[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Apr 15 09:46:01 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6dfa6504 by Salvatore Bonaccorso at 2024-04-15T10:45:36+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
CVE-2024-3778 (The file upload functionality of Ai3 QbiBot does not properly restrict ...)
- TODO: check
+ NOT-FOR-US: Ai3 QbiBot
CVE-2024-3777 (The password reset feature of Ai3 QbiBot lacks proper access control, ...)
- TODO: check
+ NOT-FOR-US: Ai3 QbiBot
CVE-2024-3776 (The parameter used in the login page of Netvision airPASS is not prope ...)
- TODO: check
+ NOT-FOR-US: Netvision airPASS
CVE-2024-3775 (aEnrich Technology a+HRD's functionality for downloading files using y ...)
- TODO: check
+ NOT-FOR-US: aEnrich Technology
CVE-2024-3774 (aEnrich Technology a+HRD's functionality for front-end retrieval of sy ...)
- TODO: check
+ NOT-FOR-US: aEnrich Technology
CVE-2024-3772 (Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 all ...)
TODO: check
CVE-2024-3771 (A vulnerability was found in PHPGurukul Student Record System 3.20 and ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Student Record System
CVE-2024-3770 (A vulnerability has been found in PHPGurukul Student Record System 3.2 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Student Record System
CVE-2024-3769 (A vulnerability, which was classified as critical, was found in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Student Record System
CVE-2024-3768 (A vulnerability, which was classified as critical, has been found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul News Portal
CVE-2024-3767 (A vulnerability classified as critical was found in PHPGurukul News Po ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul News Portal
CVE-2024-3766 (A vulnerability, which was classified as problematic, has been found i ...)
TODO: check
CVE-2024-3765 (A vulnerability classified as critical was found in Xiongmai AHB7804R- ...)
- TODO: check
+ NOT-FOR-US: Xiongmai
CVE-2024-3764 (A vulnerability classified as problematic has been found in Tuya Camer ...)
TODO: check
CVE-2024-3763 (A vulnerability was found in Emlog Pro 2.2.10. It has been rated as pr ...)
@@ -33,85 +33,85 @@ CVE-2024-3762 (A vulnerability was found in Emlog Pro 2.2.10. It has been declar
CVE-2024-3701 (The system application (com.transsion.kolun.aiservice) component does ...)
TODO: check
CVE-2024-3505 (JFrog Artifactory Self-Hosted versions below 7.77.3, are vulnerable to ...)
- TODO: check
+ NOT-FOR-US: JFrog Artifactory Self-Hosted
CVE-2024-32489 (TCPDF before 6.7.4 mishandles calls that use HTML syntax.)
TODO: check
CVE-2024-32488 (In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalati ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2024-32454 (Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appoi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32453 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32452 (Cross-Site Request Forgery (CSRF) vulnerability in WP EasyCart.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32451 (Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32450 (Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team WpT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32449 (Cross-Site Request Forgery (CSRF) vulnerability in MagniGenie RestroPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32448 (Cross-Site Request Forgery (CSRF) vulnerability in VideoYield.Com Ads. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32447 (Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Tea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32446 (Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet Sy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32445 (Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder Team We ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32443 (Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Downloa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32442 (Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32441 (Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32440 (Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32439 (Cross-Site Request Forgery (CSRF) vulnerability in SwitchWP WP Client ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32438 (Cross-Site Request Forgery (CSRF) vulnerability in cleverplugins.Com S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32431 (Deserialization of Untrusted Data vulnerability in WP All Import Impor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32430 (Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32429 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32428 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32149 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32147 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32145 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32140 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32139 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32138 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32137 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32136 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32135 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32134 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32133 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32132 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32128 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32127 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32125 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32098 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32087 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32082 (Cross-Site Request Forgery (CSRF) vulnerability in kp4coder Sync Post ...)
TODO: check
CVE-2024-32079 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6dfa65048f178ab96604cc7131d19f6d2ebb6aa5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6dfa65048f178ab96604cc7131d19f6d2ebb6aa5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240415/ca72748e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list