Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
11611325 by Salvatore Bonaccorso at 2024-03-21T21:27:47+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
CVE-2024-2742 (Operating system command injection vulnerability in Planet
IGS-4215-16 ...)
- TODO: check
+ NOT-FOR-US: Planet IGS-4215-16T2S
CVE-2024-2741 (Cross-Site Request Forgery (CSRF) vulnerability in Planet
IGS-4215-16T ...)
- TODO: check
+ NOT-FOR-US: Planet IGS-4215-16T2S
CVE-2024-2740 (Information exposure vulnerability in Planet IGS-4215-16T2S,
affecting ...)
- TODO: check
+ NOT-FOR-US: Planet IGS-4215-16T2S
CVE-2024-2580 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2579 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2578 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2494 (A flaw was found in the RPC library APIs of libvirt. The RPC
server de ...)
TODO: check
CVE-2024-2465 (Open redirection vulnerability in CDeX applicationallows to
redirect u ...)
- TODO: check
+ NOT-FOR-US: CDeX
CVE-2024-2464 (This issue occurs during password recovery, where a difference
in mess ...)
- TODO: check
+ NOT-FOR-US: CDeX
CVE-2024-2463 (Weak password recovery mechanism in CDeX application allows to
retriev ...)
- TODO: check
+ NOT-FOR-US: CDeX
CVE-2024-29937 (NFS in a BSD derived codebase, as used in OpenBSD through 7.4
and Free ...)
TODO: check
CVE-2024-29916 (The dormakaba Saflok system before the November 2023 software
update a ...)
- TODO: check
+ NOT-FOR-US: dormakaba Saflok system
CVE-2024-29880 (In JetBrains TeamCity before 2023.11 users with access to the
agent ma ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-29879 (Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2,
through / ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29878 (Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2,
through / ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29877 (Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2,
through / ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29876 (SQL injection vulnerability in Sentrifugo 3.2, through
/sentrifugo/in ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29875 (SQL injection vulnerability in Sentrifugo 3.2, through
/sentrifugo/ind ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29874 (SQL injection vulnerability in Sentrifugo 3.2,
through/sentrifugo/inde ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29873 (SQL injection vulnerability in Sentrifugo 3.2,
through/sentrifugo/inde ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29872 (SQL injection vulnerability in Sentrifugo 3.2,
through/sentrifugo/inde ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29871 (SQL injection vulnerability in Sentrifugo 3.2, through
/sentrifugo/ind ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29870 (SQL injection vulnerability in Sentrifugo 3.2, through
/sentrifugo/ind ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2024-29866 (Datalust Seq before 2023.4.11151 and 2024 before 2024.1.11146
has Inco ...)
- TODO: check
+ NOT-FOR-US: Datalust Seq
CVE-2024-29732 (A SQL Injection has been found on SCAN_VISIO eDocument Suite
Web Viewe ...)
- TODO: check
+ NOT-FOR-US: SCAN_VISIO eDocument Suite Web Viewer of Abast
CVE-2024-29374 (A Cross-Site Scripting (XSS) vulnerability exists in the way
MOODLE 3. ...)
TODO: check
CVE-2024-29244 (Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was
discover ...)
@@ -57,77 +57,77 @@ CVE-2024-29243 (Shenzhen Libituo Technology Co., Ltd
LBT-T300-mini v1.2.9 was di
CVE-2024-29180 (Prior to versions 7.1.0, 6.1.2, and 5.3.4, the
webpack-dev-middleware ...)
TODO: check
CVE-2024-29019 (ESPHome is a system to control microcontrollers remotely
through Home ...)
- TODO: check
+ NOT-FOR-US: ESPHome
CVE-2024-28402 (TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored
Cross-s ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-27995 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27994 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27993 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27992 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27991 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27990 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27989 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27988 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27985 (Deserialization of Untrusted Data vulnerability in
PropertyHive.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27970 (Missing Authorization vulnerability in BogdanFix WP
SendFox.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27969 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27968 (Cross-Site Request Forgery (CSRF) vulnerability in Optimole
Super Page ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27967 (Cross-Site Request Forgery (CSRF) vulnerability in Michael
Leithold DS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27966 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27965 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27964 (Unrestricted Upload of File with Dangerous Type vulnerability
in Gesun ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27963 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27962 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27956 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27683 (D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a
stack-based buff ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-27277 (The private key for the IBM Storage Protect Plus Server 10.1.0
through ...)
NOT-FOR-US: IBM
CVE-2024-27190 (Missing Authorization vulnerability in Jean-David Daviet
Download Medi ...)
- TODO: check
+ NOT-FOR-US: Jean-David Daviet Download Media
CVE-2024-25935 (Missing Authorization vulnerability in Metagauss
RegistrationMagic.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25922 (Missing Authorization vulnerability in Peach Payments Peach
Payments G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25912 (Missing Authorization vulnerability in Skymoonlabs MoveTo.This
issue a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25908 (Missing Authorization vulnerability in JoomUnited WP Media
folder.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25907 (Missing Authorization vulnerability in JoomUnited WP Media
folder.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24883 (Missing Authorization vulnerability in BdThemes Prime Slider
\u2013 Ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24850 (Missing Authorization vulnerability in Mark Stockton Quicksand
Post Fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1727 (To prevent malicious 3rd party websites from making requests to
Gradio ...)
- TODO: check
+ NOT-FOR-US: Gradio
CVE-2023-51672 (Missing Authorization vulnerability in FunnelKit FunnelKit
Checkout.Th ...)
- TODO: check
+ NOT-FOR-US: FunnelKit
CVE-2023-51142 (An issue in ZKTeco BioTime v.8.5.4 and before allows a remote
attacker ...)
- TODO: check
+ NOT-FOR-US: ZKTeco BioTime
CVE-2023-51141 (An issue in ZKTeko BioTime v.8.5.4 and before allows a remote
attacker ...)
- TODO: check
+ NOT-FOR-US: ZKTeco BioTime
CVE-2023-49837 (Uncontrolled Resource Consumption vulnerability in David
Artiss Code E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47715 (IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could
allow an ...)
NOT-FOR-US: IBM
CVE-2024-26643 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
@@ -239,11 +239,11 @@ CVE-2024-1148 (Weak access control in OpenText PVCS
Version Manager allows poten
CVE-2024-1147 (Weak access control in OpenText PVCS Version Manager allows
potential ...)
NOT-FOR-US: OpenText
CVE-2023-48903 (Stored Cross-Site Scripting (XSS) vulnerability in tramyardg
autoexpre ...)
- TODO: check
+ NOT-FOR-US: tramyardg autoexpress
CVE-2023-48902 (An issue was discovered in tramyardg autoexpress version
1.3.0, allows ...)
- TODO: check
+ NOT-FOR-US: tramyardg autoexpress
CVE-2023-48901 (A SQL injection vulnerability in tramyardg Autoexpress version
1.3.0, ...)
- TODO: check
+ NOT-FOR-US: tramyardg autoexpress
CVE-2024-2721 (Deserialization of Untrusted Data vulnerability in Social Media
Share ...)
NOT-FOR-US: WordPress plugin
CVE-2024-2716 (A vulnerability was found in Campcodes Complete Online DJ
Booking Syst ...)
@@ -65289,7 +65289,7 @@ CVE-2023-27609
CVE-2023-27608
RESERVED
CVE-2023-27607 (Missing Authorization vulnerability in WP Swings Points and
Rewards fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-27606 (Cross-Site Request Forgery (CSRF) vulnerability in Sajjad
Hossain WP R ...)
NOT-FOR-US: WordPress plugin
CVE-2023-27605 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -83494,7 +83494,7 @@ CVE-2022-47606 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2022-47605 (Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404
Pro plug ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47604 (Missing Authorization vulnerability in junkcoder,
ristoniinemets AJAX ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47603 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
wpdevart ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47602 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -94995,7 +94995,7 @@ CVE-2022-44635 (Apache Fineract allowed an
authenticated user to perform remote
CVE-2022-44634 (Auth. (admin+) Arbitrary File Read vulnerability in S2W \u2013
Import ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44633 (Missing Authorization vulnerability in YITH YITH WooCommerce
Gift Card ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-44632 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Deni ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44631 (Auth. (author+) Stored Cross-Site Scripting (XSS)
vulnerability in 1ap ...)
@@ -95254,7 +95254,7 @@ CVE-2022-44597
CVE-2022-44596
RESERVED
CVE-2022-44595 (Improper Authentication vulnerability in Melapress WP 2FA
allows Authe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-44594 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Code ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44593
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/116113250b1374f0bb3a338702b0844b8ba8b218
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/116113250b1374f0bb3a338702b0844b8ba8b218
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
