Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d0ca2fda by Salvatore Bonaccorso at 2024-08-06T11:35:21+02:00 Process some more NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -31,33 +31,33 @@ CVE-2024-7009 (Unsanitized user-input in Calibre <= 7.15.0 allow users with perm CVE-2024-7008 (Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform ...) TODO: check CVE-2024-6886 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + - gitea <removed> CVE-2024-6782 (Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticate ...) TODO: check CVE-2024-6781 (Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to ...) TODO: check CVE-2024-6766 (The shortcodes-ultimate-pro WordPress plugin before 7.2.1 does not val ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-6651 (The WordPress File Upload WordPress plugin before 4.24.8 does not sani ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-6315 (The Blox Page Builder plugin for WordPress is vulnerable to arbitrary ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-6203 (HaloITSM versions up to 2.146.1 are affected by a Password Reset Poiso ...) - TODO: check + NOT-FOR-US: HaloITSM CVE-2024-6202 (HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature W ...) - TODO: check + NOT-FOR-US: HaloITSM CVE-2024-6201 (HaloITSM versions up to 2.146.1 are affected by a Template Injection v ...) - TODO: check + NOT-FOR-US: HaloITSM CVE-2024-6200 (HaloITSM versions up to 2.146.1 are affected by a Stored Cross-Site Sc ...) - TODO: check + NOT-FOR-US: HaloITSM CVE-2024-5963 (Unquoted Executable Path vulnerability in Hitachi Device Manager on Wi ...) - TODO: check + NOT-FOR-US: Hitachi CVE-2024-5828 (Expression Language Injection vulnerability in Hitachi Tuning Manager ...) - TODO: check + NOT-FOR-US: Hitachi CVE-2024-5709 (The WPBakery Visual Composer plugin for WordPress is vulnerable to Loc ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-5708 (The WPBakery Visual Composer plugin for WordPress is vulnerable to Sto ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-42352 (Nuxt is a free and open-source framework to create full-stack web appl ...) TODO: check CVE-2024-41995 (Initialization of a resource with an insecure default vulnerability ex ...) @@ -65,21 +65,21 @@ CVE-2024-41995 (Initialization of a resource with an insecure default vulnerabil CVE-2024-41820 (Kubean is a cluster lifecycle management toolchain based on kubespray ...) TODO: check CVE-2024-41816 (Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPre ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-41811 (ipl/web is a set of common web components for php projects. Some of th ...) TODO: check CVE-2024-39817 (Insertion of sensitive information into sent data issue exists in Cybo ...) - TODO: check + NOT-FOR-US: Cybozu Office CVE-2024-34344 (Nuxt is a free and open-source framework to create full-stack web appl ...) TODO: check CVE-2024-34343 (Nuxt is a free and open-source framework to create full-stack web appl ...) TODO: check CVE-2024-28962 (Dell Command | Update, Dell Update, and Alienware Update UWP, versions ...) - TODO: check + NOT-FOR-US: Dell CVE-2024-23657 (Nuxt is a free and open-source framework to create full-stack web appl ...) TODO: check CVE-2023-5000 (The Horizontal scrolling announcements plugin for WordPress is vulnera ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-7547 (oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vul ...) - ofono <unfixed> NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1087/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d0ca2fdae4f0eae54720b34b92f47ffc5ada9300 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d0ca2fdae4f0eae54720b34b92f47ffc5ada9300 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits