Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
72c876ba by Salvatore Bonaccorso at 2024-06-11T22:42:38+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -231,11 +231,11 @@ CVE-2024-2462 (Allow attackers to intercept or falsify
data exchanges between th
CVE-2024-2461 (If exploited an attacker could traverse the file system to
access fil ...)
NOT-FOR-US: Hitachi
CVE-2024-2013 (An authentication bypass vulnerability exists in the
FOXMAN-UN/UNEM se ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-2012 (vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway
that i ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-2011 (A heap-based buffer overflow vulnerability exists in the
FOXMAN-UN/UNE ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-29060 (Visual Studio Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-28024 (A vulnerability exists in the FOXMAN-UN/UNEM in which
sensitive inform ...)
@@ -269,39 +269,39 @@ CVE-2024-23110 (A stack-based buffer overflow in Fortinet
FortiOS version 7.4.0
CVE-2024-21754 (A use of password hash with insufficient computational effort
vulnerab ...)
NOT-FOR-US: FortiGuard
CVE-2023-52233 (Missing Authorization vulnerability in Post SMTP Post SMTP
Mailer/Emai ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52227 (Missing Authorization vulnerability in MailerLite MailerLite
\u2013 Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52224 (Missing Authorization vulnerability in Revolut Revolut Gateway
for Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52217 (Missing Authorization vulnerability in weDevs WooCommerce
Conversion T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52199 (Missing Authorization vulnerability in Matthias Pfefferle &
Automattic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52186 (Missing Authorization vulnerability in Woo WooCommerce Product
Vendors ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52183 (Missing Authorization vulnerability in WebToffee WordPress
Backup & Mi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52179 (Missing Authorization vulnerability in WebCodingPlace Product
Expiry f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51682 (Missing Authorization vulnerability in ibericode MC4WP.This
issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51519 (Missing Authorization vulnerability in Soliloquy Team Slider
by Solilo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51498 (Missing Authorization vulnerability in Woo WooCommerce Canada
Post Shi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50763 (A vulnerability has been identified in SIMATIC CP 1542SP-1
(6GK7542-6U ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-4727 (A flaw was found in dogtag-pki and pki-core. The token
authentication ...)
TODO: check
CVE-2023-48273 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46720 (A stack-based buffer overflow in Fortinet FortiOS version
7.4.0 throug ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-38533 (A vulnerability has been identified in TIA Administrator (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-33922 (Missing Authorization vulnerability in Elementor Elementor
Website Bui ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5702 (Memory corruption in the networking stack could have led to a
potentia ...)
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-26/#CVE-2024-5702
@@ -90099,7 +90099,7 @@ CVE-2023-28777 (Improper Neutralization of Special
Elements used in an SQL Comma
CVE-2023-28776 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
I Thirte ...)
NOT-FOR-US: Lightbox plugin
CVE-2023-28775 (Missing Authorization vulnerability in Yoast Yoast SEO
Premium.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28774 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Grad ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28773 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -99170,7 +99170,7 @@ CVE-2023-25801 (TensorFlow is an open source machine
learning platform. Prior to
CVE-2023-25800 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25799 (Missing Authorization vulnerability in Themeum Tutor LMS.This
issue af ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25798 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25797 (Auth. Stored Cross-Site Scripting (XSS) vulnerability in
Mr.Vibe vSlid ...)
@@ -105404,7 +105404,7 @@ CVE-2023-23777 (An improper neutralization of special
elements used in an OS com
CVE-2023-23776 (An exposure of sensitive information to an unauthorized actor
[CWE-200 ...)
NOT-FOR-US: Fortinet
CVE-2023-23775 (Multiple improper neutralization of special elements used
inSQL comman ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-23549 (Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37,
<=2.0.0p39 ...)
- check-mk <removed>
CVE-2023-23548 (Reflected XSS in business intelligence in Checkmk <2.2.0p8,
<2.1.0p32, ...)
@@ -121354,7 +121354,7 @@ CVE-2022-45178 (An issue was discovered in LIVEBOX
Collaboration vDesk through v
CVE-2022-45177 (An issue was discovered in LIVEBOX Collaboration vDesk through
v031. A ...)
NOT-FOR-US: LIVEBOX Collaboration vDesk
CVE-2022-45176 (An issue was discovered in LIVEBOX Collaboration vDesk through
v018. S ...)
- TODO: check
+ NOT-FOR-US: LIVEBOX Collaboration vDesk
CVE-2022-45175 (An issue was discovered in LIVEBOX Collaboration vDesk through
v018. A ...)
NOT-FOR-US: LIVEBOX
CVE-2022-45174 (An issue was discovered in LIVEBOX Collaboration vDesk through
v018. A ...)
@@ -121370,7 +121370,7 @@ CVE-2022-45170 (An issue was discovered in LIVEBOX
Collaboration vDesk through v
CVE-2022-45169 (An issue was discovered in LIVEBOX Collaboration vDesk through
v031. A ...)
NOT-FOR-US: LIVEBOX Collaboration vDesk
CVE-2022-45168 (An issue was discovered in LIVEBOX Collaboration vDesk through
v018. A ...)
- TODO: check
+ NOT-FOR-US: LIVEBOX Collaboration vDesk
CVE-2022-3962 (A content spoofing vulnerability was found in Kiali. It was
discovered ...)
NOT-FOR-US: Kiali
CVE-2022-3961 (The Directorist WordPress plugin before 7.4.4 does not prevent
users w ...)
@@ -137762,7 +137762,7 @@ CVE-2022-40227 (A vulnerability has been identified
in SIMATIC HMI Comfort Panel
CVE-2022-40226 (A vulnerability has been identified in SICAM P850 (All
versions < V3.1 ...)
NOT-FOR-US: Siemens
CVE-2022-40225 (A vulnerability has been identified in SIPLUS TIM 1531 IRC
(6AG1543-1M ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2022-40200 (Auth. (subscriber+) Arbitrary File Upload vulnerability in
wpForo Foru ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40198 (Cross-Site Request Forgery (CSRF) vulnerability in
StandaloneTech Tera ...)
@@ -146789,9 +146789,9 @@ CVE-2014-125026 (LZ4 bindings use a deprecated C API
that is vulnerable to memor
CVE-2013-10005 (The RemoteAddr and LocalAddr methods on the returned net.Conn
may call ...)
NOT-FOR-US: btcsuite
CVE-2022-37020 (Potential vulnerabilities have been identified in the system
BIOS for ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2022-37019 (Potential vulnerabilities have been identified in the system
BIOS for ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2022-37018 (A potential vulnerability has been identified in the system
BIOS for c ...)
NOT-FOR-US: HPE
CVE-2022-37017 (Symantec Endpoint Protection (Windows) agent, prior to 14.3
RU6/14.3 R ...)
@@ -314856,7 +314856,7 @@ CVE-2020-11845 (Cross Site Scripting vulnerability in
Micro Focus Service Manage
CVE-2020-11844 (Incorrect Authorization vulnerability in Micro Focus Container
Deploym ...)
NOT-FOR-US: Micro Focus
CVE-2020-11843 (This allows the information exposure to unauthorized
users.This issue ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2020-11842 (Information disclosure vulnerability in Micro Focus Verastream
Host In ...)
NOT-FOR-US: Micro Focus
CVE-2020-11841 (Unauthorized information disclosure vulnerability in Micro
Focus ArcSi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72c876baa01f12035d64bd6c2b0fcd7426efcd08
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72c876baa01f12035d64bd6c2b0fcd7426efcd08
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
