Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce335990 by Moritz Muehlenhoff at 2024-08-20T23:24:31+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,159 +1,159 @@
CVE-2024-8005 (A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has
been clas ...)
- TODO: check
+ NOT-FOR-US: demozx gf_cms
CVE-2024-8003 (A vulnerability was found in Go-Tribe gotribe-admin 1.0 and
classified ...)
- TODO: check
+ NOT-FOR-US: gotribe-admin
CVE-2024-7711 (An Incorrect Authorization vulnerability was identified in
GitHub Ente ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-7054 (The Popup Maker \u2013 Boost Sales, Conversions, Optins,
Subscribers w ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6918 (CWE-120: Buffer Copy without Checking Size of Input ('Classic
Buffer O ...)
- TODO: check
+ NOT-FOR-US: Schneider
CVE-2024-6800 (An XML signature wrapping vulnerability was present in GitHub
Enterpri ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-6379 (An URL redirection to untrusted site (open redirect)
vulnerability aff ...)
- TODO: check
+ NOT-FOR-US: 3DSwymer
CVE-2024-6378 (A reflected Cross-site Scripting (XSS) vulnerability affecting
ENOVIA ...)
- TODO: check
+ NOT-FOR-US: ENOVIA
CVE-2024-6377 (A reflected Cross-site Scripting (XSS) vulnerability affecting
3DSwyme ...)
TODO: check
CVE-2024-6337 (An Incorrect Authorization vulnerability was identified in
GitHub Ente ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-6322 (Access control for plugin data sources protected by the
ReqActions jso ...)
TODO: check
CVE-2024-43409 (Ghost is a Node.js content management system. Improper
authentication ...)
- TODO: check
+ NOT-FOR-US: Ghost
CVE-2024-43408 (Discourse Placeholder Forms will let you build dynamic
documentation. ...)
- TODO: check
+ NOT-FOR-US: Discourse Placeholder Forms
CVE-2024-43406 (LF Edge eKuiper is a lightweight IoT data analytics and stream
process ...)
- TODO: check
+ NOT-FOR-US: LF Edge eKuiper
CVE-2024-43404 (MEGABOT is a fully customized Discord bot for learning and
fun. The `/ ...)
- TODO: check
+ NOT-FOR-US: MEGABOT
CVE-2024-43397 (Apollo is a configuration management system. A vulnerability
exists in ...)
- TODO: check
+ NOT-FOR-US: Apollo
CVE-2024-43377 (Umbraco CMS is an ASP.NET CMS. An authenticated user can
access a few ...)
- TODO: check
+ NOT-FOR-US: Umbraco
CVE-2024-43376 (Umbraco is an ASP.NET CMS. Some endpoints in the Management
API can re ...)
- TODO: check
+ NOT-FOR-US: Umbraco
CVE-2024-42919 (eScan Management Console 14.0.1400.2281 is vulnerable to
Incorrect Acc ...)
- TODO: check
+ NOT-FOR-US: eScan Management Console
CVE-2024-42662 (An issue in apollocongif apollo v.2.2.0 allows a remote
attacker to ob ...)
TODO: check
CVE-2024-42621 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42619 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42618 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42617 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42616 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42613 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42612 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42611 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42610 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42609 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42608 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42607 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42606 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42605 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42604 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42603 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42598 (SeaCMS 13.0 has a remote code execution vulnerability. The
reason for ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-42586 (A Cross-Site Request Forgery (CSRF) in the component
categorie.php of ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42585 (A Cross-Site Request Forgery (CSRF) in the component
delete_media.php ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42584 (A Cross-Site Request Forgery (CSRF) in the component
delete_product.ph ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42583 (A Cross-Site Request Forgery (CSRF) in the component
delete_user.php o ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42582 (A Cross-Site Request Forgery (CSRF) in the component
delete_categorie. ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42581 (A Cross-Site Request Forgery (CSRF) in the component
delete_group.php ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42580 (A Cross-Site Request Forgery (CSRF) in the component
edit_group.php of ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42579 (A Cross-Site Request Forgery (CSRF) in the component
add_group.php of ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42578 (A Cross-Site Request Forgery (CSRF) in the component
edit_product.php ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42577 (A Cross-Site Request Forgery (CSRF) in the component
add_product.php o ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42576 (A Cross-Site Request Forgery (CSRF) in the component
edit_categorie.ph ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42575 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42574 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42573 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42572 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42571 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42570 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42569 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42568 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42567 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42566 (School Management System commit bae5aa was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42565 (ERP commit 44bd04 was discovered to contain a SQL injection
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: jerryhanjj ERP
CVE-2024-42564 (ERP commit 44bd04 was discovered to contain a SQL injection
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: jerryhanjj ERP
CVE-2024-42563 (An arbitrary file upload vulnerability in ERP commit 44bd04
allows att ...)
- TODO: check
+ NOT-FOR-US: jerryhanjj ERP
CVE-2024-42562 (Pharmacy Management System commit a2efc8 was discovered to
contain a S ...)
- TODO: check
+ NOT-FOR-US: Pharmacy Management System
CVE-2024-42561 (Pharmacy Management System commit a2efc8 was discovered to
contain a S ...)
- TODO: check
+ NOT-FOR-US: Pharmacy Management System
CVE-2024-42560 (A cross-site scripting (XSS) vulnerability in the component
update_pag ...)
- TODO: check
+ NOT-FOR-US: Blood Bank And Donation Management System
CVE-2024-42559 (An issue in the login component (process_login.php) of Hotel
Managemen ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42558 (Hotel Management System commit 91caab8 was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42557 (A Cross-Site Request Forgery (CSRF) in the component
admin_modify_room ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42556 (Hotel Management System commit 91caab8 was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42555 (A Cross-Site Request Forgery (CSRF) in the component
admin_room_remove ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42554 (Hotel Management System commit 91caab8 was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42553 (A Cross-Site Request Forgery (CSRF) in the component
admin_room_added. ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42552 (Hotel Management System commit 91caab8 was discovered to
contain a SQL ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42369 (matrix-js-sdk is a Matrix messaging protocol Client-Server SDK
for Jav ...)
- TODO: check
+ NOT-FOR-US: matrix-js-sdk
CVE-2024-42336 (Servision - CWE-287: Improper Authentication)
- TODO: check
+ NOT-FOR-US: Servision
CVE-2024-42335 (7Twenty - CWE-79: Improper Neutralization of Input During Web
Page Gen ...)
TODO: check
CVE-2024-42334 (Hargal - CWE-284: Improper Access Control)
TODO: check
CVE-2024-42006 (Keyfactor AWS Orchestrator through 2.0 allows Information
Disclosure.)
- TODO: check
+ NOT-FOR-US: Keyfactor AWS Orchestrator
CVE-2024-41773 (IBM Global Configuration Management 7.0.2 and 7.0.3 could
allow an aut ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-41700 (Barix \u2013 CWE-200 Exposure of Sensitive Information to an
Unauthori ...)
TODO: check
CVE-2024-41699 (Priority \u2013 CWE-552: Files or Directories Accessible to
External P ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce33599062fc8551df432e06d943d3cc2d4a3844
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce33599062fc8551df432e06d943d3cc2d4a3844
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
