Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0ca884cc by Salvatore Bonaccorso at 2024-06-04T22:33:47+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,187 +21,187 @@ CVE-2024-37063 (A cross-site scripting (XSS)
vulnerability in versions 3.7.0 or
CVE-2024-37062 (Deserialization of untrusted data can occur in versions 3.7.0
or newer ...)
TODO: check
CVE-2024-37061 (Remote Code Execution can occur in versions of the MLflow
platform run ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37060 (Deserialization of untrusted data can occur in versions of the
MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37059 (Deserialization of untrusted data can occur in versions of the
MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37058 (Deserialization of untrusted data can occur in versions of the
MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37057 (Deserialization of untrusted data can occur in versions of the
MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37056 (Deserialization of untrusted data can occur in versions of the
MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37055 (Deserialization of untrusted data can occur in versions of the
MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37054 (Deserialization of untrusted data can occur in versions of the
MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37053 (Deserialization of untrusted data can occur in versions of the
MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37052 (Deserialization of untrusted data can occur in versions of the
MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-36858 (An arbitrary file upload vulnerability in the
/v1/app/writeFileSync in ...)
TODO: check
CVE-2024-36857 (Jan v0.4.12 was discovered to contain an arbitrary file read
vulnerabi ...)
TODO: check
CVE-2024-36801 (A SQL injection vulnerability in SEMCMS v.4.8, allows a remote
attacke ...)
- TODO: check
+ NOT-FOR-US: SEMCMS
CVE-2024-36800 (A SQL injection vulnerability in SEMCMS v.4.8, allows a remote
attacke ...)
- TODO: check
+ NOT-FOR-US: SEMCMS
CVE-2024-36604 (Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind
Command I ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-36550 (idccms V1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36549 (idccms v1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36548 (idccms V1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36547 (idccms V1.35 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36400 (nano-id is a unique string ID generator for Rust. Affected
versions of ...)
TODO: check
CVE-2024-35782 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35700 (Improper Privilege Management vulnerability in DeluxeThemes
Userpro al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35672 (Missing Authorization vulnerability in Netgsm.This issue
affects Netgs ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35670 (Broken Authentication vulnerability in SoftLab Integrate
Google Drive. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35668 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35666 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35664 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35655 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35654 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35653 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35652 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35651 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35649 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35634 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35629 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34792 (Improper Neutralization of Special Elements used in a Command
('Comman ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34759 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34554 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34552 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34551 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34384 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33628 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33568 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33560 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33557 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33541 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32871 (Pimcore is an Open Source Data & Experience Management
Platform. The P ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2024-30528 (Missing Authorization vulnerability in Spiffy Plugins Spiffy
Calendar. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30525 (Missing Authorization vulnerability in moveaddons Move Addons
for Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30484 (Missing Authorization vulnerability in RT Easy Builder \u2013
Advanced ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29170 (Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a
use of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29152 (An issue was discovered in Samsung Mobile Processor, Wearable
Processo ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-29004 (The SolarWinds Platform was determined to be affected by a
stored cros ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-28999 (The SolarWinds Platform was determined to be affected by a
Race Condit ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-28996 (The SolarWinds Platform was determined to be affected by a
SWQL Inject ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-25600 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25095 (Insertion of Sensitive Information into Log File vulnerability
in Code ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0756 (The Insert or Embed Articulate Content into WordPress plugin
through 4 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5751 (A local attacker with low privileges can read and modify any
users fil ...)
TODO: check
CVE-2023-52176 (Authentication Bypass by Spoofing vulnerability in miniorange
Malware ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52147 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51667 (Authentication Bypass by Spoofing vulnerability in FeedbackWP
Rate my ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51544 (Improper Control of Interaction Frequency vulnerability in
Metagauss R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51543 (Authentication Bypass by Spoofing vulnerability in Metagauss
Registrat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51542 (Authentication Bypass by Spoofing vulnerability in WPMU DEV
Branda all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51511 (Improper Authentication vulnerability in Pluggabl LLC Booster
Elite fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49852 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49822 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49774 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49748 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49741 (Authentication Bypass by Spoofing vulnerability in wpdevart
Coming soo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48753 (Authentication Bypass by Spoofing vulnerability in 10up
Restricted Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48747 (Improper Authentication vulnerability in Pluggabl LLC Booster
for WooC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48745 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48335 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48318 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48290 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48285 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48276 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48271 (Authentication Bypass by Spoofing vulnerability in yonifre
Maspik \u20 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47837 (Improper Privilege Management vulnerability in Repute
Infosystems ARMe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47818 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47769 (Authentication Bypass by Spoofing vulnerability in WP
Maintenance allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47663 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47513 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47189 (Improper Authentication vulnerability in WPMU DEV Defender
Security al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46630 (Improper Authentication vulnerability in wpase Admin and Site
Enhancem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46310 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45635 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45053 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45009 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5485 (The SureTriggers \u2013 Connect All Your Plugins, Apps, Tools &
Automa ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5422 (An uncontrolled resource consumption of file descriptors in SEH
Comput ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ca884cc7e85fc9936356cfbad25ad7150ca4b8c
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ca884cc7e85fc9936356cfbad25ad7150ca4b8c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
