[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 25 08:17:13 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d191669a by Salvatore Bonaccorso at 2024-04-25T09:16:38+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -86,127 +86,127 @@ CVE-2024-3261 (The Strong Testimonials WordPress plugin before 3.1.12 does not v
CVE-2024-33531 (cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsi ...)
TODO: check
CVE-2024-32958 (Cross-Site Request Forgery (CSRF) vulnerability in Giorgos Sarigiannid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32956 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32955 (Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32954 (Unrestricted Upload of File with Dangerous Type vulnerability in Tribu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32953 (Insertion of Sensitive Information into Log File vulnerability in News ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32952 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32951 (Missing Authorization vulnerability in BloomPixel Max Addons Pro for B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32950 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32948 (Missing Authorization vulnerability in Repute Infosystems ARMember.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32947 (Cross-Site Request Forgery (CSRF) vulnerability in AlumniOnline Web Se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32879 (Python Social Auth is a social authentication/registration mechanism. ...)
TODO: check
CVE-2024-32876 (NewPipe is an Android app for video streaming written in Java. It supp ...)
- TODO: check
+ NOT-FOR-US: NewPipe Android app
CVE-2024-32875 (Hugo is a static site generator. Starting in version 0.123.0 and prior ...)
TODO: check
CVE-2024-32872 (Umbraco workflow provides workflows for the Umbraco content management ...)
- TODO: check
+ NOT-FOR-US: Umbraco
CVE-2024-32869 (Hono is a Web application framework that provides support for any Java ...)
- TODO: check
+ NOT-FOR-US: Hono
CVE-2024-32866 (Conform, a type-safe form validation library, allows the parsing of ne ...)
TODO: check
CVE-2024-32836 (Unrestricted Upload of File with Dangerous Type vulnerability in WP La ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32835 (Deserialization of Untrusted Data vulnerability in WebToffee Import Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32834 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32833 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32825 (Insertion of Sensitive Information into Log File vulnerability in Patr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32823 (Authorization Bypass Through User-Controlled Key vulnerability in Feed ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32819 (Server-Side Request Forgery (SSRF) vulnerability in Culqi.This issue a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32817 (Deserialization of Untrusted Data vulnerability in Import and export u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32816 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32815 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32812 (Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32808 (Authorization Bypass Through User-Controlled Key vulnerability in Meta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32806 (Cross-Site Request Forgery (CSRF) vulnerability in CoSchedule Headline ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32803 (Server-Side Request Forgery (SSRF) vulnerability in 2day.Sk, Webikon S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32801 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32796 (Insertion of Sensitive Information into Log File vulnerability in Very ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32795 (Cross-Site Request Forgery (CSRF) vulnerability in Revmakx WPCal.Io \u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32794 (Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32793 (Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32791 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32789 (Cross-Site Request Forgery (CSRF) vulnerability in Seers allows Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32788 (Insertion of Sensitive Information into Log File vulnerability in Fr\x ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32785 (Cross-Site Request Forgery (CSRF) vulnerability in Webangon The Pack E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32782 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32781 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32780 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32775 (Server-Side Request Forgery (SSRF) vulnerability in Pavex Embed Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32773 (Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Royal Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32772 (Authorization Bypass Through User-Controlled Key vulnerability in Meta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32728 (Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Mem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32726 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32723 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32722 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32721 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32718 (Server-Side Request Forgery (SSRF) vulnerability in Webangon The Pack ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32716 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32711 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32710 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32709 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32707 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32706 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32702 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32699 (Cross-Site Request Forgery (CSRF) vulnerability in YITH YITH WooCommer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32678 (Missing Authorization vulnerability in TrackShip TrackShip for WooComm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32677 (Missing Authorization vulnerability in LoginPress LoginPress Pro.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32675 (Missing Authorization vulnerability in Xfinity Soft Order Limit for Wo ...)
TODO: check
CVE-2024-32662 (FreeRDP is a free implementation of the Remote Desktop Protocol. FreeR ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d191669aa6800022fcd1f757e49a8787082e5ce9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d191669aa6800022fcd1f757e49a8787082e5ce9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240425/d9df177b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list