Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: c8dc491d by Moritz Muehlenhoff at 2024-05-10T10:18:56+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -39,7 +39,7 @@ CVE-2024-4571 CVE-2024-4567 (The Themify Shortcodes plugin for WordPress is vulnerable to Stored Cr ...) NOT-FOR-US: WordPress plugin CVE-2024-4545 (All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 ...) - TODO: check + NOT-FOR-US: EnterpriseDB CVE-2024-4542 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...) NOT-FOR-US: WordPress plugin CVE-2024-4463 (The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vul ...) @@ -138,9 +138,9 @@ CVE-2024-3068 (The Custom Field Suite plugin for WordPress is vulnerable to Stor CVE-2024-34559 (Insertion of Sensitive Information into Log File vulnerability in Ghos ...) NOT-FOR-US: WordPress plugin CVE-2024-34557 (Cross-Site Request Forgery (CSRF) vulnerability in UkrSolution Barcode ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34556 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34550 (Insertion of Sensitive Information into Log File vulnerability in Alex ...) NOT-FOR-US: WordPress plugin CVE-2024-34549 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) @@ -192,15 +192,15 @@ CVE-2024-34417 (Improper Neutralization of Input During Web Page Generation ('Cr CVE-2024-34415 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) NOT-FOR-US: WordPress plugin CVE-2024-34354 (CMSaaSStarter is a SaaS template/boilerplate built with SvelteKit, Tai ...) - TODO: check + NOT-FOR-US: CMSaaSStarter CVE-2024-34352 (1Panel is an open source Linux server operation and maintenance manage ...) - TODO: check + NOT-FOR-US: 1Panel CVE-2024-34351 (Next.js is a React framework that can provide building blocks to creat ...) - TODO: check + NOT-FOR-US: Next.js CVE-2024-34350 (Next.js is a React framework that can provide building blocks to creat ...) - TODO: check + NOT-FOR-US: Next.js CVE-2024-34345 (The CycloneDX JavaScript library contains the core functionality of OW ...) - TODO: check + NOT-FOR-US: CycloneDX CVE-2024-34338 (A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and ea ...) NOT-FOR-US: Tenda CVE-2024-34220 (Sourcecodester Human Resource Management System 1.0 is vulnerable to S ...) @@ -214,7 +214,7 @@ CVE-2024-34217 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain CVE-2024-34215 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) NOT-FOR-US: TOTOLINK CVE-2024-34213 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2024-34212 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...) NOT-FOR-US: TOTOLINK CVE-2024-34211 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hard ...) @@ -252,27 +252,27 @@ CVE-2024-33874 (HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__m CVE-2024-33873 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__s ...) TODO: check CVE-2024-33454 (Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacke ...) - TODO: check + NOT-FOR-US: esp-idf CVE-2024-32874 (Frigate is a network video recorder (NVR) with realtime local object d ...) - TODO: check + NOT-FOR-US: Frigate CVE-2024-32739 (A sql injection vulnerability exists in CyberPower PowerPanel Enterpri ...) - TODO: check + NOT-FOR-US: CyberPower PowerPanel CVE-2024-32738 (A sql injection vulnerability exists in CyberPower PowerPanel Enterpri ...) - TODO: check + NOT-FOR-US: CyberPower PowerPanel CVE-2024-32737 (A sql injection vulnerability exists in CyberPower PowerPanel Enterpri ...) - TODO: check + NOT-FOR-US: CyberPower PowerPanel CVE-2024-32736 (A sql injection vulnerability exists in CyberPower PowerPanel Enterpri ...) - TODO: check + NOT-FOR-US: CyberPower PowerPanel CVE-2024-32735 (An issue regarding missing authentication for certain utilities exists ...) - TODO: check + NOT-FOR-US: CyberPower PowerPanel CVE-2024-32724 (Missing Authorization vulnerability in Woo product importer Sharkdrops ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-32719 (Missing Authorization vulnerability in WP Club Manager.This issue affe ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-32717 (Missing Authorization vulnerability in WPDeveloper SchedulePress.This ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-32712 (Missing Authorization vulnerability in Podlove Podlove Podcast Publish ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-32655 (Npgsql is the .NET data provider for PostgreSQL. In 8.0.2 and earlier, ...) TODO: check CVE-2024-32624 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...) @@ -314,13 +314,13 @@ CVE-2024-32606 (HDF5 Library through 1.14.3 may attempt to dereference uninitial CVE-2024-32605 (HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_ ...) TODO: check CVE-2024-31954 (An issue was discovered in the installer in Samsung Portable SSD for T ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-31953 (An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-31952 (An issue was discovered in Samsung Magician 8.0.0 on macOS. Because sy ...) - TODO: check + NOT-FOR-US: Samsung CVE-2024-31803 (Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attack ...) - TODO: check + NOT-FOR-US: emp-ot CVE-2024-2923 (The Magical Addons For Elementor ( Header Footer Builder, Free Element ...) NOT-FOR-US: WordPress plugin CVE-2024-2846 (The Visual Footer Credit Remover plugin for WordPress is vulnerable to ...) @@ -330,7 +330,7 @@ CVE-2024-2785 (The The Plus Addons for Elementor plugin for WordPress is vulnera CVE-2024-2290 (The Advanced Ads plugin for WordPress is vulnerable to PHP Object Inje ...) NOT-FOR-US: WordPress plugin CVE-2024-29800 (Deserialization of Untrusted Data vulnerability in Timber Team & Contr ...) - TODO: check + NOT-FOR-US: Timber CVE-2024-29166 (HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, r ...) TODO: check CVE-2024-29165 (HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher ...) @@ -358,7 +358,7 @@ CVE-2024-24157 (Gnuboard g6 / https://github.com/gnuboard/g6 commit c2cc1f5069e0 CVE-2024-23473 (The SolarWinds Access Rights Manager was found to contain a hard-coded ...) NOT-FOR-US: SolarWinds CVE-2024-22910 (Cross Site Scripting (XSS) vulnerability in CrushFTP v.10.6.0 and v.10 ...) - TODO: check + NOT-FOR-US: CrushFTP CVE-2024-1693 (The SP Project & Document Manager plugin for WordPress is vulnerable t ...) NOT-FOR-US: WordPress plugin CVE-2024-1467 (The Starter Templates \u2014 Elementor, WordPress & Beaver Builder Tem ...) @@ -1328,11 +1328,11 @@ CVE-2023-49676 (An unauthenticated local attacker may trick a user to open corru CVE-2023-49675 (An unauthenticated local attacker may trick a user to open corrupted p ...) NOT-FOR-US: CODESYS CVE-2023-43531 (Memory corruption while verifying the serialized header when the key p ...) - TODO: check + NOT-FOR-US: Qualcomm CVE-2023-43530 (Memory corruption in HLOS while checking for the storage type.) - TODO: check + NOT-FOR-US: Qualcomm CVE-2023-43529 (Transient DOS while processing IKEv2 Informational request messages, w ...) - TODO: check + NOT-FOR-US: Qualcomm CVE-2023-43528 (Information disclosure when the ADSP payload size received in HLOS in ...) TODO: check CVE-2023-43527 (Information disclosure while parsing dts header atom in Video.) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8dc491d14937662a574f3ed33add18120812f22 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8dc491d14937662a574f3ed33add18120812f22 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits