Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
04238176 by Moritz Mühlenhoff at 2024-10-17T11:20:44+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
CVE-2024-9951 (The WP Photo Album Plus plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9940 (The Calculated Fields Form plugin for WordPress is vulnerable
to HTML ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9863 (The UserPro plugin for WordPress is vulnerable to privilege
escalation ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9862 (The Miniorange OTP Verification with Firebase plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9861 (The Miniorange OTP Verification with Firebase plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9352 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom
Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9351 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom
Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9347 (The The Ultimate WordPress Toolkit \u2013 WP Extended plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9263 (The WP Timetics- AI-powered Appointment Booking Calendar and
Online Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9240 (The ReDi Restaurant Reservation plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9215 (The Co-Authors, Multiple Authors and Guest Authors in an Author
Box wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9213 (The \u0627\u0641\u0632\u0648\u0646\u0647
\u067e\u06cc\u0627\u0645\u06a ...)
TODO: check
CVE-2024-8719 (The Flexmls\xae IDX Plugin plugin for WordPress is vulnerable
to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7994 (A maliciously crafted RFA file, when parsed through Autodesk
Revit, ca ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-7993 (A maliciously crafted PDF file, when parsed through Autodesk
Revit, ca ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-7417 (The Royal Elementor Addons and Templates plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5429 (The Logo Slider WordPress plugin before 4.1.0 does not
validate and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49593 (In Advanced Custom Fields (ACF) before 6.3.9 and Secure Custom
Fields ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-48918 (RDS Light is a simplified version of the Reflective Dialogue
System (R ...)
TODO: check
CVE-2024-48758 (dingfanzu CMS V1.0 was discovered to contain a Cross-Site
Request Forg ...)
- TODO: check
+ NOT-FOR-US: dingfanzu CMS
CVE-2024-48180 (ClassCMS <=4.8 is vulnerable to file inclusion in the nowView
method i ...)
- TODO: check
+ NOT-FOR-US: ClassCMS
CVE-2024-47889 (Action Mailer is a framework for designing email service
layers. Start ...)
TODO: check
CVE-2024-47888 (Action Text brings rich text content and editing to Rails.
Starting in ...)
@@ -47,15 +47,15 @@ CVE-2024-47888 (Action Text brings rich text content and
editing to Rails. Start
CVE-2024-47887 (Action Pack is a framework for handling and responding to web
requests ...)
TODO: check
CVE-2024-46213 (REDAXO CMS v2.11.0 was discovered to contain a remote code
execution ( ...)
- TODO: check
+ NOT-FOR-US: REDAXO CMS
CVE-2024-46212 (An issue in the component /index.php?page=backup/export of
REDAXO CMS ...)
- TODO: check
+ NOT-FOR-US: REDAXO CMS
CVE-2024-45767 (Dell OpenManage Enterprise, version(s) OME 4.1 and prior,
contain(s) a ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-45766 (Dell OpenManage Enterprise, version(s) OME 4.1 and prior,
contain(s) a ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-44762 (A discrepancy in error messages for invalid login attempts in
Webmin U ...)
- TODO: check
+ - webmin <removed>
CVE-2024-3187 (This issue tracks two CWE-416 Use After Free (UAF) and one
CWE-415 Dou ...)
TODO: check
CVE-2024-3186 (CWE-476 NULL Pointer Dereference vulnerability in the
evalExpr() funct ...)
@@ -956,7 +956,7 @@ CVE-2024-41997 (An issue was discovered in version of Warp
Terminal prior to 202
CVE-2024-40616
REJECTED
CVE-2023-50780 (Apache ActiveMQ Artemis allows access to diagnostic
information and co ...)
- TODO: check
+ NOT-FOR-US: Apache ActiveMQ Artemis
CVE-2023-48082 (Nagios XI before 5.11.3 2024R1 was discovered to improperly
handle API ...)
NOT-FOR-US: Nagios XI
CVE-2023-45817
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/042381767611f1e463bdd4fd55ac4806fc3d73e2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/042381767611f1e463bdd4fd55ac4806fc3d73e2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
