[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Dec 13 20:28:51 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8fae46c1 by Salvatore Bonaccorso at 2024-12-13T21:28:24+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,241 +1,241 @@
CVE-2024-9945 (An information-disclosure vulnerability exists in Fortra's GoAnywhere ...)
- TODO: check
+ NOT-FOR-US: Fortra
CVE-2024-9608 (The MyParcel plugin for WordPress is vulnerable to Reflected Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9290 (The Super Backup & Clone - Migrate for WordPress plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-55890 (D-Tale is a visualizer for pandas data structures. Prior to version 3. ...)
TODO: check
CVE-2024-55889 (phpMyFAQ is an open source FAQ web application. Prior to version 3.2.1 ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2024-55887 (Ucum-java is a FHIR Java library providing UCUM Services. In versions ...)
- TODO: check
+ NOT-FOR-US: Ucum-java
CVE-2024-55661 (Laravel Pulse is a real-time application performance monitoring tool a ...)
TODO: check
CVE-2024-54351 (Cross-Site Request Forgery (CSRF) vulnerability in Tom Landis Fancy Ro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54349 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54347 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54346 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-54345 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-54344 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54343 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54342 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54341 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54340 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54339 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54338 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54337 (Cross-Site Request Forgery (CSRF) vulnerability in DevriX DX Dark Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54336 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54335 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54334 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54333 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54330 (Server-Side Request Forgery (SSRF) vulnerability in Hep Hep Hurra (HHH ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54329 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54328 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54327 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54326 (Missing Authorization vulnerability in Eyal Fitoussi GEO my WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54325 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54324 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54323 (Missing Authorization vulnerability in WPExpertsio New User Approve al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54322 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54321 (Cross-Site Request Forgery (CSRF) vulnerability in Hive Support Hive S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54320 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54319 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54318 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54317 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54316 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54315 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54314 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54313 (Path Traversal vulnerability in FULL. FULL Customer allows Path Traver ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54312 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54311 (Missing Authorization vulnerability in i.lychkov Mark New Posts allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54310 (Missing Authorization vulnerability in Aslam Khan Gouran Gou Manage My ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54309 (Insertion of Sensitive Information Into Sent Data vulnerability in wpd ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54308 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54307 (Cross-Site Request Forgery (CSRF) vulnerability in AIpost AIcomments a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54306 (Cross-Site Request Forgery (CSRF) vulnerability in KCT AIKCT Engine Ch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54305 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54304 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54303 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54302 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54301 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54300 (Cross-Site Request Forgery (CSRF) vulnerability in Neuralabz LTD. Auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54299 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54298 (Missing Authorization vulnerability in Bill Minozzi Car Dealer allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54297 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54296 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54295 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54294 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54293 (Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54292 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54290 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54289 (Missing Authorization vulnerability in Awesome Support Team Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54288 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54287 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54286 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54282 (Deserialization of Untrusted Data vulnerability in Themeum WP Mega Men ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54278 (Missing Authorization vulnerability in Plugin Devs News Ticker for Ele ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54277 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54276 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54275 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54274 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54273 (Deserialization of Untrusted Data vulnerability in PickPlugins Mail Pi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54272 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54271 (Missing Authorization vulnerability in WPTaskForce WPCargo Track & Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54268 (Missing Authorization vulnerability in SiteOrigin SiteOrigin Widgets B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54267 (Missing Authorization vulnerability in CreativeMindsSolutions CM Answe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54266 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54265 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54264 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54262 (Unrestricted Upload of File with Dangerous Type vulnerability in Siddh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54261 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54259 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54258 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54256 (Missing Authorization vulnerability in Seerox Easy Blocks pro allows A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54252 (Missing Authorization vulnerability in PINPOINT.WORLD Pinpoint Booking ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54250 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54248 (Cross-Site Request Forgery (CSRF) vulnerability in Michael DUMONTET ee ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54246 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54245 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54244 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54243 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54242 (Missing Authorization vulnerability in Appsbd Simple Notification allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54241 (Missing Authorization vulnerability in Appsbd Elite Notification \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54240 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54239 (Missing Authorization vulnerability in dugudlabs Eyewear prescription ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54238 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54237 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54236 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54235 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54234 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54233 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54231 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-54139 (Combodo iTop is an open source and web-based IT service management pla ...)
- TODO: check
+ NOT-FOR-US: Combodo iTop
CVE-2024-52066 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional (Routing Service)
CVE-2024-52065 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional
CVE-2024-52064 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional
CVE-2024-52063 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional
CVE-2024-52062 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional
CVE-2024-52061 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional
CVE-2024-52060 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional
CVE-2024-52059 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional
CVE-2024-52058 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional
CVE-2024-52057 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: RTI Connext Professional
CVE-2024-48008 (Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Inj ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-48007 (Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-code ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-47984 (Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Servic ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-47892 (Software installed and run as a non-privileged user may conduct GPU sy ...)
TODO: check
CVE-2024-46971 (Software installed and run as a non-privileged user may conduct GPU sy ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fae46c1b098ba127ce3e2cb93afbacf42185941
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fae46c1b098ba127ce3e2cb93afbacf42185941
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241213/44fb83bc/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list