Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d191669a by Salvatore Bonaccorso at 2024-04-25T09:16:38+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -86,127 +86,127 @@ CVE-2024-3261 (The Strong Testimonials WordPress plugin
before 3.1.12 does not v
CVE-2024-33531 (cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all
JWT-parsi ...)
TODO: check
CVE-2024-32958 (Cross-Site Request Forgery (CSRF) vulnerability in Giorgos
Sarigiannid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32956 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32955 (Server-Side Request Forgery (SSRF) vulnerability in
Foliovision FV Flo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32954 (Unrestricted Upload of File with Dangerous Type vulnerability
in Tribu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32953 (Insertion of Sensitive Information into Log File vulnerability
in News ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32952 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32951 (Missing Authorization vulnerability in BloomPixel Max Addons
Pro for B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32950 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32948 (Missing Authorization vulnerability in Repute Infosystems
ARMember.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32947 (Cross-Site Request Forgery (CSRF) vulnerability in
AlumniOnline Web Se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32879 (Python Social Auth is a social authentication/registration
mechanism. ...)
TODO: check
CVE-2024-32876 (NewPipe is an Android app for video streaming written in Java.
It supp ...)
- TODO: check
+ NOT-FOR-US: NewPipe Android app
CVE-2024-32875 (Hugo is a static site generator. Starting in version 0.123.0
and prior ...)
TODO: check
CVE-2024-32872 (Umbraco workflow provides workflows for the Umbraco content
management ...)
- TODO: check
+ NOT-FOR-US: Umbraco
CVE-2024-32869 (Hono is a Web application framework that provides support for
any Java ...)
- TODO: check
+ NOT-FOR-US: Hono
CVE-2024-32866 (Conform, a type-safe form validation library, allows the
parsing of ne ...)
TODO: check
CVE-2024-32836 (Unrestricted Upload of File with Dangerous Type vulnerability
in WP La ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32835 (Deserialization of Untrusted Data vulnerability in WebToffee
Import Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32834 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32833 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32825 (Insertion of Sensitive Information into Log File vulnerability
in Patr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32823 (Authorization Bypass Through User-Controlled Key vulnerability
in Feed ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32819 (Server-Side Request Forgery (SSRF) vulnerability in Culqi.This
issue a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32817 (Deserialization of Untrusted Data vulnerability in Import and
export u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32816 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32815 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32812 (Server-Side Request Forgery (SSRF) vulnerability in Podlove
Podlove Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32808 (Authorization Bypass Through User-Controlled Key vulnerability
in Meta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32806 (Cross-Site Request Forgery (CSRF) vulnerability in CoSchedule
Headline ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32803 (Server-Side Request Forgery (SSRF) vulnerability in 2day.Sk,
Webikon S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32801 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32796 (Insertion of Sensitive Information into Log File vulnerability
in Very ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32795 (Cross-Site Request Forgery (CSRF) vulnerability in Revmakx
WPCal.Io \u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32794 (Cross-Site Request Forgery (CSRF) vulnerability in Paid
Memberships Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32793 (Cross-Site Request Forgery (CSRF) vulnerability in Paid
Memberships Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32791 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32789 (Cross-Site Request Forgery (CSRF) vulnerability in Seers
allows Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32788 (Insertion of Sensitive Information into Log File vulnerability
in Fr\x ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32785 (Cross-Site Request Forgery (CSRF) vulnerability in Webangon
The Pack E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32782 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32781 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32780 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32775 (Server-Side Request Forgery (SSRF) vulnerability in Pavex
Embed Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32773 (Cross-Site Request Forgery (CSRF) vulnerability in WP Royal
Royal Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32772 (Authorization Bypass Through User-Controlled Key vulnerability
in Meta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32728 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs
Paid Mem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32726 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32723 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32722 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32721 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32718 (Server-Side Request Forgery (SSRF) vulnerability in Webangon
The Pack ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32716 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32711 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32710 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32709 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32707 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32706 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32702 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32699 (Cross-Site Request Forgery (CSRF) vulnerability in YITH YITH
WooCommer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32678 (Missing Authorization vulnerability in TrackShip TrackShip for
WooComm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32677 (Missing Authorization vulnerability in LoginPress LoginPress
Pro.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32675 (Missing Authorization vulnerability in Xfinity Soft Order
Limit for Wo ...)
TODO: check
CVE-2024-32662 (FreeRDP is a free implementation of the Remote Desktop
Protocol. FreeR ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d191669aa6800022fcd1f757e49a8787082e5ce9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d191669aa6800022fcd1f757e49a8787082e5ce9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
