Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: b449683c by Salvatore Bonaccorso at 2024-05-17T10:48:36+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,5 +1,5 @@ CVE-2024-4204 (The Bulk Posts Editing For WordPress plugin for WordPress is vulnerabl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3609 (The ReviewX \u2013 Multi-criteria Rating & Reviews for WooCommerce plu ...) TODO: check CVE-2024-3580 (The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and e ...) @@ -357,35 +357,35 @@ CVE-2024-4838 (The ConvertPlus plugin for WordPress is vulnerable to PHP Object CVE-2024-4826 (SQL injection vulnerability in Simple PHP Shopping Cart affecting vers ...) NOT-FOR-US: Simple PHP Shopping Cart CVE-2024-4760 (A voltage glitch during the startup of EEFC NVM controllers on Microch ...) - TODO: check + NOT-FOR-US: Microchip SAM E70/S70/V70/V71 microcontrollers CVE-2024-4733 (The ShiftController Employee Shift Scheduling plugin is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4642 (A Server-Side Request Forgery (SSRF) vulnerability exists in the wandb ...) - TODO: check + NOT-FOR-US: wandb CVE-2024-4635 (The Menu Icons by ThemeIsle plugin for WordPress is vulnerable to Stor ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4634 (The Elementor Header & Footer Builder plugin for WordPress is vulnerab ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4617 (The Rank Math SEO with AI Best SEO Tools plugin for WordPress is vulne ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4609 (A vulnerability exists in the Rockwell Automation FactoryTalk\xae View ...) - TODO: check + NOT-FOR-US: Rockwell Automation CVE-2024-4580 (The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditio ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4546 (The Custom Post Type Attachment plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4478 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4400 (The Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Edit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4391 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4385 (The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4352 (The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized a ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4351 (The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized a ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4326 (A vulnerability in parisneo/lollms-webui versions up to 9.3 allows rem ...) TODO: check CVE-2024-4322 (A path traversal vulnerability exists in the parisneo/lollms-webui app ...) @@ -393,17 +393,17 @@ CVE-2024-4322 (A path traversal vulnerability exists in the parisneo/lollms-webu CVE-2024-4321 (A Local File Inclusion (LFI) vulnerability exists in the gaizhenbiao/c ...) TODO: check CVE-2024-4318 (The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Inj ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4288 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4279 (The Tutor LMS \u2013 eLearning and online course solution plugin for W ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4263 (A broken access control vulnerability exists in mlflow/mlflow versions ...) - TODO: check + NOT-FOR-US: mlflow CVE-2024-4223 (The Tutor LMS plugin for WordPress is vulnerable to unauthorized acces ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4222 (The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized a ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-4181 (A command injection vulnerability exists in the RunGptLLM class of the ...) TODO: check CVE-2024-4078 (A vulnerability in the parisneo/lollms, specifically in the `/unInstal ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b449683c577e035efe7a9feea0fc164278084346 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b449683c577e035efe7a9feea0fc164278084346 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits