Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2fb6e3de by Salvatore Bonaccorso at 2024-04-17T11:17:58+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,9 +33,9 @@ CVE-2024-3660 (A arbitrary code injection vulnerability in
TensorFlow's Keras fr
CVE-2024-3367 (Argument injection in websphere_mq agent plugin in Checkmk
2.0.0, 2.1. ...)
- check-mk <removed>
CVE-2024-3243 (The Customer Reviews for WooCommerce plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3067 (The WooCommerce Google Feed Manager plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32634 (In huge memory get unmapped area check, code can never be
reached beca ...)
TODO: check
CVE-2024-32633 (An unsigned value can never be negative, so eMMC full disk
test will a ...)
@@ -47,39 +47,39 @@ CVE-2024-32631 (Out-of-Bounds read in ciCCIOTOPT in ASR180X
will cause incorrect
CVE-2024-32625 (In OffloadAMRWriter, a scalar field is not initialized so will
contain ...)
TODO: check
CVE-2024-32532 (Missing Authorization vulnerability in SiteGround Speed
Optimizer.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32525 (Missing Authorization vulnerability in Theme My Login.This
issue affec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32524 (Missing Authorization vulnerability in Nuggethon Custom Order
Statuses ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32522 (Missing Authorization vulnerability in Jaed Mosharraf &
Pluginbazar Te ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32520 (Missing Authorization vulnerability in WPClever WPC Grouped
Product fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32519 (Missing Authorization vulnerability in GutenGeek GG Woo Feed
for WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32518 (Missing Authorization vulnerability in Pepro Dev. Group
PeproDev Ultim ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32517 (Missing Authorization vulnerability in WooCommerce & WordPress
Tutoria ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32516 (Missing Authorization vulnerability in Palscode Multi Currency
For Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32515 (Missing Authorization vulnerability in Qamar Sheeraz, Nasir
Ahmad Mega ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32514 (Unrestricted Upload of File with Dangerous Type vulnerability
in Poll ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32513 (Insertion of Sensitive Information into Log File vulnerability
in AdTr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32509 (Missing Authorization vulnerability in Loopus WP Cost
Estimation & Pay ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32455 (Missing Authorization vulnerability in Very Good Plugins Fatal
Error N ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32256 (Phpgurukul Tourism Management System v2.0 is vulnerable to
Unrestricte ...)
- TODO: check
+ NOT-FOR-US: Phpgurukul Tourism Management System
CVE-2024-32254 (Phpgurukul Tourism Management System v2.0 is vulnerable to
Unrestricte ...)
- TODO: check
+ NOT-FOR-US: Phpgurukul Tourism Management System
CVE-2024-32086 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32027 (Kohya_ss is a GUI for Kohya's Stable Diffusion trainers.
Kohya_ss v22. ...)
TODO: check
CVE-2024-32026 (Kohya_ss is a GUI for Kohya's Stable Diffusion trainers.
Kohya_ss is v ...)
@@ -95,49 +95,49 @@ CVE-2024-32022 (Kohya_ss is a GUI for Kohya's Stable
Diffusion trainers. Kohya_s
CVE-2024-31887 (IBM Security Verify Privilege 11.6.25 could allow an
unauthenticated a ...)
NOT-FOR-US: IBM
CVE-2024-31760 (An issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows
an attac ...)
- TODO: check
+ NOT-FOR-US: flipped-aurora gin-vue-admin
CVE-2024-31759 (An issue in sanluan PublicCMS v.4.0.202302.e allows an
attacker to esc ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-31680 (File Upload vulnerability in Shibang Communications Co., Ltd.
IP netwo ...)
- TODO: check
+ NOT-FOR-US: Shibang Communications Co., Ltd. IP network intercom
broadcasting system
CVE-2024-31503 (Incorrect access control in Dolibarr ERP CRM versions 19.0.0
and befor ...)
TODO: check
CVE-2024-31452 (OpenFGA is a high-performance and flexible
authorization/permission en ...)
- TODO: check
+ NOT-FOR-US: OpenFGA
CVE-2024-31451 (DocsGPT is a GPT-powered chat for documentation. DocsGPT is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: DocsGPT
CVE-2024-31446 (OpenComputers is a Minecraft mod that adds programmable
computers and ...)
TODO: check
CVE-2024-30380 (An Improper Handling of Exceptional Conditions vulnerability
in Junipe ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30378 (A Use After Free vulnerability in command processing of
Juniper Networ ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30256 (Open WebUI is a user-friendly WebUI for LLMs. Open-webui is
vulnerable ...)
TODO: check
CVE-2024-2309 (The WP STAGING WordPress Backup Plugin WordPress plugin before
3.4.0, ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2118 (The Social Media Share Buttons & Social Sharing Icons WordPress
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2102 (The Salon booking system WordPress plugin before 9.6.3 does not
proper ...)
TODO: check
CVE-2024-2101 (The Salon booking system WordPress plugin before 9.6.3 does not
proper ...)
TODO: check
CVE-2024-29402 (cskefu v7 suffers from Insufficient Session Expiration, which
allows a ...)
- TODO: check
+ NOT-FOR-US: cskefu
CVE-2024-29291 (An issue in Laravel Framework 8 through 11 might allow a
remote attack ...)
TODO: check
CVE-2024-27086 (The MSAL library enabled acquisition of security tokens to
call protec ...)
TODO: check
CVE-2024-25911 (Missing Authorization vulnerability in Skymoon Labs
MoveTo.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-22440 (A potential security vulnerability has been identified in HPE
Compute ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2024-22354 (IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere
Applicatio ...)
NOT-FOR-US: IBM
CVE-2024-22329 (IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere
Applicatio ...)
NOT-FOR-US: IBM
CVE-2024-21676 (This High severity Injection vulnerability was introduced in
versions ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2024-21121 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
TODO: check
CVE-2024-21120 (Vulnerability in the Oracle Outside In Technology product of
Oracle Fu ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2fb6e3dec98a0799f8d097f2c3e84867521d7f54
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2fb6e3dec98a0799f8d097f2c3e84867521d7f54
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
