Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c8dc491d by Moritz Muehlenhoff at 2024-05-10T10:18:56+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -39,7 +39,7 @@ CVE-2024-4571
CVE-2024-4567 (The Themify Shortcodes plugin for WordPress is vulnerable to
Stored Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4545 (All versions of EnterpriseDB Postgres Advanced Server (EPAS)
from 15.0 ...)
- TODO: check
+ NOT-FOR-US: EnterpriseDB
CVE-2024-4542 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for
WordPre ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4463 (The Squelch Tabs and Accordions Shortcodes plugin for WordPress
is vul ...)
@@ -138,9 +138,9 @@ CVE-2024-3068 (The Custom Field Suite plugin for WordPress
is vulnerable to Stor
CVE-2024-34559 (Insertion of Sensitive Information into Log File vulnerability
in Ghos ...)
NOT-FOR-US: WordPress plugin
CVE-2024-34557 (Cross-Site Request Forgery (CSRF) vulnerability in UkrSolution
Barcode ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34556 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34550 (Insertion of Sensitive Information into Log File vulnerability
in Alex ...)
NOT-FOR-US: WordPress plugin
CVE-2024-34549 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
@@ -192,15 +192,15 @@ CVE-2024-34417 (Improper Neutralization of Input During
Web Page Generation ('Cr
CVE-2024-34415 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2024-34354 (CMSaaSStarter is a SaaS template/boilerplate built with
SvelteKit, Tai ...)
- TODO: check
+ NOT-FOR-US: CMSaaSStarter
CVE-2024-34352 (1Panel is an open source Linux server operation and
maintenance manage ...)
- TODO: check
+ NOT-FOR-US: 1Panel
CVE-2024-34351 (Next.js is a React framework that can provide building blocks
to creat ...)
- TODO: check
+ NOT-FOR-US: Next.js
CVE-2024-34350 (Next.js is a React framework that can provide building blocks
to creat ...)
- TODO: check
+ NOT-FOR-US: Next.js
CVE-2024-34345 (The CycloneDX JavaScript library contains the core
functionality of OW ...)
- TODO: check
+ NOT-FOR-US: CycloneDX
CVE-2024-34338 (A Blind command injection vulnerability in Tenda O3V2
V1.0.0.12 and ea ...)
NOT-FOR-US: Tenda
CVE-2024-34220 (Sourcecodester Human Resource Management System 1.0 is
vulnerable to S ...)
@@ -214,7 +214,7 @@ CVE-2024-34217 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was
discovered to contain
CVE-2024-34215 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
NOT-FOR-US: TOTOLINK
CVE-2024-34213 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34212 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a stac ...)
NOT-FOR-US: TOTOLINK
CVE-2024-34211 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to
contain a hard ...)
@@ -252,27 +252,27 @@ CVE-2024-33874 (HDF5 Library through 1.14.3 has a heap
buffer overflow in H5O__m
CVE-2024-33873 (HDF5 Library through 1.14.3 has a heap-based buffer overflow
in H5D__s ...)
TODO: check
CVE-2024-33454 (Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote
attacke ...)
- TODO: check
+ NOT-FOR-US: esp-idf
CVE-2024-32874 (Frigate is a network video recorder (NVR) with realtime local
object d ...)
- TODO: check
+ NOT-FOR-US: Frigate
CVE-2024-32739 (A sql injection vulnerability exists in CyberPower PowerPanel
Enterpri ...)
- TODO: check
+ NOT-FOR-US: CyberPower PowerPanel
CVE-2024-32738 (A sql injection vulnerability exists in CyberPower PowerPanel
Enterpri ...)
- TODO: check
+ NOT-FOR-US: CyberPower PowerPanel
CVE-2024-32737 (A sql injection vulnerability exists in CyberPower PowerPanel
Enterpri ...)
- TODO: check
+ NOT-FOR-US: CyberPower PowerPanel
CVE-2024-32736 (A sql injection vulnerability exists in CyberPower PowerPanel
Enterpri ...)
- TODO: check
+ NOT-FOR-US: CyberPower PowerPanel
CVE-2024-32735 (An issue regarding missing authentication for certain
utilities exists ...)
- TODO: check
+ NOT-FOR-US: CyberPower PowerPanel
CVE-2024-32724 (Missing Authorization vulnerability in Woo product importer
Sharkdrops ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32719 (Missing Authorization vulnerability in WP Club Manager.This
issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32717 (Missing Authorization vulnerability in WPDeveloper
SchedulePress.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32712 (Missing Authorization vulnerability in Podlove Podlove Podcast
Publish ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32655 (Npgsql is the .NET data provider for PostgreSQL. In 8.0.2 and
earlier, ...)
TODO: check
CVE-2024-32624 (HDF5 Library through 1.14.3 contains a heap-based buffer
overflow in H ...)
@@ -314,13 +314,13 @@ CVE-2024-32606 (HDF5 Library through 1.14.3 may attempt
to dereference uninitial
CVE-2024-32605 (HDF5 Library through 1.14.3 has a heap-based buffer over-read
in H5VM_ ...)
TODO: check
CVE-2024-31954 (An issue was discovered in the installer in Samsung Portable
SSD for T ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-31953 (An issue was discovered in Samsung Magician 8.0.0 on macOS.
Because it ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-31952 (An issue was discovered in Samsung Magician 8.0.0 on macOS.
Because sy ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-31803 (Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a
remote attack ...)
- TODO: check
+ NOT-FOR-US: emp-ot
CVE-2024-2923 (The Magical Addons For Elementor ( Header Footer Builder, Free
Element ...)
NOT-FOR-US: WordPress plugin
CVE-2024-2846 (The Visual Footer Credit Remover plugin for WordPress is
vulnerable to ...)
@@ -330,7 +330,7 @@ CVE-2024-2785 (The The Plus Addons for Elementor plugin for
WordPress is vulnera
CVE-2024-2290 (The Advanced Ads plugin for WordPress is vulnerable to PHP
Object Inje ...)
NOT-FOR-US: WordPress plugin
CVE-2024-29800 (Deserialization of Untrusted Data vulnerability in Timber Team
& Contr ...)
- TODO: check
+ NOT-FOR-US: Timber
CVE-2024-29166 (HDF5 through 1.14.3 contains a buffer overflow in
H5O__linfo_decode, r ...)
TODO: check
CVE-2024-29165 (HDF5 through 1.14.3 contains a buffer overflow in
H5Z__filter_fletcher ...)
@@ -358,7 +358,7 @@ CVE-2024-24157 (Gnuboard g6 /
https://github.com/gnuboard/g6 commit c2cc1f5069e0
CVE-2024-23473 (The SolarWinds Access Rights Manager was found to contain a
hard-coded ...)
NOT-FOR-US: SolarWinds
CVE-2024-22910 (Cross Site Scripting (XSS) vulnerability in CrushFTP v.10.6.0
and v.10 ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2024-1693 (The SP Project & Document Manager plugin for WordPress is
vulnerable t ...)
NOT-FOR-US: WordPress plugin
CVE-2024-1467 (The Starter Templates \u2014 Elementor, WordPress & Beaver
Builder Tem ...)
@@ -1328,11 +1328,11 @@ CVE-2023-49676 (An unauthenticated local attacker may
trick a user to open corru
CVE-2023-49675 (An unauthenticated local attacker may trick a user to open
corrupted p ...)
NOT-FOR-US: CODESYS
CVE-2023-43531 (Memory corruption while verifying the serialized header when
the key p ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43530 (Memory corruption in HLOS while checking for the storage type.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43529 (Transient DOS while processing IKEv2 Informational request
messages, w ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-43528 (Information disclosure when the ADSP payload size received in
HLOS in ...)
TODO: check
CVE-2023-43527 (Information disclosure while parsing dts header atom in Video.)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8dc491d14937662a574f3ed33add18120812f22
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8dc491d14937662a574f3ed33add18120812f22
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
