Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce7c83bd by Salvatore Bonaccorso at 2024-05-22T22:49:20+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,65 +33,65 @@ CVE-2024-4153 (A vulnerability in lunary-ai/lunary version
1.2.2 allows attacker
CVE-2024-3926 (The Element Pack Elementor Addons (Header Footer, Template
Library, Dy ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3495 (The Country State City Dropdown CF7 plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-36077 (Qlik Sense Enterprise for Windows before 14.187.4 allows a
remote atta ...)
- TODO: check
+ NOT-FOR-US: Qlik Sense Enterprise for Windows
CVE-2024-35627 (tileserver-gl up to v4.4.10 was discovered to contain a
cross-site scr ...)
TODO: check
CVE-2024-35561 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35560 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35559 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35558 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35557 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35556 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35555 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35554 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35553 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35552 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35551 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35550 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-35475 (A Cross-Site Request Forgery (CSRF) vulnerability was
discovered in Op ...)
TODO: check
CVE-2024-35409 (WeBid 1.1.2 is vulnerable to SQL Injection via admin/tax.php.)
TODO: check
CVE-2024-35362 (Ecshop 3.6 is vulnerable to Cross Site Scripting (XSS) via
ecshop/arti ...)
- TODO: check
+ NOT-FOR-US: Ecshop
CVE-2024-34448 (Ghost before 5.82.0 allows CSV Injection during a member CSV
export.)
- TODO: check
+ NOT-FOR-US: Ghost CMS
CVE-2024-33228 (An issue in the component segwindrvx64.sys of Insyde Software
Corp SEG ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2024-33227 (An issue in the component ddcdrv.sys of Nicomsoft WinI2C/DDC
v3.7.4.0 ...)
- TODO: check
+ NOT-FOR-US: Nicomsoft WinI2C/DDC
CVE-2024-33226 (An issue in the component Access64.sys of Wistron Corporation
TBT Forc ...)
- TODO: check
+ NOT-FOR-US: Wistron Corporation TBT Force Power Control
CVE-2024-33225 (An issue in the component RTKVHD64.sys of Realtek
Semiconductor Corp R ...)
- TODO: check
+ NOT-FOR-US: Realtek Semiconductor Corp Realtek High Definition Audio
Function Driver
CVE-2024-33224 (An issue in the component rtkio64.sys of Realtek Semiconductor
Corp Re ...)
- TODO: check
+ NOT-FOR-US: Realtek Semiconductor Corp Realtek lO Driver
CVE-2024-33223 (An issue in the component IOMap64.sys of ASUSTeK Computer Inc
ASUS GPU ...)
- TODO: check
+ NOT-FOR-US: ASUSTeK
CVE-2024-33222 (An issue in the component ATSZIO64.sys of ASUSTeK Computer Inc
ASUS AT ...)
- TODO: check
+ NOT-FOR-US: ASUSTeK
CVE-2024-33221 (An issue in the component AsusBSItf.sys of ASUSTeK Computer
Inc ASUS B ...)
- TODO: check
+ NOT-FOR-US: ASUSTeK
CVE-2024-33220 (An issue in the component AslO3_64.sys of ASUSTeK Computer Inc
AISuite ...)
- TODO: check
+ NOT-FOR-US: ASUSTeK
CVE-2024-33219 (An issue in the component AsIO64.sys of ASUSTeK Computer Inc
ASUS SABE ...)
- TODO: check
+ NOT-FOR-US: ASUSTeK
CVE-2024-33218 (An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc
ASUS US ...)
- TODO: check
+ NOT-FOR-US: ASUSTeK
CVE-2024-31904 (IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and
12.0.1.0 thr ...)
NOT-FOR-US: IBM
CVE-2024-31895 (IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could
allow an a ...)
@@ -107,7 +107,7 @@ CVE-2024-2036 (The ApplyOnline \u2013 Application Form
Builder and Manager plugi
CVE-2024-29421 (xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer
Overflow ...)
TODO: check
CVE-2024-29392 (Silverpeas Core 6.3 is vulnerable to Cross Site Scripting
(XSS) via Cl ...)
- TODO: check
+ NOT-FOR-US: Silverpeas Core
CVE-2024-27264 (IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow
a local ...)
NOT-FOR-US: IBM
CVE-2024-25738 (A Server-Side Request Forgery (SSRF) vulnerability in the
/Upgrade/Fix ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce7c83bd590040c80918405ba094230639f98952
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce7c83bd590040c80918405ba094230639f98952
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
