[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Feb 29 08:54:41 GMT 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d8194a55 by Moritz Muehlenhoff at 2024-02-29T09:54:19+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,39 +55,39 @@ CVE-2024-23493 (Mattermost fails to properly authorize the requests fetchingteam
CVE-2024-23488 (Mattermost fails to properly restrict the access of files attached to ...)
- mattermost-server <itp> (bug #823556)
CVE-2024-23302 (Couchbase Server before 7.2.4 has a private key leak in goxdcr.log.)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2024-22983 (SQL injection vulnerability in Projectworlds Visitor Management System ...)
- TODO: check
+ NOT-FOR-US: Projectworlds Visitor Management System
CVE-2024-22871 (An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker ...)
TODO: check
CVE-2024-22532 (Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x8 ...)
- TODO: check
+ NOT-FOR-US: XNSoft NConvert
CVE-2024-21798 (ELECOM wireless LAN routers contain a cross-site scripting vulnerabili ...)
- TODO: check
+ NOT-FOR-US: ELECOM
CVE-2024-21752 (Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Aja ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1982 (The Migration, Backup, Staging \u2013 WPvivid plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1981 (The Migration, Backup, Staging \u2013 WPvivid plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1978 (The Friends plugin for WordPress is vulnerable to Server-Side Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1977 (The Restaurant Solutions \u2013 Checklist plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1976 (The Marketing Optimizer plugin for WordPress is vulnerable to Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1972 (A vulnerability was found in SourceCodester Online Job Portal 1.0 and ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-1971 (A vulnerability has been found in Surya2Developer Online Shopping Syst ...)
- TODO: check
+ NOT-FOR-US: Surya2Developer Online Shopping System
CVE-2024-1970 (A vulnerability, which was classified as problematic, was found in Sou ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-1887 (Mattermost fails to check if compliance export is enabled when fetchin ...)
- mattermost-server <itp> (bug #823556)
CVE-2024-1468 (The Avada | Website Builder For WordPress & WooCommerce theme for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1437 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1435 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
TODO: check
CVE-2024-1434 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -119,27 +119,27 @@ CVE-2023-51528 (Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin A
CVE-2023-50905 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2023-50437 (An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2023-50436 (An issue was discovered in Couchbase Server before 7.2.4. ns_server ad ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2023-49932 (An issue was discovered in Couchbase Server before 7.2.4. An attacker ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2023-49931 (An issue was discovered in Couchbase Server before 7.2.4. SQL++ cURL c ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2023-49930 (An issue was discovered in Couchbase Server before 7.2.4. cURL calls t ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2023-49338 (Couchbase Server 7.1.x and 7.2.x before 7.2.4 does not require authent ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2023-47874 (Missing Authorization vulnerability in Perfmatters.This issue affects ...)
TODO: check
CVE-2023-45874 (An issue was discovered in Couchbase Server through 7.2.2. A data read ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2023-45873 (An issue was discovered in Couchbase Server through 7.2.2. A data read ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2023-45859 (In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 ...)
TODO: check
CVE-2023-43769 (An issue was discovered in Couchbase Server through 7.1.4 before 7.1.5 ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2023-38372 (An unauthorized attacker who has obtained an IBM Watson IoT Platform 1 ...)
NOT-FOR-US: IBM
CVE-2023-38367 (IBM Cloud Pak Foundational Services Identity Provider (idP) API (IBM C ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8194a5550771bb484e5903da6c7ab25674d7292
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8194a5550771bb484e5903da6c7ab25674d7292
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240229/9eecfd20/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list