[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 6 11:42:31 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
05bc55f4 by Salvatore Bonaccorso at 2024-02-06T12:42:06+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,177 +1,177 @@
CVE-2024-24808 (pyLoad is an open-source Download Manager written in pure Python. Ther ...)
- pyload <itp> (bug #1001980)
CVE-2024-24807 (Sulu is a highly extensible open-source PHP content management system ...)
- TODO: check
+ NOT-FOR-US: Sulu
CVE-2024-24595 (Allegro AI\u2019s open-source version of ClearML stores passwords in p ...)
TODO: check
CVE-2024-24574 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2024-24559 (Vyper is a Pythonic Smart Contract Language for the EVM. There is an e ...)
- TODO: check
+ NOT-FOR-US: Vyper
CVE-2024-24543 (Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-24398 (Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashbo ...)
- TODO: check
+ NOT-FOR-US: Stimulsoft GmbH Stimulsoft Dashboard.JS
CVE-2024-24112 (xmall v1.1 was discovered to contain a SQL injection vulnerability via ...)
- TODO: check
+ NOT-FOR-US: Exrick xmall
CVE-2024-23304 (Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthentica ...)
- TODO: check
+ NOT-FOR-US: Cybozu KUNAI for Android
CVE-2024-23049 (An issue in symphony v.3.6.3 and before allows a remote attacker to ex ...)
TODO: check
CVE-2024-22853 (D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password fo ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2024-22852 (D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buff ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2024-22773 (Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password in Cookie ...)
- TODO: check
+ NOT-FOR-US: Intelbras Roteador ACtion RF 1200
CVE-2024-22208 (phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, ...)
- TODO: check
+ NOT-FOR-US: phpMyFAQ
CVE-2024-20828 (Improper authorization verification vulnerability in Samsung Internet ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20827 (Improper access control vulnerability in Samsung Gallery prior to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20826 (Implicit intent hijacking vulnerability in UPHelper library prior to v ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20825 (Implicit intent hijacking vulnerability in IAP of Galaxy Store prior t ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20824 (Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20823 (Implicit intent hijacking vulnerability in SamsungAccount of Galaxy St ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20822 (Implicit intent hijacking vulnerability in AccountActivity of Galaxy S ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20820 (Improper input validation in bootloader prior to SMR Feb-2024 Release ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20819 (Out out bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20818 (Out out bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20817 (Out out bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20816 (Improper authentication vulnerability in onCharacteristicWriteRequest ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20815 (Improper authentication vulnerability in onCharacteristicReadRequest i ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20814 (Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20813 (Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20812 (Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20811 (Improper caller verification in GameOptimizer prior to SMR Feb-2024 Re ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20810 (Implicit intent hijacking vulnerability in Smart Suggestions prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-1210 (The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Info ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1209 (The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Info ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1208 (The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Info ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1177 (The WP Club Manager \u2013 WordPress Sports Club Plugin plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1121 (The Advanced Forms for ACF plugin for WordPress is vulnerable to unaut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1092 (The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1075 (The Minimal Coming Soon \u2013 Coming Soon Page plugin for WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1072 (The Website Builder by SeedProd \u2014 Theme Builder, Landing Page Bui ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1052 (Boundary and Boundary Enterprise (\u201cBoundary\u201d) is vulnerable ...)
TODO: check
CVE-2024-1046 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0969 (The ARMember plugin for WordPress is vulnerable to Sensitive Informati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0964 (A local file include could be remotely triggered in Gradio due to a vu ...)
TODO: check
CVE-2024-0961 (The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0954 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0869 (The Instant Images \u2013 One Click Image Uploads from Unsplash, Openv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0859 (The Affiliates Manager plugin for WordPress is vulnerable to Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0835 (The Royal Elementor Kit theme for WordPress is vulnerable to unauthori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0834 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0823 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0797 (The Active Products Tables for WooCommerce. Professional products tabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0796 (The Active Products Tables for WooCommerce. Professional products tabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0791 (The WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0790 (The WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0761 (The File Manager plugin for WordPress is vulnerable to Sensitive Infor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0709 (The Cryptocurrency Widgets \u2013 Price Ticker & Coins List plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0701 (The UserPro plugin for WordPress is vulnerable to Security Feature Byp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0699 (The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0691 (The FileBird plugin for WordPress is vulnerable to Stored Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0678 (The Order Delivery Date for WP e-Commerce plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0668 (The Advanced Database Cleaner plugin for WordPress is vulnerable to PH ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0660 (The Formidable Forms \u2013 Contact Form, Survey, Quiz, Payment, Calcu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0659 (The Easy Digital Downloads \u2013 Sell Digital Files (eCommerce Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0630 (The WP RSS Aggregator plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0612 (The Content Views \u2013 Post Grid, Slider, Accordion (Gutenberg Block ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0597 (The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0586 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0585 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0509 (The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0508 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0448 (The Elementor Addons by Livemesh plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0428 (The Index Now plugin for WordPress is vulnerable to Cross-Site Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0384 (The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0382 (The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0380 (The WP Recipe Maker plugin for WordPress is vulnerable to Directory Tr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0374 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0373 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0372 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0371 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0370 (The Views for WPForms \u2013 Display & Edit WPForms Entries on your si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0366 (The Starbox \u2013 the Author Box for Humans plugin for WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0324 (The User Profile Builder \u2013 Beautiful User Registration Forms, Use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0255 (The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0254 (The (Simply) Guest Author Name plugin for WordPress is vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0244 (Buffer overflow in CPCA PCFAX number process of Office Multifunction P ...)
- TODO: check
+ NOT-FOR-US: CPCA PCFAX
CVE-2024-0221 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0202 (A security vulnerability has been identified in the cryptlib cryptogra ...)
TODO: check
CVE-2023-7029 (The WordPress Button Plugin MaxButtons plugin for WordPress is vulnera ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05bc55f400ac48db2fa4f10b2e3d4080bdc86a1b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05bc55f400ac48db2fa4f10b2e3d4080bdc86a1b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240206/d7a5e773/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list