Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
330c3813 by Moritz Muehlenhoff at 2024-02-29T09:57:25+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2024-26559 (An issue in uverif v.2.0 allows a remote attacker to obtain
sensitive ...)
- TODO: check
+ NOT-FOR-US: uverif
CVE-2024-26476 (An issue in open-emr before v.7.0.2 allows a remote attacker
to escala ...)
- TODO: check
+ NOT-FOR-US: OpenEMR
CVE-2024-26450 (Cross Site Scripting vulnerability in Piwigo before v.14.2.0
allows a ...)
- piwigo <removed>
CVE-2024-25869 (An Unrestricted File Upload vulnerability in CodeAstro
Membership Mana ...)
@@ -89,35 +89,35 @@ CVE-2024-1468 (The Avada | Website Builder For WordPress &
WooCommerce theme for
CVE-2024-1437 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2024-1435 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1434 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1341 (The Advanced iFrame plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0689 (The Custom Field Suite plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6090 (Unrestricted Upload of File with Dangerous Type vulnerability
in Molli ...)
- TODO: check
+ NOT-FOR-US: WooCommerce plugin
CVE-2023-5617 (Hitachi Vantara Pentaho Data Integration & Analytics versions
before 1 ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-51802 (Cross Site Scripting (XSS) vulnerability in the Simple Student
Attenda ...)
- TODO: check
+ NOT-FOR-US: Simple Student Attendance System
CVE-2023-51801 (SQL Injection vulnerability in the Simple Student Attendance
System v. ...)
- TODO: check
+ NOT-FOR-US: Simple Student Attendance System
CVE-2023-51800 (Cross Site Scripting (XSS) vulnerability in School Fees
Management Sys ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-51696 (Cross-Site Request Forgery (CSRF) vulnerability in
\u0421leanTalk - An ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51531 (Cross-Site Request Forgery (CSRF) vulnerability in Thrive
Themes Thriv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51530 (Cross-Site Request Forgery (CSRF) vulnerability in GS Plugins
Logo Sli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51529 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes
HT Mega \ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51528 (Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin
AI Powe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50905 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50437 (An issue was discovered in Couchbase Server before 7.2.x
before 7.2.4. ...)
NOT-FOR-US: Couchbase Server
CVE-2023-50436 (An issue was discovered in Couchbase Server before 7.2.4.
ns_server ad ...)
@@ -131,13 +131,13 @@ CVE-2023-49930 (An issue was discovered in Couchbase
Server before 7.2.4. cURL c
CVE-2023-49338 (Couchbase Server 7.1.x and 7.2.x before 7.2.4 does not require
authent ...)
NOT-FOR-US: Couchbase Server
CVE-2023-47874 (Missing Authorization vulnerability in Perfmatters.This issue
affects ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45874 (An issue was discovered in Couchbase Server through 7.2.2. A
data read ...)
NOT-FOR-US: Couchbase Server
CVE-2023-45873 (An issue was discovered in Couchbase Server through 7.2.2. A
data read ...)
NOT-FOR-US: Couchbase Server
CVE-2023-45859 (In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through
5.0.5, 5.1 ...)
- TODO: check
+ - hazelcast <itp> (bug #745640)
CVE-2023-43769 (An issue was discovered in Couchbase Server through 7.1.4
before 7.1.5 ...)
NOT-FOR-US: Couchbase Server
CVE-2023-38372 (An unauthorized attacker who has obtained an IBM Watson IoT
Platform 1 ...)
@@ -339,7 +339,7 @@ CVE-2023-52226 (Cross-Site Request Forgery (CSRF)
vulnerability in Advanced Flam
CVE-2023-52223 (Cross-Site Request Forgery (CSRF) vulnerability in MailerLite
MailerLi ...)
NOT-FOR-US: WordPress plugin
CVE-2023-52048 (RuoYi v4.7.8 was discovered to contain a cross-site scripting
(XSS) vu ...)
- TODO: check
+ NOT-FOR-US: RuoYi
CVE-2023-52047 (Dedecms v5.7.112 was discovered to contain a Cross-Site
Request Forger ...)
NOT-FOR-US: Dedecms
CVE-2023-51692 (Missing Authorization vulnerability in CusRev Customer Reviews
for Woo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/330c3813fc6a04448dcbb97e6f2c8d755c29099b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/330c3813fc6a04448dcbb97e6f2c8d755c29099b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
