Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4ed1968a by Moritz Muehlenhoff at 2024-09-08T19:36:30+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2,39 +2,39 @@ CVE-2024-XXXX [RUSTSEC-2024-0373]
- rust-quinn-proto <not-affected> (Only affects 0.11.x)
NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0373.html
CVE-2024-8572 (A vulnerability was found in Gouniverse GoLang CMS 1.4.0. It
has been ...)
- TODO: check
+ NOT-FOR-US: Gouniverse GoLang CMS
CVE-2024-8571 (A vulnerability was found in erjemin roll_cms up to
1484fe2c4e0805946a ...)
- TODO: check
+ NOT-FOR-US: erjemin roll_cms
CVE-2024-8570 (A vulnerability was found in itsourcecode Tailoring Management
System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-8569 (A vulnerability has been found in code-projects Hospital
Management Sy ...)
- TODO: check
+ NOT-FOR-US: code-projects Hospital Management System
CVE-2024-8568 (A vulnerability, which was classified as critical, was found in
Mini-T ...)
- TODO: check
+ NOT-FOR-US: Mini-Tmall
CVE-2024-8567 (A vulnerability, which was classified as critical, has been
found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Payroll Management System
CVE-2024-8566 (A vulnerability classified as problematic was found in
code-projects O ...)
- TODO: check
+ NOT-FOR-US: Online Shop Store
CVE-2024-8565 (A vulnerability was found in SourceCodesters Clinics Patient
Managemen ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-8564 (A vulnerability was found in SourceCodester PHP CRUD 1.0. It
has been ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-6928 (The Opti Marketing WordPress plugin through 2.0.9 does not
properly sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6925 (The TrueBooker WordPress plugin before 1.0.3 does not have
CSRF check ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6924 (The TrueBooker WordPress plugin before 1.0.3 does not properly
saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6859 (The WP MultiTasking WordPress plugin through 0.1.12 does not
validate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6856 (The WP MultiTasking WordPress plugin through 0.1.12 does not
have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6855 (The WP MultiTasking WordPress plugin through 0.1.12 does not
have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6853 (The WP MultiTasking WordPress plugin through 0.1.12 does not
have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6852 (The WP MultiTasking WordPress plugin through 0.1.12 does not
have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8563 (A vulnerability was found in SourceCodester PHP CRUD 1.0. It
has been ...)
NOT-FOR-US: SourceCodester PHP CRUD
CVE-2024-8562 (A vulnerability was found in SourceCodester PHP CRUD 1.0 and
classifie ...)
@@ -161,7 +161,7 @@ CVE-2024-7493 (The WPCOM Member plugin for WordPress is
vulnerable to privilege
CVE-2024-6445 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
NOT-FOR-US: DataFlowX Technology DataDiodeX
CVE-2024-45758 (H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily
set the JD ...)
- TODO: check
+ NOT-FOR-US: H2O.ai
CVE-2024-45405 (`gix-path` is a crate of the `gitoxide` project (an
implementation of ...)
- rust-gix-path <unfixed>
NOTE: https://github.com/advisories/GHSA-m8rp-vv92-46c7
@@ -357,7 +357,7 @@ CVE-2024-8395 (FlyCASS CASS and KCM systems did not
correctly filter SQL queries
CVE-2024-8363 (The Share This Image plugin for WordPress is vulnerable to
Stored Cros ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7884 (When a canister method is called via ic_cdk::call* , a new
Future Call ...)
- TODO: check
+ NOT-FOR-US: Rust crate ic-cdk
CVE-2024-7605 (The HelloAsso plugin for WordPress is vulnerable to
unauthorized modif ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7591 (Improper Input Validation vulnerability in Progress LoadMaster
allows ...)
@@ -381,7 +381,7 @@ CVE-2024-5309 (The Form Vibes \u2013 Database Manager for
Forms plugin for WordP
CVE-2024-45589 (RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0
imprope ...)
NOT-FOR-US: RapidIdentity
CVE-2024-45401 (stripe-cli is a command-line tool for the payment processor
Stripe. A ...)
- TODO: check
+ NOT-FOR-US: stripe-cli
CVE-2024-45392 (SuiteCRM is an open-source customer relationship management
(CRM) syst ...)
NOT-FOR-US: SuiteCRM
CVE-2024-45178 (An issue was discovered in za-internet C-MOR Video
Surveillance 5.2401 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ed1968a295793145f2c5cde8e9364f9999b1859
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ed1968a295793145f2c5cde8e9364f9999b1859
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
