Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fa5c0f7c by Salvatore Bonaccorso at 2024-04-25T09:23:57+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -82,7 +82,7 @@ CVE-2024-4066 (A vulnerability classified as critical has
been found in Tenda AC
CVE-2024-3371 (MongoDB Compass may accept and use insufficiently validated
input from ...)
TODO: check
CVE-2024-3261 (The Strong Testimonials WordPress plugin before 3.1.12 does not
valida ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33531 (cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all
JWT-parsi ...)
TODO: check
CVE-2024-32958 (Cross-Site Request Forgery (CSRF) vulnerability in Giorgos
Sarigiannid ...)
@@ -208,21 +208,21 @@ CVE-2024-32678 (Missing Authorization vulnerability in
TrackShip TrackShip for W
CVE-2024-32677 (Missing Authorization vulnerability in LoginPress LoginPress
Pro.This ...)
NOT-FOR-US: WordPress plugin
CVE-2024-32675 (Missing Authorization vulnerability in Xfinity Soft Order
Limit for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32662 (FreeRDP is a free implementation of the Remote Desktop
Protocol. FreeR ...)
TODO: check
CVE-2024-32432 (Missing Authorization vulnerability in Ovic Team Ovic Addon
Toolkit.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32078 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32051 (Insertion of sensitive information into log file issue exists
in RoamW ...)
- TODO: check
+ NOT-FOR-US: RoamWiFi
CVE-2024-31616 (An issue discovered in RG-RSR10-01G-T(W)-S and
RG-RSR10-01G-T(WA)-S ro ...)
TODO: check
CVE-2024-31406 (Active debug code vulnerability exists in RoamWiFi R10 prior
to 4.8.45 ...)
- TODO: check
+ NOT-FOR-US: RoamWiFi
CVE-2024-30886 (A stored cross-site scripting (XSS) vulnerability in the
remotelink fu ...)
- TODO: check
+ NOT-FOR-US: HadSky
CVE-2024-2972 (The Floating Chat Widget: Contact Chat Icons, WhatsApp,
Telegram Chat, ...)
TODO: check
CVE-2024-2404 (The Better Comments WordPress plugin before 1.5.6 does not
sanitise an ...)
@@ -230,15 +230,15 @@ CVE-2024-2404 (The Better Comments WordPress plugin
before 1.5.6 does not saniti
CVE-2024-2402 (The Better Comments WordPress plugin before 1.5.6 does not
sanitise an ...)
TODO: check
CVE-2024-28977 (Dell Repository Manager, versions 3.4.2 through 3.4.4,contains
a Path ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28976 (Dell Repository Manager, versions prior to 3.4.5, contains a
Path Trav ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28963 (Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a
sensitive ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28825 (Improper restriction of excessive authentication attempts on
some auth ...)
TODO: check
CVE-2024-28613 (SQL Injection vulnerability in PHP Task Management System
v.1.0 allows ...)
- TODO: check
+ NOT-FOR-US: PHP Task Management System
CVE-2024-27791 (The issue was addressed with improved checks. This issue is
fixed in i ...)
TODO: check
CVE-2024-27537
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa5c0f7c0cdc5f001350031443a630450e27c77b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa5c0f7c0cdc5f001350031443a630450e27c77b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
