Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e5e8b3ef by Salvatore Bonaccorso at 2024-02-27T21:32:45+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -129,13 +129,13 @@ CVE-2024-27507 (libLAS 1.8.1 contains a memory leak
vulnerability in /libLAS/app
CVE-2024-27099 (The uAMQP is a C library for AMQP 1.0 communication to Azure
Cloud Ser ...)
TODO: check
CVE-2024-26473 (A reflected cross-site scripting (XSS) vulnerability in
SocialMediaWeb ...)
- TODO: check
+ NOT-FOR-US: SocialMediaWebsite
CVE-2024-26472 (A reflected cross-site scripting (XSS) vulnerability in
SocialMediaWeb ...)
- TODO: check
+ NOT-FOR-US: SocialMediaWebsite
CVE-2024-26471 (A reflected cross-site scripting (XSS) vulnerability in
zhimengzhe iBa ...)
- TODO: check
+ NOT-FOR-US: zhimengzhe iBarn
CVE-2024-26470 (A host header injection vulnerability in the forgot password
function ...)
- TODO: check
+ NOT-FOR-US: FullStackHero's WebAPI Boilerplate
CVE-2024-26464 (net-snmp 5.9.4 contains a memory leak vulnerability in
/net-snmp/apps/ ...)
TODO: check
CVE-2024-26143 (Rails is a web-application framework. There is a possible XSS
vulnerab ...)
@@ -143,75 +143,75 @@ CVE-2024-26143 (Rails is a web-application framework.
There is a possible XSS vu
CVE-2024-26142 (Rails is a web-application framework. Starting in version
7.1.0, there ...)
TODO: check
CVE-2024-25846 (In the module "Product Catalog (CSV, Excel) Import"
(simpleimportprodu ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2024-25843 (In the module "Import/Update Bulk Product from any Csv/Excel
File Pro" ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2024-25841 (In the module "So Flexibilite" (soflexibilite) from
Common-Services fo ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2024-25840 (In the module "Account Manager | Sales Representative &
Dealers | CRM" ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2024-25723 (ZenML Server in the ZenML machine learning package before
0.46.7 for P ...)
TODO: check
CVE-2024-25400 (Subrion CMS 4.2.1 is vulnerable to SQL Injection via
ia.core.mysqli.ph ...)
- TODO: check
+ NOT-FOR-US: Subrion CMS
CVE-2024-25399 (Subrion CMS 4.2.1 is vulnerable to Cross Site Scripting (XSS)
via admi ...)
- TODO: check
+ NOT-FOR-US: Subrion CMS
CVE-2024-25398 (In Srelay (the SOCKS proxy and Relay) v.0.4.8p3, a specially
crafted n ...)
TODO: check
CVE-2024-24323 (SQL injection vulnerability in linlinjava litemall v.1.8.0
allows a re ...)
TODO: check
CVE-2024-22251 (VMware Workstation and Fusion contain an out-of-bounds read
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2024-21742 (Improper input validation allows for header injection in
MIME4J librar ...)
TODO: check
CVE-2024-1928 (A vulnerability, which was classified as critical, has been
found in S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Web-Based Student Clearance System
CVE-2024-1927 (A vulnerability classified as critical was found in
SourceCodester Web ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Web-Based Student Clearance System
CVE-2024-1926 (A vulnerability was found in SourceCodester Free and Open
Source Inven ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Free and Open Source Inventory Management
System
CVE-2024-1925 (A vulnerability was found in Ctcms 2.1.2. It has been declared
as crit ...)
- TODO: check
+ NOT-FOR-US: Ctcms
CVE-2024-1924 (A vulnerability was found in CodeAstro Membership Management
System 1. ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Membership Management System
CVE-2024-1923 (A vulnerability was found in SourceCodester Simple Student
Attendance ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Simple Student Attendance System
CVE-2024-1922 (A vulnerability has been found in SourceCodester Online Job
Portal 1.0 ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Job Portal
CVE-2024-1921 (A vulnerability, which was classified as critical, was found in
osuuu ...)
- TODO: check
+ NOT-FOR-US: osuuu LightPicture
CVE-2024-1920 (A vulnerability, which was classified as critical, has been
found in o ...)
- TODO: check
+ NOT-FOR-US: osuuu LightPicture
CVE-2024-1919 (A vulnerability classified as problematic was found in
SourceCodester ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Job Portal
CVE-2024-1918 (A vulnerability has been found in Beijing Baichuo Smart S42
Management ...)
- TODO: check
+ NOT-FOR-US: Beijing Baichuo Smart S42 Management Platform
CVE-2024-1912 (The Categorify plugin for WordPress is vulnerable to Cross-Site
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1910 (The Categorify plugin for WordPress is vulnerable to Cross-Site
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1909 (The Categorify plugin for WordPress is vulnerable to Cross-Site
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1907 (The Categorify plugin for WordPress is vulnerable to Cross-Site
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1906 (The Categorify plugin for WordPress is vulnerable to Cross-Site
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1653 (The Categorify plugin for WordPress is vulnerable to
unauthorized modi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1652 (The Categorify plugin for WordPress is vulnerable to
unauthorized modi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1650 (The Categorify plugin for WordPress is vulnerable to
unauthorized modi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1649 (The Categorify plugin for WordPress is vulnerable to
unauthorized modi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1423
REJECTED
CVE-2024-1403 (In OpenEdge Authentication Gateway and AdminServer prior to
11.7.19, 1 ...)
- TODO: check
+ NOT-FOR-US: OpenEdge Authentication Gateway and AdminServer
CVE-2024-1106 (The Shariff Wrapper WordPress plugin before 4.6.10 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0855 (The Spiffy Calendar WordPress plugin before 4.9.9 doesn't check
the ev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0819 (Improper initialization of default settings in TeamViewer
Remote Clien ...)
TODO: check
CVE-2024-0551 (Enable exports of the database and associated exported
information of ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5e8b3efdbf67ca4bbf50e9e9956627ae31453f8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5e8b3efdbf67ca4bbf50e9e9956627ae31453f8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
