Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5233344d by Salvatore Bonaccorso at 2024-06-12T22:44:07+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -79,7 +79,7 @@ CVE-2024-36761 (naga v0.14.0 was discovered to contain a
stack overflow via the
CVE-2024-36699 (GNU Debugger v8.2 to v14.2 was discovered to contain a buffer
overflow ...)
TODO: check
CVE-2024-36691 (Insecure permissions in the AdminController.AjaxSave() method
of PPGo_ ...)
- TODO: check
+ NOT-FOR-US: PPGo_Jobs
CVE-2024-36265 (** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization
vulnerability ...)
NOT-FOR-US: Apache Submarine Server Core
CVE-2024-36264 (** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication
vulnerability ...)
@@ -87,83 +87,83 @@ CVE-2024-36264 (** UNSUPPORTED WHEN ASSIGNED ** Improper
Authentication vulnerab
CVE-2024-36263 (** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of
Special Ele ...)
NOT-FOR-US: Apache Submarine Server Core
CVE-2024-34065 (Strapi is an open-source content management system. By
combining two v ...)
- TODO: check
+ NOT-FOR-US: Strapi
CVE-2024-31881 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 10.5 ...)
NOT-FOR-US: IBM
CVE-2024-31217 (Strapi is an open-source content management system. Prior to
version 4 ...)
- TODO: check
+ NOT-FOR-US: Strapi
CVE-2024-2747 (CWE-428: Unquoted search path or element vulnerability exists
in Easer ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2024-2300 (HP Advance Mobile Applications for iOS and Android are
potentially vul ...)
- TODO: check
+ NOT-FOR-US: HP Advance Mobile Applications for iOS and Android
CVE-2024-2230
REJECTED
CVE-2024-2092 (The Elementor Addon Elements plugin for WordPress is vulnerable
to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29181 (Strapi is an open-source content management system. Prior to
version 4 ...)
- TODO: check
+ NOT-FOR-US: Strapi
CVE-2024-28964 (Dell Common Event Enabler, version 8.9.10.0 and prior, contain
an inse ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28762 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 10.5 ...)
NOT-FOR-US: IBM
CVE-2024-25949 (Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x,
10.5.4.x an ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-24051 (Improper input validation of printing files in Monoprice
Select Mini V ...)
- TODO: check
+ NOT-FOR-US: Monoprice Select Mini
CVE-2024-22855 (A cross-site scripting (XSS) vulnerability in the User
Maintenance sec ...)
- TODO: check
+ NOT-FOR-US: ITSS iMLog
CVE-2024-1891 (A stored cross site scripting vulnerability exists in Tenable
Security ...)
- TODO: check
+ NOT-FOR-US: Tenable Security Center
CVE-2024-1766 (The Download Manager plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1659 (Arbitrary File Upload vulnerability in MegaBIP software allows
attacke ...)
- TODO: check
+ NOT-FOR-US: MegaBIP
CVE-2024-1577 (Remote Code Execution vulnerability in MegaBIP software allows
to exec ...)
- TODO: check
+ NOT-FOR-US: MegaBIP
CVE-2024-1576 (SQL Injection vulnerability in MegaBIP software allows attacker
to obt ...)
- TODO: check
+ NOT-FOR-US: MegaBIP
CVE-2024-0865 (CWE-798: Use of hard-coded credentials vulnerability exists
that could ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2023-52177 (Missing Authorization vulnerability in SoftLab Integrate
Google Drive. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52117 (Missing Authorization vulnerability in Metagauss
ProfileGrid.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51680 (Missing Authorization vulnerability in TechnoVama Quotes for
WooCommer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51679 (Missing Authorization vulnerability in BulkGate BulkGate SMS
Plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51671 (Missing Authorization vulnerability in FunnelKit FunnelKit
Checkout.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51670 (Missing Authorization vulnerability in FunnelKit FunnelKit
Checkout.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51537 (Missing Authorization vulnerability in Awesome Support Team
Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51526 (Missing Authorization vulnerability in Brett Shumaker Simple
Staff Lis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51524 (Missing Authorization vulnerability in weForms.This issue
affects weFo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51413 (Missing Authorization vulnerability in Piotnet Forms.This
issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49559 (An issue in vektah gqlparser open-source-library v.2.5.10
allows a rem ...)
TODO: check
CVE-2023-48280 (Missing Authorization vulnerability in Consensu.IO
Consensu.Io.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47845 (Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai
Yang Grab & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47828 (Missing Authorization vulnerability in Mandrill
wpMandrill.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44234 (Missing Authorization vulnerability in Bastianon Massimo WP
GPX Map.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41240 (Missing Authorization vulnerability in Vark Pricing Deals for
WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40672 (Missing Authorization vulnerability in Hardik Chavada Sticky
Social Me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40603 (Missing Authorization vulnerability in Gangesh Matta Simple
Org Chart. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40209 (Missing Authorization vulnerability in Himalaya Saxena
Highcompress Im ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38395 (Missing Authorization vulnerability in Afzal Multani WP Clone
Menu.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5892 (The Divi Torque Lite \u2013 Divi Theme and Extra Theme plugin
for Word ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5873
@@ -102039,7 +102039,7 @@ CVE-2023-25032 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-25031 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Kibo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25030 (Missing Authorization vulnerability in Buy Me a Coffee.This
issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25029 (Cross-Site Request Forgery (CSRF) vulnerability in utahta WP
Social Bo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25028 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in chuy ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5233344d645e41a6fa6bc87bc1563923e5a9f1d0
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5233344d645e41a6fa6bc87bc1563923e5a9f1d0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
