[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 3 10:38:48 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b887e69a by Salvatore Bonaccorso at 2024-04-03T11:37:16+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -115,41 +115,41 @@ CVE-2024-30336 (Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution V
CVE-2024-30166 (In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ...)
TODO: check
CVE-2024-2879 (The LayerSlider plugin for WordPress is vulnerable to SQL Injection vi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2322 (The WooCommerce Cart Abandonment Recovery WordPress plugin before 1.2. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29734 (Uncontrolled search path element issue exists in SonicDICOM Media View ...)
- TODO: check
+ NOT-FOR-US: SonicDICOM Media Viewer
CVE-2024-29434 (An issue in the system image upload interface of Alldata v0.4.6 allows ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-29432 (Alldata v0.4.6 was discovered to contain a SQL injection vulnerability ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-28836 (An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiati ...)
TODO: check
CVE-2024-28755 (An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL co ...)
TODO: check
CVE-2024-28589 (An issue was discovered in Axigen Mail Server for Windows versions 10. ...)
- TODO: check
+ NOT-FOR-US: Axigen Mail Server for Windows
CVE-2024-28515 (Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx ...)
- TODO: check
+ NOT-FOR-US: CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx
CVE-2024-27605 (Alldata V0.4.6 is vulnerable to Insecure Permissions. Using users (tes ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-27604 (Alldata V0.4.6 is vulnerable to Command execution vulnerability. Syste ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-27602 (Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total of m ...)
- TODO: check
+ NOT-FOR-US: Alldata
CVE-2024-26495 (Cross Site Scripting (XSS) vulnerability in Friendica versions after v ...)
- TODO: check
+ NOT-FOR-US: Friendica
CVE-2024-25864 (Server Side Request Forgery (SSRF) vulnerability in Friendica versions ...)
- TODO: check
+ NOT-FOR-US: Friendica
CVE-2024-25075 (An issue was discovered in Softing uaToolkit Embedded before 1.41.1. W ...)
- TODO: check
+ NOT-FOR-US: Softing uaToolkit Embedded
CVE-2024-24724 (Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSetting ...)
TODO: check
CVE-2024-24506 (Cross Site Scripting (XSS) vulnerability in Lime Survey Community Edit ...)
TODO: check
CVE-2024-1327 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35764 (Insufficient verification of data authenticity issue in Survey Maker p ...)
TODO: check
CVE-2023-34423 (Survey Maker prior to 3.6.4 contains a stored cross-site scripting vul ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b887e69ab96b79d7fcbaaf06c702a196f71ae198
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b887e69ab96b79d7fcbaaf06c702a196f71ae198
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240403/9b06e342/attachment.htm>
More information about the debian-security-tracker-commits
mailing list