Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5833e85e by Salvatore Bonaccorso at 2024-05-13T22:38:27+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36,41 +36,41 @@ CVE-2024-3462 (Ant Media Server Community Edition in a
default configuration is
CVE-2024-3263 (YMS VIS Pro is an information system for veterinary and food
administr ...)
TODO: check
CVE-2024-35172 (Server-Side Request Forgery (SSRF) vulnerability in ShortPixel
ShortPi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35171 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35170 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35169 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35167 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35166 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
TODO: check
CVE-2024-35165 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35099 (TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-35050 (An issue in SurveyKing v1.3.1 allows attackers to escalate
privileges ...)
- TODO: check
+ NOT-FOR-US: SurveyKing
CVE-2024-35049 (SurveyKing v1.3.1 was discovered to keep users' sessions
active after ...)
- TODO: check
+ NOT-FOR-US: SurveyKing
CVE-2024-35048 (An issue in SurveyKing v1.3.1 allows attackers to execute a
session re ...)
- TODO: check
+ NOT-FOR-US: SurveyKing
CVE-2024-34921 (TOTOLINK X5000R v9.1.0cu.2350_B20230313 was discovered to
contain a co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34899 (WWBN AVideo 12.4 is vulnerable to Cross Site Scripting (XSS).)
- TODO: check
+ NOT-FOR-US: WWBN AVideo
CVE-2024-34812 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34811 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34749 (Phormer prior to version 3.35 contains a cross-site scripting
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Phormer
CVE-2024-34709 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
- TODO: check
+ NOT-FOR-US: Directus
CVE-2024-34708 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
- TODO: check
+ NOT-FOR-US: Directus
CVE-2024-34707 (Nautobot is a Network Source of Truth and Network Automation
Platform. ...)
TODO: check
CVE-2024-34706 (Valtimo is an open source business process and case management
platfor ...)
@@ -90,31 +90,31 @@ CVE-2024-34555 (Unrestricted Upload of File with Dangerous
Type vulnerability in
CVE-2024-34459 (An issue was discovered in xmllint (from libxml2) before
2.11.8 and 2. ...)
TODO: check
CVE-2024-34440 (Unrestricted Upload of File with Dangerous Type vulnerability
in Jordy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34416 (Unrestricted Upload of File with Dangerous Type vulnerability
in Pk Fa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34411 (Unrestricted Upload of File with Dangerous Type vulnerability
in Thoma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34353 (matrix-rust-sdk is an implementation of a Matrix client-server
library ...)
TODO: check
CVE-2024-34340 (Cacti provides an operational monitoring and fault management
framewor ...)
TODO: check
CVE-2024-34231 (A cross-site scripting (XSS) vulnerability in Sourcecodester
Laborator ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Laboratory Management System
CVE-2024-34230 (A cross-site scripting (XSS) vulnerability in Sourcecodester
Laborator ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Laboratory Management System
CVE-2024-34226 (SQL injection vulnerability in
/php-sqlite-vms/?page=manage_visitor&id ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Visitor Management System
CVE-2024-34225 (Cross Site Scripting vulnerability in
php-lms/admin/?page=system_info ...)
- TODO: check
+ NOT-FOR-US: Computer Laboratory Management System using PHP and MySQL
CVE-2024-34224 (Cross Site Scripting vulnerability in
/php-lms/classes/Users.php?f=sav ...)
- TODO: check
+ NOT-FOR-US: Computer Laboratory Management System using PHP and MySQL
CVE-2024-34223 (Insecure permission vulnerability in /hrm/leaverequest.php in
SourceCo ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Human Resource Management System
CVE-2024-34222 (Sourcecodester Human Resource Management System 1.0 is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Human Resource Management System
CVE-2024-34221 (Sourcecodester Human Resource Management System 1.0 is
vulnerable to I ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Human Resource Management System
CVE-2024-34081 (MantisBT (Mantis Bug Tracker) is an open source issue tracker.
Improp ...)
TODO: check
CVE-2024-34080 (MantisBT (Mantis Bug Tracker) is an open source issue tracker.
If an i ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5833e85eb0076562c3bd59398b8e45f4881c83e6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5833e85eb0076562c3bd59398b8e45f4881c83e6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
