Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
735e28e8 by Moritz Muehlenhoff at 2024-02-29T09:51:06+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,57 +3,57 @@ CVE-2024-26559 (An issue in uverif v.2.0 allows a remote
attacker to obtain sens
CVE-2024-26476 (An issue in open-emr before v.7.0.2 allows a remote attacker
to escala ...)
TODO: check
CVE-2024-26450 (Cross Site Scripting vulnerability in Piwigo before v.14.2.0
allows a ...)
- TODO: check
+ - piwigo <removed>
CVE-2024-25869 (An Unrestricted File Upload vulnerability in CodeAstro
Membership Mana ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2024-25868 (A Cross Site Scripting (XSS) vulnerability in CodeAstro
Membership Man ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2024-25867 (A SQL Injection vulnerability in CodeAstro Membership
Management Syste ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2024-25866 (A SQL Injection vulnerability in CodeAstro Membership
Management Syste ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2024-25594 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25579 (OS command injection vulnerability in ELECOM wireless LAN
routers allo ...)
- TODO: check
+ NOT-FOR-US: ELECOM
CVE-2024-25422 (SQL Injection vulnerability in SEMCMS v.4.8 allows a remote
attacker t ...)
- TODO: check
+ NOT-FOR-US: SEMCMS
CVE-2024-25351 (SQL Injection vulnerability in /zms/admin/changeimage.php in
PHPGuruku ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2024-25350 (SQL Injection vulnerability in /zms/admin/edit-ticket.php in
PHPGuruku ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2024-25292 (Cross-site scripting (XSS) vulnerability in RenderTune v1.1.4
allows a ...)
- TODO: check
+ NOT-FOR-US: RenderTune
CVE-2024-25291 (Deskfiler v1.2.3 allows attackers to execute arbitrary code
via upload ...)
- TODO: check
+ NOT-FOR-US: Deskfiler
CVE-2024-25098 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25094 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25093 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24988 (Mattermost fails to properly validate the length of the emoji
value in ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-24525 (An issue in EpointWebBuilder 5.1.0-sp1, 5.2.1-sp1, 5.4.1 and
5.4.2 all ...)
- TODO: check
+ NOT-FOR-US: EpointWebBuilder
CVE-2024-24155 (Bento4 v1.5.1-628 contains a Memory leak on
AP4_Movie::AP4_Movie, pars ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2024-24150 (A memory leak issue discovered in parseSWF_TEXTRECORD in
libming v0.4. ...)
- TODO: check
+ - ming <removed>
CVE-2024-24149 (A memory leak issue discovered in parseSWF_GLYPHENTRY in
libming v0.4. ...)
- TODO: check
+ - ming <removed>
CVE-2024-24147 (A memory leak issue discovered in parseSWF_FILLSTYLEARRAY in
libming v ...)
- TODO: check
+ - ming <removed>
CVE-2024-24146 (A memory leak issue discovered in parseSWF_DEFINEBUTTON in
libming v0. ...)
- TODO: check
+ - ming <removed>
CVE-2024-23910 (Cross-site request forgery (CSRF) vulnerability in ELECOM
wireless LAN ...)
- TODO: check
+ NOT-FOR-US: ELECOM
CVE-2024-23501 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23493 (Mattermost fails to properly authorize the requests
fetchingteam assoc ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-23488 (Mattermost fails to properly restrict the access of files
attached to ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-23302 (Couchbase Server before 7.2.4 has a private key leak in
goxdcr.log.)
TODO: check
CVE-2024-22983 (SQL injection vulnerability in Projectworlds Visitor
Management System ...)
@@ -83,7 +83,7 @@ CVE-2024-1971 (A vulnerability has been found in
Surya2Developer Online Shopping
CVE-2024-1970 (A vulnerability, which was classified as problematic, was found
in Sou ...)
TODO: check
CVE-2024-1887 (Mattermost fails to check if compliance export is enabled when
fetchin ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2024-1468 (The Avada | Website Builder For WordPress & WooCommerce theme
for Word ...)
TODO: check
CVE-2024-1437 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/735e28e86b4e7b849591af3750c10a667706c722
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/735e28e86b4e7b849591af3750c10a667706c722
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
