Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1068f1aa by Salvatore Bonaccorso at 2025-01-01T09:59:00+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,155 +1,155 @@
CVE-2024-56803 (Ghostty is a cross-platform terminal emulator. Ghostty, as
allowed by ...)
- ghostty <itp> (bug #1091469)
CVE-2024-56802 (Tapir is a private Terraform registry. Tapir versions 0.9.0
and 0.9.1 ...)
- TODO: check
+ NOT-FOR-US: Tapir
CVE-2024-56265 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56256 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56235 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56234 (Missing Authorization vulnerability in VW THEMES VW Automobile
Lite al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56233 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56232 (Cross-Site Request Forgery (CSRF) vulnerability in Alexander
Volkov WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56231 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56230 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56229 (Cross-Site Request Forgery (CSRF) vulnerability in Searchiq
SearchIQ.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56228 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56227 (Missing Authorization vulnerability in WP Royal Royal
Elementor Addons ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56226 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56225 (Missing Authorization vulnerability in Leap13 Premium Addons
for Eleme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56224 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56223 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56222 (Cross-Site Request Forgery (CSRF) vulnerability in Codebard
CodeBard H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56221 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56220 (Incorrect Privilege Assignment vulnerability in SSL Wireless
SSL Wirel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56219 (Missing Authorization vulnerability in MarketingFire Widget
Options al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56218 (Cross-Site Request Forgery (CSRF) vulnerability in AuRise
Creative, Se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56217 (Missing Authorization vulnerability in W3 Eden, Inc. Download
Manager ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56216 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56215 (Missing Authorization vulnerability in Stephen Sherrard Member
Directo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56214 (Path Traversal: '.../...//' vulnerability in DeluxeThemes
Userpro allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56213 (Path Traversal: '.../...//' vulnerability in Themewinter
Eventin allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56212 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56211 (Missing Authorization vulnerability in DeluxeThemes
Userpro.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56210 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56209 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56207 (Cross-Site Request Forgery (CSRF) vulnerability in
EditionGuard Dev Te ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56206 (Cross-Site Request Forgery (CSRF) vulnerability in Amarjeet
Amar allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56205 (Incorrect Privilege Assignment vulnerability in AI Magic
allows Privil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56204 (Cross-Site Request Forgery (CSRF) vulnerability in Yonatan
Reinberg of ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56203 (Cross-Site Request Forgery (CSRF) vulnerability in George
Holmes II Wa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56198 (path-sanitizer is a simple lightweight npm package for
sanitizing path ...)
- TODO: check
+ NOT-FOR-US: path-sanitizer Node.js module
CVE-2024-56071 (Incorrect Privilege Assignment vulnerability in Mike
Leembruggen Simpl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56070 (Missing Authorization vulnerability in Azzaroco WP SuperBackup
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56068 (Deserialization of Untrusted Data vulnerability in Azzaroco WP
SuperBa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56067 (Missing Authorization vulnerability in Azzaroco WP SuperBackup
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56066 (Missing Authorization vulnerability in Inspry Agency Toolkit
allows Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56064 (Unrestricted Upload of File with Dangerous Type vulnerability
in Azzar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56063 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56062 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56061 (Missing Authorization vulnerability in Webful Creations
Computer Repai ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56046 (Unrestricted Upload of File with Dangerous Type vulnerability
in VibeT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56045 (Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS
allows P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56044 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56043 (Incorrect Privilege Assignment vulnerability in VibeThemes
WPLMS allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56042 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56041 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56040 (Incorrect Privilege Assignment vulnerability in VibeThemes
VibeBP allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56039 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56031 (Missing Authorization vulnerability in Yulio Aleman Jimenez
Smart Shop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56021 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56020 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56002 (Missing Authorization vulnerability in Porthas Inc. Contact
Form, Surv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-55995 (Missing Authorization vulnerability in Torod Holding LTD Torod
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-55991 (Missing Authorization vulnerability in WP-CRM WP-CRM System
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-55955 (An incorrect permissions assignment vulnerability in Trend
Micro Deep ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-55917 (An origin validation error vulnerability in Trend Micro Apex
One could ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-55632 (A security agent link following vulnerability in Trend Micro
Apex One ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-55631 (An engine link following vulnerability in Trend Micro Apex One
could a ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-53647 (Trend Micro ID Security, version 3.0 and below contains a
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-52050 (A LogServer arbitrary file creation vulnerability in Trend
Micro Apex ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-52049 (A LogServer link following vulnerability in Trend Micro Apex
One could ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-52048 (A LogServer link following vulnerability in Trend Micro Apex
One could ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-52047 (A widget local file inclusion vulnerability in Trend Micro
Apex One co ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-51667 (Missing Authorization vulnerability in David de Boer
Paytium.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49698 (Missing Authorization vulnerability in PriceListo Best
Restaurant Menu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49694 (Missing Authorization vulnerability in imw3 My Wp Brand \u2013
Hide me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49687 (Missing Authorization vulnerability in StoreApps Smart
Manager.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49686 (Missing Authorization vulnerability in Fatcat Apps Landing
Page Cat.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49422 (Protection Mechanism Failure in bootloader prior to SMR
Oct-2024 Relea ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-25133 (A flaw was found in the Hive ClusterDeployments resource in
OpenShift ...)
- TODO: check
+ NOT-FOR-US: OpenShift
CVE-2024-23438
REJECTED
CVE-2024-23437
@@ -305,51 +305,51 @@ CVE-2024-21679
CVE-2024-21675
REJECTED
CVE-2024-13085 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13084 (A vulnerability classified as critical was found in PHPGurukul
Land Re ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13083 (A vulnerability classified as problematic has been found in
PHPGurukul ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13082 (A vulnerability was found in PHPGurukul Land Record System
1.0. It has ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13081 (A vulnerability was found in PHPGurukul Land Record System
1.0. It has ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13080 (A vulnerability was found in PHPGurukul Land Record System
1.0. It has ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13079 (A vulnerability was found in PHPGurukul Land Record System 1.0
and cla ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13078 (A vulnerability has been found in PHPGurukul Land Record
System 1.0 an ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13077 (A vulnerability, which was classified as problematic, was
found in PHP ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13076 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13075 (A vulnerability classified as problematic was found in
PHPGurukul Land ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13074 (A vulnerability classified as problematic has been found in
PHPGurukul ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13072 (A vulnerability was found in 1000 Projects Beauty Parlour
Management S ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Beauty Parlour Management System
CVE-2024-13070 (A vulnerability was found in CodeAstro Online Food Ordering
System 1.0 ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Online Food Ordering System
CVE-2024-13069 (A vulnerability was found in SourceCodester Multi Role Login
System 1. ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Multi Role Login System
CVE-2024-13067 (A vulnerability was found in CodeAstro Online Food Ordering
System 1.0 ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Online Food Ordering System
CVE-2024-13061 (The Electronic Official Document Management System from 2100
Technolog ...)
- TODO: check
+ NOT-FOR-US: Electronic Official Document Management System from 2100
Technology
CVE-2024-12108 (In WhatsUp Gold versions released before 2024.0.2, an attacker
can gai ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-12106 (In WhatsUp Gold versions released before 2024.0.2, an
unauthenticated ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-12105 (In WhatsUp Gold versions released before 2024.0.2, an
authenticated us ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-11846 (The does not sanitise and escape a parameter before
outputting it bac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50850 (Missing Authorization vulnerability in Woo WooCommerce
Subscriptions a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48775 (Missing Authorization vulnerability in Gfazioli WP Cleanfix
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6603 (A flaw was found in FFmpeg's HLS playlist parsing. This
vulnerability ...)
- ffmpeg <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334335
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1068f1aae15984fb959ca419fc5aaa88e2bca463
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1068f1aae15984fb959ca419fc5aaa88e2bca463
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
