[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Aug 20 22:25:26 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ce335990 by Moritz Muehlenhoff at 2024-08-20T23:24:31+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,159 +1,159 @@
CVE-2024-8005 (A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been clas ...)
- TODO: check
+ NOT-FOR-US: demozx gf_cms
CVE-2024-8003 (A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified ...)
- TODO: check
+ NOT-FOR-US: gotribe-admin
CVE-2024-7711 (An Incorrect Authorization vulnerability was identified in GitHub Ente ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-7054 (The Popup Maker \u2013 Boost Sales, Conversions, Optins, Subscribers w ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6918 (CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer O ...)
- TODO: check
+ NOT-FOR-US: Schneider
CVE-2024-6800 (An XML signature wrapping vulnerability was present in GitHub Enterpri ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-6379 (An URL redirection to untrusted site (open redirect) vulnerability aff ...)
- TODO: check
+ NOT-FOR-US: 3DSwymer
CVE-2024-6378 (A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA ...)
- TODO: check
+ NOT-FOR-US: ENOVIA
CVE-2024-6377 (A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwyme ...)
TODO: check
CVE-2024-6337 (An Incorrect Authorization vulnerability was identified in GitHub Ente ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2024-6322 (Access control for plugin data sources protected by the ReqActions jso ...)
TODO: check
CVE-2024-43409 (Ghost is a Node.js content management system. Improper authentication ...)
- TODO: check
+ NOT-FOR-US: Ghost
CVE-2024-43408 (Discourse Placeholder Forms will let you build dynamic documentation. ...)
- TODO: check
+ NOT-FOR-US: Discourse Placeholder Forms
CVE-2024-43406 (LF Edge eKuiper is a lightweight IoT data analytics and stream process ...)
- TODO: check
+ NOT-FOR-US: LF Edge eKuiper
CVE-2024-43404 (MEGABOT is a fully customized Discord bot for learning and fun. The `/ ...)
- TODO: check
+ NOT-FOR-US: MEGABOT
CVE-2024-43397 (Apollo is a configuration management system. A vulnerability exists in ...)
- TODO: check
+ NOT-FOR-US: Apollo
CVE-2024-43377 (Umbraco CMS is an ASP.NET CMS. An authenticated user can access a few ...)
- TODO: check
+ NOT-FOR-US: Umbraco
CVE-2024-43376 (Umbraco is an ASP.NET CMS. Some endpoints in the Management API can re ...)
- TODO: check
+ NOT-FOR-US: Umbraco
CVE-2024-42919 (eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Acc ...)
- TODO: check
+ NOT-FOR-US: eScan Management Console
CVE-2024-42662 (An issue in apollocongif apollo v.2.2.0 allows a remote attacker to ob ...)
TODO: check
CVE-2024-42621 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42619 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42618 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42617 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42616 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42613 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42612 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42611 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42610 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42609 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42608 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42607 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42606 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42605 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42604 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42603 (Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forger ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2024-42598 (SeaCMS 13.0 has a remote code execution vulnerability. The reason for ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-42586 (A Cross-Site Request Forgery (CSRF) in the component categorie.php of ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42585 (A Cross-Site Request Forgery (CSRF) in the component delete_media.php ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42584 (A Cross-Site Request Forgery (CSRF) in the component delete_product.ph ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42583 (A Cross-Site Request Forgery (CSRF) in the component delete_user.php o ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42582 (A Cross-Site Request Forgery (CSRF) in the component delete_categorie. ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42581 (A Cross-Site Request Forgery (CSRF) in the component delete_group.php ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42580 (A Cross-Site Request Forgery (CSRF) in the component edit_group.php of ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42579 (A Cross-Site Request Forgery (CSRF) in the component add_group.php of ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42578 (A Cross-Site Request Forgery (CSRF) in the component edit_product.php ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42577 (A Cross-Site Request Forgery (CSRF) in the component add_product.php o ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42576 (A Cross-Site Request Forgery (CSRF) in the component edit_categorie.ph ...)
- TODO: check
+ NOT-FOR-US: Warehouse Inventory System
CVE-2024-42575 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42574 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42573 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42572 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42571 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42570 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42569 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42568 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42567 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42566 (School Management System commit bae5aa was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: School Management System
CVE-2024-42565 (ERP commit 44bd04 was discovered to contain a SQL injection vulnerabil ...)
- TODO: check
+ NOT-FOR-US: jerryhanjj ERP
CVE-2024-42564 (ERP commit 44bd04 was discovered to contain a SQL injection vulnerabil ...)
- TODO: check
+ NOT-FOR-US: jerryhanjj ERP
CVE-2024-42563 (An arbitrary file upload vulnerability in ERP commit 44bd04 allows att ...)
- TODO: check
+ NOT-FOR-US: jerryhanjj ERP
CVE-2024-42562 (Pharmacy Management System commit a2efc8 was discovered to contain a S ...)
- TODO: check
+ NOT-FOR-US: Pharmacy Management System
CVE-2024-42561 (Pharmacy Management System commit a2efc8 was discovered to contain a S ...)
- TODO: check
+ NOT-FOR-US: Pharmacy Management System
CVE-2024-42560 (A cross-site scripting (XSS) vulnerability in the component update_pag ...)
- TODO: check
+ NOT-FOR-US: Blood Bank And Donation Management System
CVE-2024-42559 (An issue in the login component (process_login.php) of Hotel Managemen ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42558 (Hotel Management System commit 91caab8 was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42557 (A Cross-Site Request Forgery (CSRF) in the component admin_modify_room ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42556 (Hotel Management System commit 91caab8 was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42555 (A Cross-Site Request Forgery (CSRF) in the component admin_room_remove ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42554 (Hotel Management System commit 91caab8 was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42553 (A Cross-Site Request Forgery (CSRF) in the component admin_room_added. ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42552 (Hotel Management System commit 91caab8 was discovered to contain a SQL ...)
- TODO: check
+ NOT-FOR-US: Hotel Management System
CVE-2024-42369 (matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for Jav ...)
- TODO: check
+ NOT-FOR-US: matrix-js-sdk
CVE-2024-42336 (Servision - CWE-287: Improper Authentication)
- TODO: check
+ NOT-FOR-US: Servision
CVE-2024-42335 (7Twenty - CWE-79: Improper Neutralization of Input During Web Page Gen ...)
TODO: check
CVE-2024-42334 (Hargal - CWE-284: Improper Access Control)
TODO: check
CVE-2024-42006 (Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure.)
- TODO: check
+ NOT-FOR-US: Keyfactor AWS Orchestrator
CVE-2024-41773 (IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an aut ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-41700 (Barix \u2013 CWE-200 Exposure of Sensitive Information to an Unauthori ...)
TODO: check
CVE-2024-41699 (Priority \u2013 CWE-552: Files or Directories Accessible to External P ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce33599062fc8551df432e06d943d3cc2d4a3844
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce33599062fc8551df432e06d943d3cc2d4a3844
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240820/b9073c0e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list