Log File vulnerability in the ...) @@ -115001,7 +115001,7 @@ CVE-2022-40215 (Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnera CVE-2022-40213 (Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS ...) NOT-FOR-US: WordPress plugin CVE-2022-40211 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-40206 (Insecure direct object references (IDOR) vulnerability in the wpForo F ...) NOT-FOR-US: WordPress plugin CVE-2022-40205 (Insecure direct object references (IDOR) vulnerability in the wpForo F ...) @@ -303853,7 +303853,7 @@ CVE-2020-8008 CVE-2020-8007 RESERVED CVE-2020-8006 (The server in Circontrol Raption through 5.11.2 has a pre-authenticati ...) - TODO: check + NOT-FOR-US: Circontrol Raption CVE-2020-8005 RESERVED CVE-2020-8004 (STMicroelectronics STM32F1 devices have Incorrect Access Control.) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdf05aad806559606831b45d178a10aa35ca409 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdf05aad806559606831b45d178a10aa35ca409 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits