[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 29 22:05:02 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
05b5a0d5 by Salvatore Bonaccorso at 2024-08-29T22:58:23+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -119,95 +119,95 @@ CVE-2024-43917 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2024-43804 (Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Kee ...)
TODO: check
CVE-2024-43144 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43132 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-41964 (Kirby is a CMS targeting designers and editors. Kirby allows to restri ...)
- TODO: check
+ NOT-FOR-US: Kirby CMS
CVE-2024-41372 (Organizr v1.90 was discovered to contain a SQL injection vulnerability ...)
- TODO: check
+ NOT-FOR-US: Organizr
CVE-2024-41371 (Organizr v1.90 is vulnerable to Cross Site Scripting (XSS) via api.php ...)
- TODO: check
+ NOT-FOR-US: Organizr
CVE-2024-41370 (Organizr v1.90 was discovered to contain a SQL injection vulnerability ...)
- TODO: check
+ NOT-FOR-US: Organizr
CVE-2024-41369 (RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execut ...)
- TODO: check
+ NOT-FOR-US: RPi-Jukebox-RFID
CVE-2024-41368 (RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execut ...)
- TODO: check
+ NOT-FOR-US: RPi-Jukebox-RFID
CVE-2024-41367 (RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execut ...)
- TODO: check
+ NOT-FOR-US: RPi-Jukebox-RFID
CVE-2024-41366 (RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execut ...)
- TODO: check
+ NOT-FOR-US: RPi-Jukebox-RFID
CVE-2024-41364 (RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execut ...)
- TODO: check
+ NOT-FOR-US: RPi-Jukebox-RFID
CVE-2024-41361 (RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execut ...)
- TODO: check
+ NOT-FOR-US: RPi-Jukebox-RFID
CVE-2024-41358 (phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\ ...)
TODO: check
CVE-2024-41351 (bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) vi ...)
- TODO: check
+ NOT-FOR-US: bjyadmin
CVE-2024-41350 (bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) vi ...)
- TODO: check
+ NOT-FOR-US: bjyadmin
CVE-2024-41348 (openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) ...)
- TODO: check
+ NOT-FOR-US: openflights
CVE-2024-41347 (openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) ...)
- TODO: check
+ NOT-FOR-US: openflights
CVE-2024-41346 (openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) ...)
- TODO: check
+ NOT-FOR-US: openflights
CVE-2024-41345 (openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) ...)
- TODO: check
+ NOT-FOR-US: openflights
CVE-2024-3679 (The Premium SEO Pack \u2013 WP SEO Plugin plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39658 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39653 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39638 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39622 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39620 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38795 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38793 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38693 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35133 (IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could a ...)
NOT-FOR-US: IBM
CVE-2024-35118 (IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credenti ...)
NOT-FOR-US: IBM
CVE-2024-34019 (Local privilege escalation due to DLL hijacking vulnerability. The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis Snap Deploy (Windows)
CVE-2024-34018 (Sensitive information disclosure due to insecure folder permissions. T ...)
- TODO: check
+ NOT-FOR-US: Acronis Snap Deploy (Windows)
CVE-2024-34017 (Local privilege escalation due to DLL hijacking vulnerability. The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis Snap Deploy (Windows)
CVE-2024-2541 (The Popup Builder plugin for WordPress is vulnerable to Sensitive Info ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29731 (SQL injection vulnerabilities in SportsNET affecting version 4.0.1. Th ...)
- TODO: check
+ NOT-FOR-US: SportsNET
CVE-2024-29730 (SQL injection vulnerabilities in SportsNET affecting version 4.0.1. Th ...)
- TODO: check
+ NOT-FOR-US: SportsNET
CVE-2024-29729 (SQL injection vulnerabilities in SportsNET affecting version 4.0.1. Th ...)
- TODO: check
+ NOT-FOR-US: SportsNET
CVE-2024-29728 (SQL injection vulnerabilities in SportsNET affecting version 4.0.1. Th ...)
- TODO: check
+ NOT-FOR-US: SportsNET
CVE-2024-29727 (SQL injection vulnerabilities in SportsNET affecting version 4.0.1. Th ...)
- TODO: check
+ NOT-FOR-US: SportsNET
CVE-2024-29726 (SQL injection vulnerabilities in SportsNET affecting version 4.0.1. Th ...)
- TODO: check
+ NOT-FOR-US: SportsNET
CVE-2024-29725 (SQL injection vulnerabilities in SportsNET affecting version 4.0.1. Th ...)
- TODO: check
+ NOT-FOR-US: SportsNET
CVE-2024-29724 (SQL injection vulnerabilities in SportsNET affecting version 4.0.1. Th ...)
- TODO: check
+ NOT-FOR-US: SportsNET
CVE-2024-29723 (SQL injection vulnerabilities in SportsNET affecting version 4.0.1. Th ...)
- TODO: check
+ NOT-FOR-US: SportsNET
CVE-2024-1384 (The Premium Portfolio Features for Phlox theme plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1056 (The FunnelKit Funnel Builder Pro plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-4442 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 5.10.24-1
NOTE: https://git.kernel.org/linus/8811f4a9836e31c14ecdf79d9f3cb7c5d463265d (5.12-rc3)
@@ -169972,7 +169972,7 @@ CVE-2022-2442 (The Migration, Backup, Staging \u2013 WPvivid plugin for WordPres
CVE-2022-2441 (The ImageMagick Engine plugin for WordPress is vulnerable to remote co ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2440 (The Theme Editor plugin for WordPress is vulnerable to deserialization ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2439
RESERVED
CVE-2022-2438 (The Broken Link Checker plugin for WordPress is vulnerable to deserial ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05b5a0d590e63d97924fc4bbb6af318e78e213af
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05b5a0d590e63d97924fc4bbb6af318e78e213af
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240829/b6c27082/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list