Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8a84b909 by Salvatore Bonaccorso at 2024-05-09T23:02:38+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45,11 +45,11 @@ CVE-2024-4446 (The Content Views \u2013 Post Grid & Filter,
Recent Posts, Catego
CVE-2024-4441 (The XML Sitemap & Google News plugin for WordPress is
vulnerable to Lo ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4425 (The access control inCemiPark software stores integration (e.g.
FTP or ...)
- TODO: check
+ NOT-FOR-US: CemiPark software
CVE-2024-4424 (The access control inCemiPark software does not properly
validate user ...)
- TODO: check
+ NOT-FOR-US: CemiPark software
CVE-2024-4423 (The access control inCemiPark software does not properly
validate user ...)
- TODO: check
+ NOT-FOR-US: CemiPark software
CVE-2024-4411 (The Mihdan: Yandex Turbo Feed plugin for WordPress is
vulnerable to St ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4397 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress
is vul ...)
@@ -121,71 +121,71 @@ CVE-2024-3680 (The Enter Addons \u2013 Ultimate Template
Builder for Elementor p
CVE-2024-3595 (The Pure Chat \u2013 Live Chat Plugin & More! plugin for
WordPress is ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3461 (KioWare for Windows (versions all through 8.35)allows to brute
force t ...)
- TODO: check
+ NOT-FOR-US: KioWare for Windows
CVE-2024-3460 (In KioWare for Windows (versions all through 8.34)it is
possible to ex ...)
- TODO: check
+ NOT-FOR-US: KioWare for Windows
CVE-2024-3459 (KioWare for Windows (versions allthrough 8.34)allows to escape
the env ...)
- TODO: check
+ NOT-FOR-US: KioWare for Windows
CVE-2024-3070 (The Last Viewed Posts by WPBeginner plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3068 (The Custom Field Suite plugin for WordPress is vulnerable to
Stored Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2024-34559 (Insertion of Sensitive Information into Log File vulnerability
in Ghos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34557 (Cross-Site Request Forgery (CSRF) vulnerability in UkrSolution
Barcode ...)
TODO: check
CVE-2024-34556 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
TODO: check
CVE-2024-34550 (Insertion of Sensitive Information into Log File vulnerability
in Alex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34549 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34445 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34441 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34439 (Cross-Site Request Forgery (CSRF) vulnerability in divSpot DS
Site Mes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34437 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34436 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34433 (Deserialization of Untrusted Data vulnerability in OCDI One
Click Demo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34432 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34431 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34430 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34429 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34428 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34427 (Cross-Site Request Forgery (CSRF) vulnerability in Huseyin
Berberoglu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34426 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34425 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34424 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34423 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34422 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34421 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34420 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34419 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34418 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34417 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34415 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34354 (CMSaaSStarter is a SaaS template/boilerplate built with
SvelteKit, Tai ...)
TODO: check
CVE-2024-34352 (1Panel is an open source Linux server operation and
maintenance manage ...)
@@ -197,45 +197,45 @@ CVE-2024-34350 (Next.js is a React framework that can
provide building blocks to
CVE-2024-34345 (The CycloneDX JavaScript library contains the core
functionality of OW ...)
TODO: check
CVE-2024-34338 (A Blind command injection vulnerability in Tenda O3V2
V1.0.0.12 and ea ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-34220 (Sourcecodester Human Resource Management System 1.0 is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Human Resource Management System
CVE-2024-34219 (TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to
contain a vuln ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34218 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was
discovered to co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34217 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34215 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34213 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
TODO: check
CVE-2024-34212 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34211 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a hard ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34210 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was
discovered to co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34209 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34207 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34206 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was
discovered to co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34205 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34204 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was
discovered to co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34203 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34202 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34201 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34200 (TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to
contain a ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34074 (Frappe is a full-stack web application framework. Prior to
15.26.0 and ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2024-33877 (HDF5 Library through 1.14.3 has a heap-based buffer overflow
in H5T__c ...)
TODO: check
CVE-2024-33876 (HDF5 Library through 1.14.3 has a heap buffer overflow in
H5S__point_d ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a84b909ab71236e573f6aaa5a87c1069135a280
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a84b909ab71236e573f6aaa5a87c1069135a280
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
