Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8cdf05aa by Salvatore Bonaccorso at 2024-04-12T22:23:37+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,157 +1,157 @@
CVE-2024-3707 (Information exposure vulnerability in OpenGnsys affecting
version 1.1. ...)
- TODO: check
+ NOT-FOR-US: OpenGnsys
CVE-2024-3706 (Information exposure vulnerability in OpenGnsys affecting
version 1.1. ...)
- TODO: check
+ NOT-FOR-US: OpenGnsys
CVE-2024-3705 (Unrestricted file upload vulnerability in OpenGnsys affecting
version ...)
- TODO: check
+ NOT-FOR-US: OpenGnsys
CVE-2024-3704 (SQL Injection Vulnerability has been found on OpenGnsys product
affect ...)
- TODO: check
+ NOT-FOR-US: OpenGnsys
CVE-2024-3698 (A vulnerability was found in Campcodes House Rental Management
System ...)
- TODO: check
+ NOT-FOR-US: Campcodes House Rental Management System
CVE-2024-3697 (A vulnerability was found in Campcodes House Rental Management
System ...)
- TODO: check
+ NOT-FOR-US: Campcodes House Rental Management System
CVE-2024-3696 (A vulnerability was found in Campcodes House Rental Management
System ...)
- TODO: check
+ NOT-FOR-US: Campcodes House Rental Management System
CVE-2024-3695 (A vulnerability has been found in SourceCodester Computer
Laboratory M ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Computer Laboratory Management System
CVE-2024-3691 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Small CRM
CVE-2024-3690 (A vulnerability classified as critical was found in PHPGurukul
Small C ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Small CRM
CVE-2024-3689 (A vulnerability classified as problematic has been found in
Zhejiang L ...)
- TODO: check
+ NOT-FOR-US: Zhejiang Land Zongheng Network Technology O2OA
CVE-2024-3688 (A vulnerability was found in Xiamen Four-Faith RMP Router
Management P ...)
- TODO: check
+ NOT-FOR-US: Xiamen Four-Faith RMP Router Management Platform
CVE-2024-3687 (A vulnerability was found in bihell Dice 3.1.0 and classified
as probl ...)
- TODO: check
+ NOT-FOR-US: bihell Dice
CVE-2024-3686 (A vulnerability has been found in DedeCMS 5.7.112-UTF8 and
classified ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3685 (A vulnerability, which was classified as critical, was found in
DedeCM ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3211 (The Shopping Cart & eCommerce Store plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3054 (WPvivid Backup & Migration Plugin for WordPress is vulnerable
to PHAR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32000 (matrix-appservice-irc is a Node.js IRC bridge for the Matrix
messaging ...)
TODO: check
CVE-2024-31839 (Cross Site Scripting vulnerability in tiagorlampert CHAOS
v.5.0.1 allo ...)
- TODO: check
+ NOT-FOR-US: tiagorlampert CHAOS
CVE-2024-31818 (Directory Traversal vulnerability in DerbyNet v.9.0 allows a
remote at ...)
- TODO: check
+ NOT-FOR-US: DerbyNet
CVE-2024-31372 (Cross-Site Request Forgery (CSRF) vulnerability in Arnan de
Gans No-Bo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31371 (Cross-Site Request Forgery (CSRF) vulnerability in Xylus
Themes WP Eve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31364 (Cross-Site Request Forgery (CSRF) vulnerability in
ELEXtensions ELEX W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31363 (Cross-Site Request Forgery (CSRF) vulnerability in
LifterLMS.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31362 (Cross-Site Request Forgery (CSRF) vulnerability in Metagauss
ProfileGr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31360 (Cross-Site Request Forgery (CSRF) vulnerability in Coded
Commerce, LLC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31354 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant
Slideshow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31305 (Cross-Site Request Forgery (CSRF) vulnerability in rtCamp
Transcoder.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31303 (Cross-Site Request Forgery (CSRF) vulnerability in Fetch
Designs Sign- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31301 (Cross-Site Request Forgery (CSRF) vulnerability in Themeisle
Multiple ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31293 (Cross-Site Request Forgery (CSRF) vulnerability in Easy
Digital Downlo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31289 (Cross-Site Request Forgery (CSRF) vulnerability in Elementor
Hello Ele ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31279 (Cross-Site Request Forgery (CSRF) vulnerability in Catch
Plugins Gener ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31272 (Cross-Site Request Forgery (CSRF) vulnerability in Repute
InfoSystems ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31271 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic
Ultimate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31269 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic
Easy Goog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31268 (Cross-Site Request Forgery (CSRF) vulnerability in AppPresser
Team App ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31265 (Cross-Site Request Forgery (CSRF) vulnerability in SumoMe
Sumo.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31264 (Unauthenticated Cross Site Request Forgery (CSRF) in Post
Views Counte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31263 (Cross-Site Request Forgery (CSRF) vulnerability in aerin Loan
Repaymen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31262 (Cross-Site Request Forgery (CSRF) vulnerability in Jcodex
WooCommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31251 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo
Community by ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31250 (Cross-Site Request Forgery (CSRF) vulnerability in Saumya
Majumder WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31239 (Cross-Site Request Forgery (CSRF) vulnerability in Nudgify
Nudgify Soc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31238 (Cross-Site Request Forgery (CSRF) vulnerability in Zaytech
Smart Onlin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31235 (Cross-Site Request Forgery (CSRF) vulnerability in WebToffee
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31069 (IO-1020 Micro ELD web server uses a default password for
authenticatio ...)
- TODO: check
+ NOT-FOR-US: IO-1020 Micro ELD web server
CVE-2024-30845 (Cross Site Scripting vulnerability in Rainbow external link
network di ...)
- TODO: check
+ NOT-FOR-US: Rainbow external link network disk
CVE-2024-30410 (An Incorrect Behavior Order in the routing engine (RE) of
Juniper Netw ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30409 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30407 (The Use of a Hard-coded Cryptographic Key vulnerability in
Juniper Net ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30406 (A Cleartext Storage in a File on Disk vulnerability in Juniper
Network ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30405 (An Incorrect Calculation of Buffer Size vulnerability in
Juniper Netwo ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30403 (A NULL Pointer Dereference vulnerability in the Packet
Forwarding Engi ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30402 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30401 (An Out-of-bounds Read vulnerability in the advanced forwarding
managem ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30398 (An Improper Restriction of Operations within the Bounds of a
Memory Bu ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30397 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30395 (AnImproper Validation of Specified Type of Input vulnerability
in Rout ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30394 (AStack-based Buffer Overflow vulnerability in the Routing
Protocol Dae ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30392 (A Stack-based Buffer Overflow vulnerability in Flow Processing
Daemon ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30391 (A Missing Authentication for Critical Function vulnerability
in the Pa ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30390 (An Improper Restriction of Excessive Authentication Attempts
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30389 (An Incorrect Behavior Order vulnerability in the Packet
Forwarding Eng ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30388 (An Improper Isolation or Compartmentalization vulnerability in
the Pac ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30387 (AMissing Synchronization vulnerability in the Packet
Forwarding Engine ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30386 (A Use-After-Free vulnerability in theLayer 2 Address Learning
Daemon ( ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30384 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30382 (An Improper Handling of Exceptional Conditions vulnerability
in the ro ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30381 (An Exposure of Sensitive Information to an Unauthorized Actor
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30210 (IO-1020 Micro ELD uses a default WIFI password that could
allow an adj ...)
- TODO: check
+ NOT-FOR-US: IO-1020 Micro ELD
CVE-2024-2397 (Due to a bug in packet data buffers management, the PPP printer
in tcp ...)
TODO: check
CVE-2024-29461 (An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a
remote a ...)
- TODO: check
+ NOT-FOR-US: Floodlight
CVE-2024-28878 (IO-1020 Micro ELD downloads source code or an executable from
an adja ...)
- TODO: check
+ NOT-FOR-US: IO-1020 Micro ELD
CVE-2024-28718 (An issue in OpenStack magnum yoga-eom version allows a remote
attacker ...)
TODO: check
CVE-2024-27261 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2
could al ...)
NOT-FOR-US: IBM
CVE-2024-25545 (An issue in Weave Weave Desktop v.7.78.10 allows a local
attacker to e ...)
- TODO: check
+ NOT-FOR-US: Weave Weave Desktop
CVE-2024-22359 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through
7.1.2.16, ...)
NOT-FOR-US: IBM
CVE-2024-22358 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through
7.1.2.16, ...)
@@ -161,31 +161,31 @@ CVE-2024-22339 (IBM UrbanCode Deploy (UCD) 7.0 through
7.0.5.20, 7.1 through 7.1
CVE-2024-22334 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through
7.1.2.16, ...)
NOT-FOR-US: IBM
CVE-2024-21618 (An Access of Memory Location After End of Buffer vulnerability
in the ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21615 (An Incorrect Default Permissions vulnerability in Juniper
Networks Jun ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21610 (An Improper Handling of Exceptional Conditions vulnerability
in the Cl ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21609 (A Missing Release of Memory after Effective Lifetime
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21605 (An Exposure of Resource to Wrong Sphere vulnerability in the
Packet Fo ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21598 (An Improper Validation of Syntactic Correctness of Input
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21593 (An Improper Check or Handling of Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21590 (An Improper Input Validation vulnerability in Juniper Tunnel
Driver (j ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-0157 (Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a
Session ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-52211 (Missing Authorization vulnerability in Automattic WP Job
Manager.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51515 (Missing Authorization vulnerability in Undsgn Uncode Core
allows Privi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51499 (Missing Authorization vulnerability in WooCommerce WooCommerce
Shippin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51409 (Unrestricted Upload of File with Dangerous Type vulnerability
in Jordy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47714 (IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0
through 6.1 ...)
NOT-FOR-US: IBM
CVE-2024-31391 (Insertion of Sensitive Information into Log File vulnerability
in the ...)
@@ -115001,7 +115001,7 @@ CVE-2022-40215 (Multiple Authenticated Stored
Cross-Site Scripting (XSS) vulnera
CVE-2022-40213 (Multiple Authenticated (contributor+) Stored Cross-Site
Scripting (XSS ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40211 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40206 (Insecure direct object references (IDOR) vulnerability in the
wpForo F ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40205 (Insecure direct object references (IDOR) vulnerability in the
wpForo F ...)
@@ -303853,7 +303853,7 @@ CVE-2020-8008
CVE-2020-8007
RESERVED
CVE-2020-8006 (The server in Circontrol Raption through 5.11.2 has a
pre-authenticati ...)
- TODO: check
+ NOT-FOR-US: Circontrol Raption
CVE-2020-8005
RESERVED
CVE-2020-8004 (STMicroelectronics STM32F1 devices have Incorrect Access
Control.)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdf05aad806559606831b45d178a10aa35ca409
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdf05aad806559606831b45d178a10aa35ca409
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
