Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f886e552 by security tracker role at 2024-08-06T20:12:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,179 @@
+CVE-2024-7564 (Logsign Unified SecOps Platform Directory Traversal Information
Disclo ...)
+ TODO: check
+CVE-2024-7552 (A vulnerability was found in DataGear up to 5.0.0. It has been
declare ...)
+ TODO: check
+CVE-2024-7551 (A vulnerability was found in juzaweb CMS up to 3.4.2. It has
been clas ...)
+ TODO: check
+CVE-2024-7502 (A crafted DPA file could force Delta Electronics DIAScreen to
overflow ...)
+ TODO: check
+CVE-2024-7317 (The Folders \u2013 Unlimited Folders to Organize Media Library
Folder, ...)
+ TODO: check
+CVE-2024-7246 (It's possible for a gRPC client communicating with a HTTP/2
proxy to p ...)
+ TODO: check
+CVE-2024-6720 (The Light Poll WordPress plugin through 1.0.0 does not have
CSRF check ...)
+ TODO: check
+CVE-2024-6359 (Privilege escalation vulnerability identified in OpenText
ArcSight Int ...)
+ TODO: check
+CVE-2024-6358 (Incorrect Authorization vulnerability identified in OpenText
ArcSight ...)
+ TODO: check
+CVE-2024-6357 (Insecure Direct Object Reference vulnerability identified in
OpenText ...)
+ TODO: check
+CVE-2024-43114 (In JetBrains TeamCity before 2024.07.1 possible privilege
escalation d ...)
+ TODO: check
+CVE-2024-43113 (The contextual menu for links could provide an opportunity for
cross-s ...)
+ TODO: check
+CVE-2024-43112 (Long pressing on a download link could potentially provide a
means for ...)
+ TODO: check
+CVE-2024-43111 (Long pressing on a download link could potentially allow
Javascript co ...)
+ TODO: check
+CVE-2024-42400 (Multiple unauthenticated Denial-of-Service (DoS)
vulnerabilities exist ...)
+ TODO: check
+CVE-2024-42399 (Multiple unauthenticated Denial-of-Service (DoS)
vulnerabilities exist ...)
+ TODO: check
+CVE-2024-42398 (Multiple unauthenticated Denial-of-Service (DoS)
vulnerabilities exist ...)
+ TODO: check
+CVE-2024-42397 (Multiple unauthenticated Denial-of-Service (DoS)
vulnerabilities exist ...)
+ TODO: check
+CVE-2024-42396 (Multiple unauthenticated Denial-of-Service (DoS)
vulnerabilities exist ...)
+ TODO: check
+CVE-2024-42395 (There is a vulnerability in the AP Certificate Management
Service whic ...)
+ TODO: check
+CVE-2024-42394 (There are vulnerabilities in the Soft AP Daemon Service which
could al ...)
+ TODO: check
+CVE-2024-42393 (There are vulnerabilities in the Soft AP Daemon Service which
could al ...)
+ TODO: check
+CVE-2024-42358 (PDFio is a simple C library for reading and writing PDF files.
There i ...)
+ TODO: check
+CVE-2024-42347 (matrix-react-sdk is a react-based SDK for inserting a Matrix
chat/voi ...)
+ TODO: check
+CVE-2024-41913 (A vulnerability was discovered in the firmware builds up to
10.10.2.2 ...)
+ TODO: check
+CVE-2024-41911 (A vulnerability was discovered in the firmware builds up to
10.10.2.2 ...)
+ TODO: check
+CVE-2024-41910 (A vulnerability was discovered in the firmware builds up to
10.10.2.2 ...)
+ TODO: check
+CVE-2024-41677 (Qwik is a performance focused javascript framework. A
potential mutati ...)
+ TODO: check
+CVE-2024-41616 (D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded
credential ...)
+ TODO: check
+CVE-2024-41333 (A reflected cross-site scripting (XSS) vulnerability in
Phpgurukul Tou ...)
+ TODO: check
+CVE-2024-41226 (A CSV injection vulnerability in Automation Anywhere
Automation 360 ve ...)
+ TODO: check
+CVE-2024-40101 (A Reflected Cross-site scripting (XSS) vulnerability exists in
'/searc ...)
+ TODO: check
+CVE-2024-39751 (IBM InfoSphere Information Server 11.7 could allow a remote
attacker t ...)
+ TODO: check
+CVE-2024-39229 (An issue in GL-iNet products
AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1 ...)
+ TODO: check
+CVE-2024-39228 (GL-iNet products
AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/S ...)
+ TODO: check
+CVE-2024-39227 (GL-iNet products
AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/S ...)
+ TODO: check
+CVE-2024-39226 (GL-iNet products
AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/S ...)
+ TODO: check
+CVE-2024-39225 (GL-iNet products
AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/S ...)
+ TODO: check
+CVE-2024-36424 (K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows
local use ...)
+ TODO: check
+CVE-2024-33994 (Cross-Site Scripting (XSS) vulnerability in School Event
Management Sy ...)
+ TODO: check
+CVE-2024-33993 (Cross-Site Scripting (XSS) vulnerability in School Event
Management Sy ...)
+ TODO: check
+CVE-2024-33992 (Cross-Site Scripting (XSS) vulnerability in School Event
Management Sy ...)
+ TODO: check
+CVE-2024-33991 (Cross-Site Scripting (XSS) vulnerability in School Event
Management Sy ...)
+ TODO: check
+CVE-2024-33990 (Cross-Site Scripting (XSS) vulnerability in School Event
Management Sy ...)
+ TODO: check
+CVE-2024-33989 (Cross-Site Scripting (XSS) vulnerability in School Event
Management Sy ...)
+ TODO: check
+CVE-2024-33988 (Cross-Site Scripting (XSS) vulnerability in School Attendance
Monitori ...)
+ TODO: check
+CVE-2024-33987 (Cross-Site Scripting (XSS) vulnerability in School Attendance
Monitori ...)
+ TODO: check
+CVE-2024-33986 (Cross-Site Scripting (XSS) vulnerability in School Attendance
Monitori ...)
+ TODO: check
+CVE-2024-33985 (Cross-Site Scripting (XSS) vulnerability in School Attendance
Monitori ...)
+ TODO: check
+CVE-2024-33984 (Cross-Site Scripting (XSS) vulnerability in School Attendance
Monitori ...)
+ TODO: check
+CVE-2024-33983 (Cross-Site Scripting (XSS) vulnerability in School Attendance
Monitori ...)
+ TODO: check
+CVE-2024-33982 (Cross-Site Scripting (XSS) vulnerability in School Attendance
Monitori ...)
+ TODO: check
+CVE-2024-33981 (Cross-Site Scripting (XSS) vulnerability in PayPal, Credit
Card and De ...)
+ TODO: check
+CVE-2024-33980 (Cross-Site Scripting (XSS) vulnerability in PayPal, Credit
Card and De ...)
+ TODO: check
+CVE-2024-33979 (Cross-Site Scripting (XSS) vulnerability in PayPal, Credit
Card and De ...)
+ TODO: check
+CVE-2024-33978 (Cross-Site Scripting (XSS) vulnerability in E-Negosyo System
affecting ...)
+ TODO: check
+CVE-2024-33977 (Cross-Site Scripting (XSS) vulnerability in E-Negosyo System
affecting ...)
+ TODO: check
+CVE-2024-33976 (Cross-Site Scripting (XSS) vulnerability in E-Negosyo System
affecting ...)
+ TODO: check
+CVE-2024-33975 (Cross-Site Scripting (XSS) vulnerability in E-Negosyo System
affecting ...)
+ TODO: check
+CVE-2024-33974 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33973 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33972 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33971 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33970 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33969 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33968 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33967 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33966 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33965 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33964 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33963 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33962 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33961 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33960 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33959 (SQL injection vulnerability in PayPal, Credit Card and Debit
Card Paym ...)
+ TODO: check
+CVE-2024-33958 (SQL injection vulnerability in E-Negosyo System affecting
version 1.0. ...)
+ TODO: check
+CVE-2024-33957 (SQL injection vulnerability in E-Negosyo System affecting
version 1.0. ...)
+ TODO: check
+CVE-2024-33897 (A compromised HMS Networks Cosy+ device could be used to
request a Cer ...)
+ TODO: check
+CVE-2024-30170 (PrivX before 34.0 allows data exfiltration and denial of
service via t ...)
+ TODO: check
+CVE-2024-28740 (Cross Site Scripting vulnerability in Koha ILS 23.05 and
before allows ...)
+ TODO: check
+CVE-2024-28739 (An issue in Koha ILS 23.05 and before allows a remote attacker
to exec ...)
+ TODO: check
+CVE-2024-23483 (An Improper Input Validation vulnerability in Zscaler Client
Connector ...)
+ TODO: check
+CVE-2024-23464 (In certain cases, Zscaler Internet Access (ZIA) can be
disabled by Pow ...)
+ TODO: check
+CVE-2024-23460 (The Zscaler Updater process does not validate the digital
signature of ...)
+ TODO: check
+CVE-2024-23458 (While copying individual autoupdater log files, reparse point
check wa ...)
+ TODO: check
+CVE-2024-23456 (Anti-tampering can be disabled under certain conditions
without signat ...)
+ TODO: check
+CVE-2023-40819 (ID4Portais in version < V.2022.837.002a returns message
parameter unsa ...)
+ TODO: check
CVE-2024-5290
+ {DSA-5739-1}
- wpa <unfixed>
NOTE: https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/2067613
CVE-2024-7550
@@ -19,64 +194,64 @@ CVE-2024-7533
CVE-2024-7532
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-7531
+CVE-2024-7531 (Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same
buffer ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7531
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7531
-CVE-2024-7530
+CVE-2024-7530 (Incorrect garbage collection interaction could have led to a
use-after ...)
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7530
-CVE-2024-7529
+CVE-2024-7529 (The date picker could partially obscure security prompts. This
could b ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7529
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7529
-CVE-2024-7528
+CVE-2024-7528 (Incorrect garbage collection interaction in IndexedDB could
have led t ...)
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7528
-CVE-2024-7527
+CVE-2024-7527 (Unexpected marking work at the start of sweeping could have led
to a u ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7527
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7527
-CVE-2024-7526
+CVE-2024-7526 (ANGLE failed to initialize parameters which lead to reading
from unini ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7526
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7526
-CVE-2024-7525
+CVE-2024-7525 (It was possible for a web extension with minimal permissions to
create ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7525
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7525
-CVE-2024-7524
+CVE-2024-7524 (Firefox adds web-compatibility shims in place of some tracking
scripts ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7524
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7524
-CVE-2024-7523
+CVE-2024-7523 (A select option could partially obscure security prompts. This
could b ...)
- firefox <not-affected> (Only affects Firefox on Android)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7523
-CVE-2024-7522
+CVE-2024-7522 (Editor code failed to check an attribute value. This could have
led to ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7522
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7522
-CVE-2024-7521
+CVE-2024-7521 (Incomplete WebAssembly exception handing could have led to a
use-after ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7521
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7521
-CVE-2024-7520
+CVE-2024-7520 (A type confusion bug in WebAssembly could be leveraged by an
attacker ...)
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7520
-CVE-2024-7519
+CVE-2024-7519 (Insufficient checks when processing graphics shared memory
could have ...)
- firefox <unfixed>
- firefox-esr <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7519
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7519
-CVE-2024-7518
+CVE-2024-7518 (Select options could obscure the fullscreen notification
dialog. This ...)
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7518
CVE-2024-42005
@@ -2861,59 +3036,59 @@ CVE-2024-7256 (Insufficient data validation in Dawn in
Google Chrome on Android
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-7005
+CVE-2024-7005 (Insufficient validation of untrusted input in Safe Browsing in
Google ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-7004
+CVE-2024-7004 (Insufficient validation of untrusted input in Safe Browsing in
Google ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-7003
+CVE-2024-7003 (Inappropriate implementation in FedCM in Google Chrome prior to
127.0. ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-7001
+CVE-2024-7001 (Inappropriate implementation in HTML in Google Chrome prior to
127.0.6 ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-7000
+CVE-2024-7000 (Use after free in CSS in Google Chrome prior to 127.0.6533.72
allowed ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-6999
+CVE-2024-6999 (Inappropriate implementation in FedCM in Google Chrome prior to
127.0. ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-6998
+CVE-2024-6998 (Use after free in User Education in Google Chrome prior to
127.0.6533. ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-6997
+CVE-2024-6997 (Use after free in Tabs in Google Chrome prior to 127.0.6533.72
allowed ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-6996
+CVE-2024-6996 (Race in Frames in Google Chrome prior to 127.0.6533.72 allowed
a remot ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-6995
+CVE-2024-6995 (Inappropriate implementation in Fullscreen in Google Chrome on
Android ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-6994
+CVE-2024-6994 (Heap buffer overflow in Layout in Google Chrome prior to
127.0.6533.72 ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-6991
+CVE-2024-6991 (Use after free in Dawn in Google Chrome prior to 127.0.6533.72
allowed ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-6989
+CVE-2024-6989 (Use after free in Loader in Google Chrome prior to
127.0.6533.72 allow ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2024-6988
+CVE-2024-6988 (Use after free in Downloads in Google Chrome on iOS prior to
127.0.653 ...)
{DSA-5735-1}
- chromium 127.0.6533.88-1
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -4261,7 +4436,7 @@ CVE-2024-21149 (Vulnerability in the Oracle Enterprise
Asset Management product
CVE-2024-21148 (Vulnerability in the Oracle Applications Framework product of
Oracle E ...)
NOT-FOR-US: Oracle
CVE-2024-21147 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- {DSA-5736-1}
+ {DSA-5738-1 DSA-5736-1}
- openjdk-8 8u422-b05-1
- openjdk-11 11.0.24+8-1
- openjdk-17 17.0.12+7-1
@@ -4269,7 +4444,7 @@ CVE-2024-21147 (Vulnerability in the Oracle Java SE,
Oracle GraalVM for JDK, Ora
CVE-2024-21146 (Vulnerability in the Oracle Trade Management product of Oracle
E-Busin ...)
NOT-FOR-US: Oracle
CVE-2024-21145 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- {DSA-5736-1}
+ {DSA-5738-1 DSA-5736-1}
- openjdk-8 8u422-b05-1
- openjdk-11 11.0.24+8-1
- openjdk-17 17.0.12+7-1
@@ -4285,7 +4460,7 @@ CVE-2024-21142 (Vulnerability in the MySQL Server product
of Oracle MySQL (compo
CVE-2024-21141 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
- virtualbox 7.0.20-dfsg-1
CVE-2024-21140 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- {DSA-5736-1}
+ {DSA-5738-1 DSA-5736-1}
- openjdk-8 8u422-b05-1
- openjdk-11 11.0.24+8-1
- openjdk-17 17.0.12+7-1
@@ -4293,7 +4468,7 @@ CVE-2024-21140 (Vulnerability in the Oracle Java SE,
Oracle GraalVM for JDK, Ora
CVE-2024-21139 (Vulnerability in the Oracle Business Intelligence Enterprise
Edition p ...)
NOT-FOR-US: Oracle
CVE-2024-21138 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- {DSA-5736-1}
+ {DSA-5738-1 DSA-5736-1}
- openjdk-8 8u422-b05-1
- openjdk-11 11.0.24+8-1
- openjdk-17 17.0.12+7-1
@@ -4311,7 +4486,7 @@ CVE-2024-21133 (Vulnerability in the Oracle Reports
Developer product of Oracle
CVE-2024-21132 (Vulnerability in the Oracle Purchasing product of Oracle
E-Business Su ...)
NOT-FOR-US: Oracle
CVE-2024-21131 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- {DSA-5736-1}
+ {DSA-5738-1 DSA-5736-1}
- openjdk-8 8u422-b05-1
- openjdk-11 11.0.24+8-1
- openjdk-17 17.0.12+7-1
@@ -104179,8 +104354,8 @@ CVE-2023-1614 (The WP Custom Author URL WordPress
plugin before 1.0.5 does not s
NOT-FOR-US: WordPress plugin
CVE-2023-28807 (In Zscaler Internet Access (ZIA) a mismatch between Connect
Host and C ...)
NOT-FOR-US: Zscaler
-CVE-2023-28806
- RESERVED
+CVE-2023-28806 (An Improper Validation of signature in Zscaler Client
Connector on Win ...)
+ TODO: check
CVE-2023-28805 (An Improper Input Validation vulnerability in Zscaler Client
Connector ...)
NOT-FOR-US: Zscaler Client Connector
CVE-2023-28804 (An Improper Verification of Cryptographic Signature
vulnerability in Z ...)
@@ -120771,7 +120946,8 @@ CVE-2023-0255 (The Enable Media Replace WordPress
plugin before 4.0.2 does not p
NOT-FOR-US: WordPress plugin
CVE-2023-0254 (The Simple Membership WP user Import plugin for WordPress is
vulnerabl ...)
NOT-FOR-US: Simple Membership WP user Import plugin for WordPress
-CVE-2023-0253 (The Real Media Library: Media Library Folder & File Manager
plugin for ...)
+CVE-2023-0253
+ REJECTED
NOT-FOR-US: Real Media Library: Media Library Folder & File Manager
plugin for WordPress
CVE-2023-0252 (The Contextual Related Posts WordPress plugin before 3.3.1 does
not va ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f886e552af9c78963653464a1e3096e61703a949
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f886e552af9c78963653464a1e3096e61703a949
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
