[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 12 21:24:07 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8cdf05aa by Salvatore Bonaccorso at 2024-04-12T22:23:37+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,157 +1,157 @@
CVE-2024-3707 (Information exposure vulnerability in OpenGnsys affecting version 1.1. ...)
- TODO: check
+ NOT-FOR-US: OpenGnsys
CVE-2024-3706 (Information exposure vulnerability in OpenGnsys affecting version 1.1. ...)
- TODO: check
+ NOT-FOR-US: OpenGnsys
CVE-2024-3705 (Unrestricted file upload vulnerability in OpenGnsys affecting version ...)
- TODO: check
+ NOT-FOR-US: OpenGnsys
CVE-2024-3704 (SQL Injection Vulnerability has been found on OpenGnsys product affect ...)
- TODO: check
+ NOT-FOR-US: OpenGnsys
CVE-2024-3698 (A vulnerability was found in Campcodes House Rental Management System ...)
- TODO: check
+ NOT-FOR-US: Campcodes House Rental Management System
CVE-2024-3697 (A vulnerability was found in Campcodes House Rental Management System ...)
- TODO: check
+ NOT-FOR-US: Campcodes House Rental Management System
CVE-2024-3696 (A vulnerability was found in Campcodes House Rental Management System ...)
- TODO: check
+ NOT-FOR-US: Campcodes House Rental Management System
CVE-2024-3695 (A vulnerability has been found in SourceCodester Computer Laboratory M ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Computer Laboratory Management System
CVE-2024-3691 (A vulnerability, which was classified as critical, has been found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Small CRM
CVE-2024-3690 (A vulnerability classified as critical was found in PHPGurukul Small C ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Small CRM
CVE-2024-3689 (A vulnerability classified as problematic has been found in Zhejiang L ...)
- TODO: check
+ NOT-FOR-US: Zhejiang Land Zongheng Network Technology O2OA
CVE-2024-3688 (A vulnerability was found in Xiamen Four-Faith RMP Router Management P ...)
- TODO: check
+ NOT-FOR-US: Xiamen Four-Faith RMP Router Management Platform
CVE-2024-3687 (A vulnerability was found in bihell Dice 3.1.0 and classified as probl ...)
- TODO: check
+ NOT-FOR-US: bihell Dice
CVE-2024-3686 (A vulnerability has been found in DedeCMS 5.7.112-UTF8 and classified ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3685 (A vulnerability, which was classified as critical, was found in DedeCM ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-3211 (The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3054 (WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32000 (matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging ...)
TODO: check
CVE-2024-31839 (Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allo ...)
- TODO: check
+ NOT-FOR-US: tiagorlampert CHAOS
CVE-2024-31818 (Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote at ...)
- TODO: check
+ NOT-FOR-US: DerbyNet
CVE-2024-31372 (Cross-Site Request Forgery (CSRF) vulnerability in Arnan de Gans No-Bo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31371 (Cross-Site Request Forgery (CSRF) vulnerability in Xylus Themes WP Eve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31364 (Cross-Site Request Forgery (CSRF) vulnerability in ELEXtensions ELEX W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31363 (Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31362 (Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31360 (Cross-Site Request Forgery (CSRF) vulnerability in Coded Commerce, LLC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31354 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31305 (Cross-Site Request Forgery (CSRF) vulnerability in rtCamp Transcoder.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31303 (Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31301 (Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31293 (Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downlo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31289 (Cross-Site Request Forgery (CSRF) vulnerability in Elementor Hello Ele ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31279 (Cross-Site Request Forgery (CSRF) vulnerability in Catch Plugins Gener ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31272 (Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31271 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Ultimate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31269 (Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Goog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31268 (Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team App ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31265 (Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31264 (Unauthenticated Cross Site Request Forgery (CSRF) in Post Views Counte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31263 (Cross-Site Request Forgery (CSRF) vulnerability in aerin Loan Repaymen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31262 (Cross-Site Request Forgery (CSRF) vulnerability in Jcodex WooCommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31251 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31250 (Cross-Site Request Forgery (CSRF) vulnerability in Saumya Majumder WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31239 (Cross-Site Request Forgery (CSRF) vulnerability in Nudgify Nudgify Soc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31238 (Cross-Site Request Forgery (CSRF) vulnerability in Zaytech Smart Onlin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31235 (Cross-Site Request Forgery (CSRF) vulnerability in WebToffee WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31069 (IO-1020 Micro ELD web server uses a default password for authenticatio ...)
- TODO: check
+ NOT-FOR-US: IO-1020 Micro ELD web server
CVE-2024-30845 (Cross Site Scripting vulnerability in Rainbow external link network di ...)
- TODO: check
+ NOT-FOR-US: Rainbow external link network disk
CVE-2024-30410 (An Incorrect Behavior Order in the routing engine (RE) of Juniper Netw ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30409 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30407 (The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Net ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30406 (A Cleartext Storage in a File on Disk vulnerability in Juniper Network ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30405 (An Incorrect Calculation of Buffer Size vulnerability in Juniper Netwo ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30403 (A NULL Pointer Dereference vulnerability in the Packet Forwarding Engi ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30402 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30401 (An Out-of-bounds Read vulnerability in the advanced forwarding managem ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30398 (An Improper Restriction of Operations within the Bounds of a Memory Bu ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30397 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30395 (AnImproper Validation of Specified Type of Input vulnerability in Rout ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30394 (AStack-based Buffer Overflow vulnerability in the Routing Protocol Dae ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30392 (A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30391 (A Missing Authentication for Critical Function vulnerability in the Pa ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30390 (An Improper Restriction of Excessive Authentication Attempts vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30389 (An Incorrect Behavior Order vulnerability in the Packet Forwarding Eng ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30388 (An Improper Isolation or Compartmentalization vulnerability in the Pac ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30387 (AMissing Synchronization vulnerability in the Packet Forwarding Engine ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30386 (A Use-After-Free vulnerability in theLayer 2 Address Learning Daemon ( ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30384 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30382 (An Improper Handling of Exceptional Conditions vulnerability in the ro ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30381 (An Exposure of Sensitive Information to an Unauthorized Actor vulnerab ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-30210 (IO-1020 Micro ELD uses a default WIFI password that could allow an adj ...)
- TODO: check
+ NOT-FOR-US: IO-1020 Micro ELD
CVE-2024-2397 (Due to a bug in packet data buffers management, the PPP printer in tcp ...)
TODO: check
CVE-2024-29461 (An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a remote a ...)
- TODO: check
+ NOT-FOR-US: Floodlight
CVE-2024-28878 (IO-1020 Micro ELD downloads source code or an executable from an adja ...)
- TODO: check
+ NOT-FOR-US: IO-1020 Micro ELD
CVE-2024-28718 (An issue in OpenStack magnum yoga-eom version allows a remote attacker ...)
TODO: check
CVE-2024-27261 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could al ...)
NOT-FOR-US: IBM
CVE-2024-25545 (An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to e ...)
- TODO: check
+ NOT-FOR-US: Weave Weave Desktop
CVE-2024-22359 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...)
NOT-FOR-US: IBM
CVE-2024-22358 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...)
@@ -161,31 +161,31 @@ CVE-2024-22339 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1
CVE-2024-22334 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, ...)
NOT-FOR-US: IBM
CVE-2024-21618 (An Access of Memory Location After End of Buffer vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21615 (An Incorrect Default Permissions vulnerability in Juniper Networks Jun ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21610 (An Improper Handling of Exceptional Conditions vulnerability in the Cl ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21609 (A Missing Release of Memory after Effective Lifetime vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21605 (An Exposure of Resource to Wrong Sphere vulnerability in the Packet Fo ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21598 (An Improper Validation of Syntactic Correctness of Input vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21593 (An Improper Check or Handling of Exceptional Conditions vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-21590 (An Improper Input Validation vulnerability in Juniper Tunnel Driver (j ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-0157 (Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-52211 (Missing Authorization vulnerability in Automattic WP Job Manager.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51515 (Missing Authorization vulnerability in Undsgn Uncode Core allows Privi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51499 (Missing Authorization vulnerability in WooCommerce WooCommerce Shippin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51409 (Unrestricted Upload of File with Dangerous Type vulnerability in Jordy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47714 (IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1 ...)
NOT-FOR-US: IBM
CVE-2024-31391 (Insertion of Sensitive Information into Log File vulnerability in the ...)
@@ -115001,7 +115001,7 @@ CVE-2022-40215 (Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnera
CVE-2022-40213 (Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40211 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-40206 (Insecure direct object references (IDOR) vulnerability in the wpForo F ...)
NOT-FOR-US: WordPress plugin
CVE-2022-40205 (Insecure direct object references (IDOR) vulnerability in the wpForo F ...)
@@ -303853,7 +303853,7 @@ CVE-2020-8008
CVE-2020-8007
RESERVED
CVE-2020-8006 (The server in Circontrol Raption through 5.11.2 has a pre-authenticati ...)
- TODO: check
+ NOT-FOR-US: Circontrol Raption
CVE-2020-8005
RESERVED
CVE-2020-8004 (STMicroelectronics STM32F1 devices have Incorrect Access Control.)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdf05aad806559606831b45d178a10aa35ca409
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8cdf05aad806559606831b45d178a10aa35ca409
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240412/f76214b9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list