Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
05bc55f4 by Salvatore Bonaccorso at 2024-02-06T12:42:06+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,177 +1,177 @@
CVE-2024-24808 (pyLoad is an open-source Download Manager written in pure
Python. Ther ...)
- pyload <itp> (bug #1001980)
CVE-2024-24807 (Sulu is a highly extensible open-source PHP content management
system ...)
- TODO: check
+ NOT-FOR-US: Sulu
CVE-2024-24595 (Allegro AI\u2019s open-source version of ClearML stores
passwords in p ...)
TODO: check
CVE-2024-24574 (phpMyFAQ is an open source FAQ web application for PHP 8.1+
and MySQL, ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2024-24559 (Vyper is a Pythonic Smart Contract Language for the EVM. There
is an e ...)
- TODO: check
+ NOT-FOR-US: Vyper
CVE-2024-24543 (Buffer Overflow vulnerability in the function setSchedWifi in
Tenda AC ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-24398 (Directory Traversal vulnerability in Stimulsoft GmbH
Stimulsoft Dashbo ...)
- TODO: check
+ NOT-FOR-US: Stimulsoft GmbH Stimulsoft Dashboard.JS
CVE-2024-24112 (xmall v1.1 was discovered to contain a SQL injection
vulnerability via ...)
- TODO: check
+ NOT-FOR-US: Exrick xmall
CVE-2024-23304 (Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote
unauthentica ...)
- TODO: check
+ NOT-FOR-US: Cybozu KUNAI for Android
CVE-2024-23049 (An issue in symphony v.3.6.3 and before allows a remote
attacker to ex ...)
TODO: check
CVE-2024-22853 (D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded
password fo ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2024-22852 (D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a
stack-based buff ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2024-22773 (Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password
in Cookie ...)
- TODO: check
+ NOT-FOR-US: Intelbras Roteador ACtion RF 1200
CVE-2024-22208 (phpMyFAQ is an Open Source FAQ web application for PHP 8.1+
and MySQL, ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2024-20828 (Improper authorization verification vulnerability in Samsung
Internet ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20827 (Improper access control vulnerability in Samsung Gallery prior
to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20826 (Implicit intent hijacking vulnerability in UPHelper library
prior to v ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20825 (Implicit intent hijacking vulnerability in IAP of Galaxy Store
prior t ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20824 (Implicit intent hijacking vulnerability in VoiceSearch of
Galaxy Store ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20823 (Implicit intent hijacking vulnerability in SamsungAccount of
Galaxy St ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20822 (Implicit intent hijacking vulnerability in AccountActivity of
Galaxy S ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20820 (Improper input validation in bootloader prior to SMR Feb-2024
Release ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20819 (Out out bounds Write vulnerabilities in svc1td_vld_plh_ap of
libsthmbc ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20818 (Out out bounds Write vulnerabilities in svc1td_vld_elh of
libsthmbc.so ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20817 (Out out bounds Write vulnerabilities in svc1td_vld_slh of
libsthmbc.so ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20816 (Improper authentication vulnerability in
onCharacteristicWriteRequest ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20815 (Improper authentication vulnerability in
onCharacteristicReadRequest i ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20814 (Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20813 (Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to
SMR Feb-2 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20812 (Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to
SMR Feb-2 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20811 (Improper caller verification in GameOptimizer prior to SMR
Feb-2024 Re ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20810 (Implicit intent hijacking vulnerability in Smart Suggestions
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-1210 (The LearnDash LMS plugin for WordPress is vulnerable to
Sensitive Info ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1209 (The LearnDash LMS plugin for WordPress is vulnerable to
Sensitive Info ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1208 (The LearnDash LMS plugin for WordPress is vulnerable to
Sensitive Info ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1177 (The WP Club Manager \u2013 WordPress Sports Club Plugin plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1121 (The Advanced Forms for ACF plugin for WordPress is vulnerable
to unaut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1092 (The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging,
News & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1075 (The Minimal Coming Soon \u2013 Coming Soon Page plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1072 (The Website Builder by SeedProd \u2014 Theme Builder, Landing
Page Bui ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1052 (Boundary and Boundary Enterprise (\u201cBoundary\u201d) is
vulnerable ...)
TODO: check
CVE-2024-1046 (The Paid Membership Plugin, Ecommerce, User Registration Form,
Login F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0969 (The ARMember plugin for WordPress is vulnerable to Sensitive
Informati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0964 (A local file include could be remotely triggered in Gradio due
to a vu ...)
TODO: check
CVE-2024-0961 (The SiteOrigin Widgets Bundle plugin for WordPress is
vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0954 (The Essential Addons for Elementor \u2013 Best Elementor
Templates, Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0869 (The Instant Images \u2013 One Click Image Uploads from
Unsplash, Openv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0859 (The Affiliates Manager plugin for WordPress is vulnerable to
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0835 (The Royal Elementor Kit theme for WordPress is vulnerable to
unauthori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0834 (The Elementor Addon Elements plugin for WordPress is vulnerable
to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0823 (The Exclusive Addons for Elementor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0797 (The Active Products Tables for WooCommerce. Professional
products tabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0796 (The Active Products Tables for WooCommerce. Professional
products tabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0791 (The WOLF \u2013 WordPress Posts Bulk Editor and Manager
Professional p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0790 (The WOLF \u2013 WordPress Posts Bulk Editor and Manager
Professional p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0761 (The File Manager plugin for WordPress is vulnerable to
Sensitive Infor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0709 (The Cryptocurrency Widgets \u2013 Price Ticker & Coins List
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0701 (The UserPro plugin for WordPress is vulnerable to Security
Feature Byp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0699 (The AI Engine: Chatbots, Generators, Assistants, GPT 4 and
more! plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0691 (The FileBird plugin for WordPress is vulnerable to Stored
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0678 (The Order Delivery Date for WP e-Commerce plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0668 (The Advanced Database Cleaner plugin for WordPress is
vulnerable to PH ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0660 (The Formidable Forms \u2013 Contact Form, Survey, Quiz,
Payment, Calcu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0659 (The Easy Digital Downloads \u2013 Sell Digital Files (eCommerce
Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0630 (The WP RSS Aggregator plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0612 (The Content Views \u2013 Post Grid, Slider, Accordion
(Gutenberg Block ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0597 (The SEO Plugin by Squirrly SEO plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0586 (The Essential Addons for Elementor \u2013 Best Elementor
Templates, Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0585 (The Essential Addons for Elementor \u2013 Best Elementor
Templates, Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0509 (The WP 404 Auto Redirect to Similar Post plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0508 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0448 (The Elementor Addons by Livemesh plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0428 (The Index Now plugin for WordPress is vulnerable to Cross-Site
Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0384 (The WP Recipe Maker plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0382 (The WP Recipe Maker plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0380 (The WP Recipe Maker plugin for WordPress is vulnerable to
Directory Tr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0374 (The Views for WPForms \u2013 Display & Edit WPForms Entries on
your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0373 (The Views for WPForms \u2013 Display & Edit WPForms Entries on
your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0372 (The Views for WPForms \u2013 Display & Edit WPForms Entries on
your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0371 (The Views for WPForms \u2013 Display & Edit WPForms Entries on
your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0370 (The Views for WPForms \u2013 Display & Edit WPForms Entries on
your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0366 (The Starbox \u2013 the Author Box for Humans plugin for
WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0324 (The User Profile Builder \u2013 Beautiful User Registration
Forms, Use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0255 (The WP Recipe Maker plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0254 (The (Simply) Guest Author Name plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0244 (Buffer overflow in CPCA PCFAX number process of Office
Multifunction P ...)
- TODO: check
+ NOT-FOR-US: CPCA PCFAX
CVE-2024-0221 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0202 (A security vulnerability has been identified in the cryptlib
cryptogra ...)
TODO: check
CVE-2023-7029 (The WordPress Button Plugin MaxButtons plugin for WordPress is
vulnera ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05bc55f400ac48db2fa4f10b2e3d4080bdc86a1b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05bc55f400ac48db2fa4f10b2e3d4080bdc86a1b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
