Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6aa435c8 by Salvatore Bonaccorso at 2024-03-28T21:36:11+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,91 +1,91 @@
CVE-2024-3042 (A vulnerability was found in SourceCodester Simple Subscription
Websit ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Simple Subscription Website
CVE-2024-3041 (A vulnerability has been found in Netentsec NS-ASG Application
Securit ...)
- TODO: check
+ NOT-FOR-US: Netentsec NS-ASG Application Security Gateway
CVE-2024-3040 (A vulnerability, which was classified as critical, was found in
Netent ...)
- TODO: check
+ NOT-FOR-US: Netentsec NS-ASG Application Security Gateway
CVE-2024-3039 (A vulnerability classified as critical has been found in
Shanghai Brad ...)
- TODO: check
+ NOT-FOR-US: Shanghai Brad Technology BladeX
CVE-2024-3019 (A flaw was found in PCP. The default pmproxy configuration
exposes the ...)
TODO: check
CVE-2024-31140 (In JetBrains TeamCity before 2024.03 server administrators
could remov ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31139 (In JetBrains TeamCity before 2024.03 xXE was possible in the
Maven bui ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31138 (In JetBrains TeamCity before 2024.03 xSS was possible via
Agent Distri ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31137 (In JetBrains TeamCity before 2024.03 reflected XSS was
possible via Sp ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31136 (In JetBrains TeamCity before 2024.03 2FA could be bypassed by
providin ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31135 (In JetBrains TeamCity before 2024.03 open redirect was
possible on the ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31134 (In JetBrains TeamCity before 2024.03 authenticated users
without admin ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31065 (Cross Site Scripting vulnerability in Insurance Mangement
System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-31064 (Cross Site Scripting vulnerability in Insurance Mangement
System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-31063 (Cross Site Scripting vulnerability in Insurance Mangement
System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-31062 (Cross Site Scripting vulnerability in Insurance Mangement
System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-31061 (Cross Site Scripting vulnerability in Insurance Mangement
System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-30612 (Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in
the dev ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30607 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in
the device ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30606 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in
the page p ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30604 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in
the list1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30603 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in
the urls p ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30602 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in
the schedS ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30601 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in
the time p ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30600 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in
the schedE ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30599 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in
the device ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30598 (Tenda FH1203 v2.0.1.6 firmware has a stack overflow
vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30597 (Tenda FH1203 v2.0.1.6 firmware has a stack overflow
vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30596 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30595 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30594 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30593 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
located ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30592 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30591 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30590 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30589 (Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30588 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30587 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30586 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30585 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30584 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30583 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30422 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30421 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelite
Events Man ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2947 (A flaw was found in Cockpit. Deleting a sosreport with a
crafted name ...)
TODO: check
CVE-2024-29898 (CreateWiki is Miraheze's MediaWiki extension for requesting &
creating ...)
@@ -97,73 +97,73 @@ CVE-2024-29896 (Astro-Shield is a library to compute the
subresource integrity h
CVE-2024-29882 (SRS is a simple, high-efficiency, real-time video server.
SRS's `/api/ ...)
TODO: check
CVE-2024-29200 (Kimai is a web-based multi-user time-tracking application. The
permiss ...)
- TODO: check
+ NOT-FOR-US: Kimai
CVE-2024-28713 (An issue in Mblog Blog system v.3.5.0 allows an attacker to
execute ar ...)
- TODO: check
+ NOT-FOR-US: Mblog Blog system
CVE-2024-28109 (veraPDF-library is a PDF/A validation library. Executing
policy checks ...)
- TODO: check
+ NOT-FOR-US: veraPDF-library
CVE-2024-28091 (Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D
RSE-TC8717T ...)
- TODO: check
+ NOT-FOR-US: Technicolor
CVE-2024-28090 (Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D
RSE-TC8717T ...)
- TODO: check
+ NOT-FOR-US: Technicolor
CVE-2024-27775 (SysAid before version 23.2.14 b18 -CWE-918: Server-Side
Request Forger ...)
- TODO: check
+ NOT-FOR-US: SysAid
CVE-2024-27719 (A cross site scripting (XSS) vulnerability in rems FAQ
Management Syst ...)
- TODO: check
+ NOT-FOR-US: rems FAQ Management System
CVE-2024-25971 (Dell PowerProtect Data Manager, version 19.15, contains an XML
Externa ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25963 (Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x
contains a use ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25961 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x
contains an imp ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25960 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x
contains a clea ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25959 (Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x
contains an ins ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25955 (Dell vApp Manager, versions prior to 9.2.4.9 contain a Command
Injecti ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25954 (Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x,
contain an in ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25953 (Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x
contains an UNI ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25952 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x
contains an UNI ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25946 (Dell vApp Manager, versions prior to 9.2.4.9 contain a Command
Injecti ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25506 (Cross Site Scripting vulnerability in Process Maker, Inc
ProcessMaker ...)
- TODO: check
+ NOT-FOR-US: Process Maker
CVE-2024-0259 (Fortra's Robot Schedule Enterprise Agent for Windows prior to
version ...)
- TODO: check
+ NOT-FOR-US: Fortra
CVE-2023-6437 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-45715 (The console may experience a service interruption when
processing file ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-45706 (An administrative user of WebReports may perform a Cross Site
Scriptin ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-45705 (An administrative user of WebReports may perform a Server Side
Request ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-42974 (A race condition was addressed with improved state handling.
This issu ...)
TODO: check
CVE-2023-42962 (This issue was addressed with improved checks This issue is
fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42947 (A path handling issue was addressed with improved validation.
This iss ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42936 (This issue was addressed with improved redaction of sensitive
informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42931 (The issue was addressed with improved checks. This issue is
fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42930 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42913 (This issue was addressed through improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42896 (An issue was addressed with improved handling of temporary
files. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42893 (A permissions issue was addressed by removing vulnerable code
and addi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42892 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-40390 (A privacy issue was addressed by moving sensitive data to a
protected ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-3024 (A vulnerability was found in appneta tcpreplay up to 4.4.4. It
has bee ...)
TODO: check
CVE-2024-3015 (A vulnerability classified as critical was found in
SourceCodester Sim ...)
@@ -243,49 +243,49 @@ CVE-2024-2998 (A vulnerability was found in Bdtask
Multi-Store Inventory Managem
CVE-2024-2997 (A vulnerability was found in Bdtask Multi-Store Inventory
Management S ...)
NOT-FOR-US: Bdtask Multi-Store Inventory Management System
CVE-2024-2890 (Unrestricted Upload of File with Dangerous Type vulnerability
in Tumul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2818 (An issue has been discovered in GitLab CE/EE affecting all
versions be ...)
TODO: check
CVE-2024-2111 (The Events Manager \u2013 Calendar, Bookings, Tickets, and
more! plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2110 (The Events Manager \u2013 Calendar, Bookings, Tickets, and
more! plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2091 (The Elementor Addon Elements plugin for WordPress is vulnerable
to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29241 (Missing authorization vulnerability in System webapi component
in Syno ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29240 (Missing authorization vulnerability in LayoutSave webapi
component in ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29239 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29238 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29237 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29236 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29235 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29234 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29233 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29232 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29231 (Improper validation of array index vulnerability in
UserPrivilege.Enum ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29230 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29229 (Missing authorization vulnerability in GetLiveViewPath webapi
componen ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29228 (Missing authorization vulnerability in GetStmUrlPath webapi
component ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29227 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29100 (Unrestricted Upload of File with Dangerous Type vulnerability
in Jordy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29090 (Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow
AI Engi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28016 (Improper Access Controlvulnerability in NEC Corporation Aterm
WG1800HP ...)
TODO: check
CVE-2024-28015 (Improper Neutralization of Special Elements used in an OS
Command vuln ...)
@@ -311,37 +311,37 @@ CVE-2024-28006 (Improper authentication vulnerability in
NEC Corporation Aterm W
CVE-2024-28005 (Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3,
WG1200HS2 ...)
TODO: check
CVE-2024-28004 (Missing Authorization vulnerability in ExtendThemes Colibri
Page Build ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28003 (Missing Authorization vulnerability in Megamenu Max Mega
Menu.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28002 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28001 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27999 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25924 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25923 (Insertion of Sensitive Information into Log File vulnerability
in Peep ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25599 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25354 (RegEx Denial of Service in domain-suffix 1.0.8 allows
attackers to cra ...)
TODO: check
CVE-2024-23500 (Server-Side Request Forgery (SSRF) vulnerability in Kadence WP
Gutenbe ...)
TODO: check
CVE-2024-22138 (Insertion of Sensitive Information into Log File vulnerability
in Sera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1770 (The Meta Tag Manager plugin for WordPress is vulnerable to PHP
Object ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0980 (The Auto-update service for Okta Verify for Windows is
vulnerable to t ...)
- TODO: check
+ NOT-FOR-US: Okta
CVE-2024-0677 (The Pz-LinkCard WordPress plugin through 2.5.1 does not prevent
users ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0673 (The Pz-LinkCard WordPress plugin through 2.5.1 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0672 (The Pz-LinkCard WordPress plugin through 2.5.1 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0079 (NVIDIA GPU Display Driver for Windows and Linux contains a
vulnerabili ...)
TODO: check
CVE-2024-0077 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU
plugin ...)
@@ -358,21 +358,21 @@ CVE-2023-52628 (In the Linux kernel, the following
vulnerability has been resolv
[bullseye] - linux 5.10.205-1
NOTE:
https://git.kernel.org/linus/fd94d9dadee58e09b49075240fe83423eb1dcd36 (6.6-rc1)
CVE-2023-52234 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52231 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50374 (Server-Side Request Forgery (SSRF) vulnerability in
NiteoThemes CMP \u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47438 (SQL Injection vulnerability in Reportico Till 8.1.0 allows
attackers t ...)
- TODO: check
+ NOT-FOR-US: Reportico Till
CVE-2023-39313 (Server-Side Request Forgery (SSRF) vulnerability in
ThemeFusion Avada. ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-39309 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36679 (Server-Side Request Forgery (SSRF) vulnerability in Brainstorm
Force S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34370 (Server-Side Request Forgery (SSRF) vulnerability in Brainstorm
Force S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30238 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2024-30186 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -1039,7 +1039,7 @@ CVE-2024-29684 (DedeCMS v5.7 was discovered to contain a
Cross-Site Request Forg
CVE-2024-29644 (Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and
before al ...)
NOT-FOR-US: dcat-admin
CVE-2024-29401 (xzs-mysql 3.8 is vulnerable to Insufficient Session
Expiration, which ...)
- TODO: check
+ NOT-FOR-US: xzs-mysql
CVE-2024-29203 (TinyMCE is an open source rich text editor. Across-site
scripting (XSS ...)
TODO: check
CVE-2024-29197 (Pimcore is an Open Source Data & Experience Management
Platform. Any c ...)
@@ -75634,7 +75634,7 @@ CVE-2023-0584 (The VK Blocks plugin for WordPress is
vulnerable to improper auth
CVE-2023-0583 (The VK Blocks plugin for WordPress is vulnerable to improper
authoriza ...)
NOT-FOR-US: VK Blocks plugin for WordPress
CVE-2023-0582 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: ForgeRock
CVE-2023-0581 (The PrivateContent plugin for WordPress is vulnerable to
protection me ...)
NOT-FOR-US: PrivateContent plugin for WordPress
CVE-2023-0580 (Insecure Storage of Sensitive Information vulnerability in ABB
My Cont ...)
@@ -92415,7 +92415,7 @@ CVE-2022-45852
CVE-2022-45851 (Missing Authorization vulnerability in ShareThis ShareThis
Dashboard f ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45850 (Cross-Site Request Forgery (CSRF) vulnerability in Nickys
Image Map Pr ...)
- TODO: check
+ NOT-FOR-US: Nickys Image Map
CVE-2022-45849 (Auth. (subscriber+) Reflected Cross-Site Scripting (XSS)
vulnerability ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45848 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability
inContest Gall ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6aa435c8023dd4abae4ad85bb47253c3137e8805
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6aa435c8023dd4abae4ad85bb47253c3137e8805
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
