Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3f4e1bc2 by Salvatore Bonaccorso at 2024-04-15T14:13:04+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,15 +21,15 @@ CVE-2024-3768 (A vulnerability, which was classified as
critical, has been found
CVE-2024-3767 (A vulnerability classified as critical was found in PHPGurukul
News Po ...)
NOT-FOR-US: PHPGurukul News Portal
CVE-2024-3766 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: slowlyo OwlAdmin
CVE-2024-3765 (A vulnerability classified as critical was found in Xiongmai
AHB7804R- ...)
NOT-FOR-US: Xiongmai
CVE-2024-3764 (A vulnerability classified as problematic has been found in
Tuya Camer ...)
- TODO: check
+ NOT-FOR-US: Tuya Camera
CVE-2024-3763 (A vulnerability was found in Emlog Pro 2.2.10. It has been
rated as pr ...)
- TODO: check
+ NOT-FOR-US: Emlog Pro
CVE-2024-3762 (A vulnerability was found in Emlog Pro 2.2.10. It has been
declared as ...)
- TODO: check
+ NOT-FOR-US: Emlog Pro
CVE-2024-3701 (The system application (com.transsion.kolun.aiservice)
component does ...)
TODO: check
CVE-2024-3505 (JFrog Artifactory Self-Hosted versions below 7.77.3, are
vulnerable to ...)
@@ -113,23 +113,23 @@ CVE-2024-32098 (Improper Neutralization of Special
Elements used in an SQL Comma
CVE-2024-32087 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2024-32082 (Cross-Site Request Forgery (CSRF) vulnerability in kp4coder
Sync Post ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32079 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31093 (Cross-Site Request Forgery (CSRF) vulnerability in Kaloyan K.
Tsvetkov ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31086 (Cross-Site Request Forgery (CSRF) vulnerability in Venugopal
Change de ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30545 (Cross-Site Request Forgery (CSRF) vulnerability in Nick Powers
Social ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2858 (The Simple Buttons Creator WordPress plugin through 1.04 does
not have ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2857 (The Simple Buttons Creator WordPress plugin through 1.04 does
not have ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2836 (The Social Share, Social Login and Social Comments Plugin
WordPress p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2739 (The Advanced Search WordPress plugin through 1.1.6 does not
have CSRF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29844 (Default credentials on the Web Interface of Evolution
Controller 2.x ( ...)
TODO: check
CVE-2024-29843 (The Web interface of Evolution Controller Versions
2.04.560.31.03.2024 ...)
@@ -151,39 +151,39 @@ CVE-2024-29836 (The Web interface of Evolution Controller
Versions 2.04.560.31.0
CVE-2024-27462
REJECTED
CVE-2024-1849 (The WP Customer Reviews WordPress plugin before 3.7.1 does not
validat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1846 (The Responsive Tabs WordPress plugin before 4.0.7 does not
validate an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1755 (The NPS computy WordPress plugin through 2.7.5 does not have
CSRF chec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1754 (The NPS computy WordPress plugin through 2.7.5 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1746 (The Testimonial Slider WordPress plugin before 2.3.8 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1712 (The Carousel Slider WordPress plugin before 2.2.7 does not
sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1660 (The Top Bar WordPress plugin before 3.0.5 does not sanitise and
escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1655 (Certain ASUS WiFi routers models has an OS Command Injection
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: ASUS WiFi routers
CVE-2024-1310 (The WooCommerce WordPress plugin before 8.6 does not prevent
users wit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1307 (The Smart Forms WordPress plugin before 2.6.94 does not have
proper a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1306 (The Smart Forms WordPress plugin before 2.6.94 does not have
CSRF che ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1204 (The Meta Box WordPress plugin before 5.9.4 does not prevent
users wit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0902 (The Fancy Product Designer WordPress plugin before 6.1.81 does
not san ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0399 (The WooCommerce Customers Manager WordPress plugin before 29.7
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7201 (The Everest Backup WordPress plugin before 2.2.5 does not
properly va ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6067 (The WP User Profile Avatar WordPress plugin through 1.0.1 does
not val ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52144 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3508
NOT-FOR-US: Bombastic's use of bzip2
CVE-2024-3651 [potential DoS via resource consumption via specially crafted
inputs to idna.encode()]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f4e1bc22728a05f219cccd00eec36c912529a66
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f4e1bc22728a05f219cccd00eec36c912529a66
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
