Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
82d69d44 by Salvatore Bonaccorso at 2024-10-01T22:21:23+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
CVE-2024-9411 (A vulnerability classified as problematic has been found in
OFCMS 1.1. ...)
- TODO: check
+ NOT-FOR-US: OFCMS
CVE-2024-9405 (An incorrect limitation of a path to a restricted directory
(path trav ...)
- TODO: check
+ NOT-FOR-US: Pluck CMS
CVE-2024-9341 (A flaw was found in Go. When FIPS mode is enabled on a system,
contain ...)
TODO: check
CVE-2024-9289 (The WordPress & WooCommerce Affiliate Program plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9265 (The Echo RSS Feed Post Generator plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9241 (The PDF Image Generator plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9228 (The Loggedin \u2013 Limit Active Logins plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9224 (The Hello World plugin for WordPress is vulnerable to Arbitrary
File R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9220 (The LH Copy Media File plugin for WordPress is vulnerable to
Reflected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9209 (The WP Search Analytics plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9118 (The QS Dark Mode Plugin plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9060 (The AVIF & SVG Uploader plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9018 (The WP Easy Gallery \u2013 WordPress Gallery Plugin plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8799 (The Custom Banners plugin for WordPress is vulnerable to
Reflected Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8793 (The Store Exporter for WooCommerce \u2013 Export Products,
Export Orde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8786 (The Auto Featured Image from Title plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8430 (The Spice Starter Sites plugin for WordPress is vulnerable to
unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8324 (The XO Slider plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8288 (The Guten Post Layout \u2013 An Advanced Post Grid Collection
for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47608 (Logicytics is designed to harvest and collect data for
forensic analys ...)
TODO: check
CVE-2024-47604 (NuGet Gallery is a package repository that powers nuget.org.
The NuGet ...)
@@ -61,41 +61,41 @@ CVE-2024-46259 (cute_png v1.05 was discovered to contain a
heap buffer overflow
CVE-2024-46258 (cute_png v1.05 was discovered to contain a heap buffer
overflow via th ...)
TODO: check
CVE-2024-46083 (Scriptcase v9.10.023 and before is vulnerable to Cross Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: Scriptcase
CVE-2024-46081 (Scriptcase v9.10.023 and before is vulnerable to Cross Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: Scriptcase
CVE-2024-46079 (Scriptcase v9.10.023 and before is vulnerable to Cross Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: Scriptcase
CVE-2024-45999 (A SQL Injection vulnerability was discovered in Cloudlog
2.6.15, speci ...)
TODO: check
CVE-2024-45967 (Pagekit 1.0.18 is vulnerable to Cross Site Scripting (XSS) in
index.ph ...)
TODO: check
CVE-2024-45408 (eLabFTW is an open source electronic lab notebook for research
labs. A ...)
- TODO: check
+ NOT-FOR-US: eLabFTW
CVE-2024-44744 (An issue in Malwarebytes Premium Security v5.0.0.883 allows
attackers ...)
- TODO: check
+ NOT-FOR-US: Malwarebytes Premium Security
CVE-2024-44610 (PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet
Gateway before ...)
- TODO: check
+ NOT-FOR-US: PCAN-Ethernet Gateway FD
CVE-2024-42514 (A vulnerability in the legacy chat component of Mitel
MiContact Center ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-41673 (Decidim is a participatory democracy framework. The version
control fe ...)
TODO: check
CVE-2024-41276 (A vulnerability in Kaiten version 57.131.12 and earlier allows
attacke ...)
TODO: check
CVE-2024-31835 (Cross Site Scripting vulnerability in flatpress CMS Flatpress
v1.3 all ...)
- TODO: check
+ NOT-FOR-US: Flatpress
CVE-2024-30132 (HCL Nomad server on Domino did not configure certain HTTP
Security hea ...)
TODO: check
CVE-2024-25661 (In Infinera TNMS (Transcend Network Management System)
19.10.3, cleart ...)
- TODO: check
+ NOT-FOR-US: Infinera TNMS (Transcend Network Management System)
CVE-2024-25660 (The WebDAV service in Infinera TNMS (Transcend Network
Management Syst ...)
- TODO: check
+ NOT-FOR-US: Infinera TNMS (Transcend Network Management System)
CVE-2024-25659 (In Infinera TNMS (Transcend Network Management System)
19.10.3, an ins ...)
- TODO: check
+ NOT-FOR-US: Infinera TNMS (Transcend Network Management System)
CVE-2024-25658 (Cleartext storage of passwords in Infinera TNMS (Transcend
Network Man ...)
- TODO: check
+ NOT-FOR-US: Infinera TNMS (Transcend Network Management System)
CVE-2024-25632 (eLabFTW is an open source electronic lab notebook for research
labs. I ...)
- TODO: check
+ NOT-FOR-US: eLabFTW
CVE-2023-7273 (Cross site request forgery in Kiteworks OwnCloud allows an
unauthentic ...)
TODO: check
CVE-2023-3441 (An issue has been discovered in GitLab EE/CE affecting all
versions st ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82d69d444e500c8aa2010a6dbec2a01b21f3c471
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82d69d444e500c8aa2010a6dbec2a01b21f3c471
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
