Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e513b114 by Salvatore Bonaccorso at 2024-05-03T22:52:24+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -137,9 +137,9 @@ CVE-2024-3550 (The WP Shortcodes Plugin \u2014 Shortcodes
Ultimate plugin for Wo
CVE-2024-3546 (The WordPress Backup & Migration plugin for WordPress is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3544 (Unauthenticated attackers can perform actions, using SSH
private keys, ...)
- TODO: check
+ NOT-FOR-US: ECS Connection Manager (ECS CM)
CVE-2024-3543 (Use of reversible password encryption algorithm allows
attackers to de ...)
- TODO: check
+ NOT-FOR-US: ECS Connection Manager (ECS CM)
CVE-2024-3520 (The Country State City Dropdown CF7 plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3517 (The Shortcodes and extra features for Phlox theme plugin for
WordPress ...)
@@ -157,77 +157,77 @@ CVE-2024-3479 (An improper export vulnerability was
reported in the Motorola Ent
CVE-2024-3473 (The Header Footer Code Manager Pro plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3341 (The Shortcodes and extra features for Phlox theme plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3340 (The Colibri Page Builder plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3338 (The Colibri Page Builder plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3337 (The Colibri Page Builder plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3312 (The Easy Custom Auto Excerpt plugin for WordPress is vulnerable
to Sen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3308 (The HT Mega \u2013 Absolute Addons For Elementor plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3307 (The HT Mega \u2013 Absolute Addons For Elementor plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3295 (The User Registration \u2013 Custom Registration Form, Login
Form, and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3287 (The SmartCrawl WordPress SEO checker, SEO analyzer, SEO
optimizer plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3275 (The eRoom \u2013 Zoom Meetings & Webinars plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3233 (The Ivory Search \u2013 WordPress Search Plugin plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3215 (The Paid Memberships Pro \u2013 Content Restriction, User
Registration ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3206 (The Different Menu in Different Pages \u2013 Control Menu
Visibility ( ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3199 (The The Plus Addons for Elementor plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3197 (The The Plus Addons for Elementor plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3161 (The Jeg Elementor Kit plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3109 (A hard-coded AES key vulnerability was reported in the Motorola
GuideM ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2024-3108 (An implicit intent vulnerability was reported for
Motorola\u2019s Time ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2024-3107 (The Spectra \u2013 WordPress Gutenberg Blocks plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3074 (The Elementor ImageBox plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3071 (The ACF On-The-Go plugin for WordPress is vulnerable to
unauthorized m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3047 (The PDF Invoices & Packing Slips for WooCommerce plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3045 (The PDF Invoices & Packing Slips for WooCommerce plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3023 (The AnnounceKit plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3021 (The Mhr Post Ticker plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3005 (The LA-Studio Element Kit for Elementor plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34455 (Buildroot before 0b2967e lacks the sticky bit for the /dev/shm
directo ...)
TODO: check
CVE-2024-34453 (TwoNav 2.1.13 contains an SSRF vulnerability via the url
paramater to ...)
- TODO: check
+ NOT-FOR-US: TwoNav
CVE-2024-34449 (Vditor 3.10.3 allows XSS via an attribute of an A element.
NOTE: the v ...)
TODO: check
CVE-2024-34447 (An issue was discovered in Bouncy Castle Java Cryptography
APIs before ...)
TODO: check
CVE-2024-34446 (Mullvad VPN through 2024.1 on Android does not set a DNS
server in the ...)
- TODO: check
+ NOT-FOR-US: Mullvad VPN
CVE-2024-34408 (Tencent libpag through 4.3.51 has an integer overflow in
DecodeStream: ...)
TODO: check
CVE-2024-34404 (A vulnerability was discovered in the Alta Recovery Vault
feature of V ...)
- TODO: check
+ NOT-FOR-US: Veritas NetBackup
CVE-2024-34403 (An issue was discovered in uriparser through 0.9.7.
ComposeQueryMalloc ...)
TODO: check
CVE-2024-34402 (An issue was discovered in uriparser through 0.9.7.
ComposeQueryEngine ...)
TODO: check
CVE-2024-34401 (Savsoft Quiz 6.0 allows stored XSS via the
index.php/quiz/insert_quiz/ ...)
- TODO: check
+ NOT-FOR-US: Savsoft Quiz
CVE-2024-34394 (libxmljs2 is vulnerable to a type confusion vulnerability when
parsing ...)
TODO: check
CVE-2024-34393 (libxmljs2 is vulnerable to a type confusion vulnerability when
parsing ...)
@@ -237,7 +237,7 @@ CVE-2024-34392 (libxmljs is vulnerable to a type confusion
vulnerability when pa
CVE-2024-34391 (libxmljs is vulnerable to a type confusion vulnerability when
parsing ...)
TODO: check
CVE-2024-34075 (kurwov is a fast, dependency-free library for creating Markov
Chains. ...)
- TODO: check
+ NOT-FOR-US: kurwov
CVE-2024-34073 (sagemaker-python-sdk is a library for training and deploying
machine l ...)
TODO: check
CVE-2024-34072 (sagemaker-python-sdk is a library for training and deploying
machine l ...)
@@ -255,109 +255,109 @@ CVE-2024-34062 (tqdm is an open source progress bar for
Python and CLI. Any opti
CVE-2024-34061 (changedetection.io is a free open source web page change
detection, we ...)
TODO: check
CVE-2024-34033 (Delta Electronics DIAEnergie has insufficient input validation
which m ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-34032 (Delta Electronics DIAEnergie is vulnerable to an SQL injection
vulnera ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-34031 (Delta Electronics DIAEnergie is vulnerable to an SQL injection
vulnera ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-33956 (Missing Authorization vulnerability in ThemeLocation Custom
WooCommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33955 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33954 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33953 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33952 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33951 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33950 (Administrator Cross Site Scripting (XSS) in Archives Calendar
Widget < ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33949 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33948 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33947 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33946 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33945 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33944 (Missing Authorization vulnerability in Kestrel WooCommerce
AWeber News ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33943 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33942 (Missing Authorization vulnerability in Eric Alli Google
Typography.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33941 (Missing Authorization vulnerability in Avirtum iPanorama 360
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33940 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33938 (Missing Authorization vulnerability in codename065 Sliding
Widgets all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33937 (Missing Authorization vulnerability in Nico Martin Progressive
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33936 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33935 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33934 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33932 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33931 (Missing Authorization vulnerability in ilGhera JW Player for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33930 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33929 (Missing Authorization vulnerability in wpWax Directorist.This
issue af ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33928 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33927 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33926 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33925 (Missing Authorization vulnerability in Adrian M\xf6rchen Embed
Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33924 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33923 (Missing Authorization vulnerability in Smartypants SP Project
& Docume ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33922 (Insertion of Sensitive Information into Log File vulnerability
in Jord ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33921 (Broken Access Control vulnerability in ReviewX.This issue
affects Revi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33920 (Missing Authorization vulnerability in Kama Democracy
Poll.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33919 (Missing Authorization vulnerability in Rometheme RomethemeKit
For Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33918 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33916 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33915 (Missing Authorization vulnerability in Bowo Debug Log
Manager.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33914 (Missing Authorization vulnerability in Exclusive Addons
Exclusive Addo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33913 (Cross-Site Request Forgery (CSRF) vulnerability leading to
Arbitrary F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33911 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33844 (The 'control' in Parrot ANAFI USA firmware 1.10.4 does not
check the M ...)
- TODO: check
+ NOT-FOR-US: Parrot ANAFI USA firmware
CVE-2024-33793 (A cross-site scripting (XSS) vulnerability in netis-systems
MEX605 v2. ...)
- TODO: check
+ NOT-FOR-US: netis-systems MEX605
CVE-2024-33792 (A cross-site scripting (XSS) vulnerability in netis-systems
MEX605 v2. ...)
- TODO: check
+ NOT-FOR-US: netis-systems MEX605
CVE-2024-33791 (A cross-site scripting (XSS) vulnerability in netis-systems
MEX605 v2. ...)
- TODO: check
+ NOT-FOR-US: netis-systems MEX605
CVE-2024-33789 (Linksys E5600 v1.1.0.26 was discovered to contain a command
injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-33787 (Hengan Weighing Management Information Query Platform
2019-2021 53.25 ...)
- TODO: check
+ NOT-FOR-US: Hengan Weighing Management Information Query Platform
CVE-2024-33786 (An arbitrary file upload vulnerability in Zhongcheng Kexin
Ticketing M ...)
- TODO: check
+ NOT-FOR-US: Zhongcheng Kexin Ticketing Management Platform
CVE-2024-33530 (In Jitsi Meet before 9391, a logic flaw in password-protected
Jitsi me ...)
TODO: check
CVE-2024-33398 (There is a ClusterRole in piraeus-operator v2.5.0 and earlier
which ha ...)
@@ -367,17 +367,17 @@ CVE-2024-33396 (An issue in karmada-io karmada v1.9.0 and
before allows a local
CVE-2024-33394 (An issue in kubevirt kubevirt v1.2.0 and before allows a local
attacke ...)
TODO: check
CVE-2024-33305 (SourceCodester Laboratory Management System 1.0 is vulnerable
to Cross ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Laboratory Management System
CVE-2024-33303 (SourceCodester Product Show Room 1.0 is vulnerable to Cross
Site Scrip ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Product Show Room
CVE-2024-33302 (SourceCodester Product Show Room 1.0 and before is vulnerable
to Cross ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Product Show Room
CVE-2024-32986 (PWAsForFirefox is a tool to install, manage and use
Progressive Web Ap ...)
TODO: check
CVE-2024-32831 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32810 (Missing Authorization vulnerability in ShortPixel ShortPixel
Critical ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32638 (Inconsistent Interpretation of HTTP Requests ('HTTP Request
Smuggling' ...)
TODO: check
CVE-2024-32359 (An RBAC authorization risk in Carina v0.13.0 and earlier
allows local ...)
@@ -385,69 +385,69 @@ CVE-2024-32359 (An RBAC authorization risk in Carina
v0.13.0 and earlier allows
CVE-2024-32114 (In Apache ActiveMQ 6.x, the default configuration doesn't
secure the A ...)
TODO: check
CVE-2024-31967 (A vulnerability on Mitel 6800 Series and 6900 Series SIP
Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31966 (A vulnerability on Mitel 6800 Series and 6900 Series SIP
Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31965 (A vulnerability on Mitel 6800 Series and 6900 Series SIP
Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31964 (A vulnerability on Mitel 6800 Series and 6900 Series SIP
Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31963 (A vulnerability on Mitel 6800 Series and 6900 Series SIP
Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31673 (Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in
load_data.php via t ...)
- TODO: check
+ NOT-FOR-US: Kliqqi-CMS
CVE-2024-31636 (An issue in LIEF v.0.14.1 allows a local attacker to obtain
sensitive ...)
TODO: check
CVE-2024-30851 (Directory Traversal vulnerability in codesiddhant Jasmin
Ransomware v. ...)
- TODO: check
+ NOT-FOR-US: codesiddhant Jasmin Ransomware
CVE-2024-30306 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier
are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30305 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier
are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30304 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier
are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30303 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier
are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30302 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier
are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30301 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier
are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-2967 (The Guest posting / Frontend Posting wordpress plugin \u2013 WP
Front ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2960 (The SVS Pricing Tables plugin for WordPress is vulnerable to
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2959 (The SVS Pricing Tables plugin for WordPress is vulnerable to
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2958 (The SVS Pricing Tables plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2876 (The Email Subscribers by Icegram Express \u2013 Email
Marketing, Newsl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2867 (The Paid Membership Plugin, Ecommerce, User Registration Form,
Login F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2840 (The Enhanced Media Library plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2831 (The Calendar plugin for WordPress is vulnerable to SQL
Injection via t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2797 (The MailerLite \u2013 Signup forms (official) plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2790 (The HT Mega \u2013 Absolute Addons For Elementor plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2765 (The Ultimate Member \u2013 User Profile, Registration, Login,
Member D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2752 (The Where Did You Hear About Us Checkout Field for WooCommerce
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2751 (The Exclusive Addons for Elementor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2750 (The Exclusive Addons for Elementor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2667 (The InstaWP Connect \u2013 1-click WP Staging & Migration
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2661 (The Barcode Scanner and Inventory manager. POS (Point of Sale)
\u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2542 (The Jotform Online Forms \u2013 Drag & Drop Form Builder,
Securely Emb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2503 (The Exclusive Addons for Elementor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2417 (The User Registration \u2013 Custom Registration Form, Login
Form, and ...)
TODO: check
CVE-2024-2410 (The JsonToBinaryStream()function is part of the protocol
buffers C++ i ...)
@@ -483,15 +483,15 @@ CVE-2024-29309 (An issue in Alfresco Content Services
v.23.3.0.7 allows a remote
CVE-2024-28519 (A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in
MicroWorld ...)
TODO: check
CVE-2024-28072 (A highly privileged account can overwrite arbitrary files on
the syste ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-27453 (In Extreme XOS through 22.6.1.4, a read-only user can escalate
privile ...)
TODO: check
CVE-2024-25290 (An issue in Casa Systems NL1901ACV R6B032 allows a remote
attacker to ...)
- TODO: check
+ NOT-FOR-US: Casa Systems NL1901ACV R6B032
CVE-2024-25047 (IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through
12.0.2 i ...)
NOT-FOR-US: IBM
CVE-2024-24710 (Missing Authorization vulnerability in SlickRemix Feed Them
Social.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23914 (Use of Externally-Controlled Format String vulnerability in
Merge DICO ...)
TODO: check
CVE-2024-23913 (Use of Out-of-range Pointer Offset vulnerability in Merge
DICOM Toolki ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e513b11486af3f572b998f00dca6cfe5e227bb5e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e513b11486af3f572b998f00dca6cfe5e227bb5e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
