[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 4 21:34:05 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0ca884cc by Salvatore Bonaccorso at 2024-06-04T22:33:47+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,187 +21,187 @@ CVE-2024-37063 (A cross-site scripting (XSS) vulnerability in versions 3.7.0 or
CVE-2024-37062 (Deserialization of untrusted data can occur in versions 3.7.0 or newer ...)
TODO: check
CVE-2024-37061 (Remote Code Execution can occur in versions of the MLflow platform run ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37060 (Deserialization of untrusted data can occur in versions of the MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37059 (Deserialization of untrusted data can occur in versions of the MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37058 (Deserialization of untrusted data can occur in versions of the MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37057 (Deserialization of untrusted data can occur in versions of the MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37056 (Deserialization of untrusted data can occur in versions of the MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37055 (Deserialization of untrusted data can occur in versions of the MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37054 (Deserialization of untrusted data can occur in versions of the MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37053 (Deserialization of untrusted data can occur in versions of the MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-37052 (Deserialization of untrusted data can occur in versions of the MLflow ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-36858 (An arbitrary file upload vulnerability in the /v1/app/writeFileSync in ...)
TODO: check
CVE-2024-36857 (Jan v0.4.12 was discovered to contain an arbitrary file read vulnerabi ...)
TODO: check
CVE-2024-36801 (A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacke ...)
- TODO: check
+ NOT-FOR-US: SEMCMS
CVE-2024-36800 (A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacke ...)
- TODO: check
+ NOT-FOR-US: SEMCMS
CVE-2024-36604 (Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command I ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-36550 (idccms V1.35 was discovered to contain a Cross-Site Request Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36549 (idccms v1.35 was discovered to contain a Cross-Site Request Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36548 (idccms V1.35 was discovered to contain a Cross-Site Request Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36547 (idccms V1.35 was discovered to contain a Cross-Site Request Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36400 (nano-id is a unique string ID generator for Rust. Affected versions of ...)
TODO: check
CVE-2024-35782 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35700 (Improper Privilege Management vulnerability in DeluxeThemes Userpro al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35672 (Missing Authorization vulnerability in Netgsm.This issue affects Netgs ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35670 (Broken Authentication vulnerability in SoftLab Integrate Google Drive. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35668 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35666 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35664 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35655 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35654 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35653 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35652 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35651 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35649 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35634 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35629 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34792 (Improper Neutralization of Special Elements used in a Command ('Comman ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34759 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34554 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34552 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34551 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34384 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33628 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33568 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33560 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33557 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33541 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32871 (Pimcore is an Open Source Data & Experience Management Platform. The P ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2024-30528 (Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30525 (Missing Authorization vulnerability in moveaddons Move Addons for Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30484 (Missing Authorization vulnerability in RT Easy Builder \u2013 Advanced ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29170 (Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29152 (An issue was discovered in Samsung Mobile Processor, Wearable Processo ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-29004 (The SolarWinds Platform was determined to be affected by a stored cros ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-28999 (The SolarWinds Platform was determined to be affected by a Race Condit ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-28996 (The SolarWinds Platform was determined to be affected by a SWQL Inject ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-25600 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25095 (Insertion of Sensitive Information into Log File vulnerability in Code ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0756 (The Insert or Embed Articulate Content into WordPress plugin through 4 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5751 (A local attacker with low privileges can read and modify any users fil ...)
TODO: check
CVE-2023-52176 (Authentication Bypass by Spoofing vulnerability in miniorange Malware ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52147 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51667 (Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51544 (Improper Control of Interaction Frequency vulnerability in Metagauss R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51543 (Authentication Bypass by Spoofing vulnerability in Metagauss Registrat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51542 (Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51511 (Improper Authentication vulnerability in Pluggabl LLC Booster Elite fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49852 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49822 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49774 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49748 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49741 (Authentication Bypass by Spoofing vulnerability in wpdevart Coming soo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48753 (Authentication Bypass by Spoofing vulnerability in 10up Restricted Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48747 (Improper Authentication vulnerability in Pluggabl LLC Booster for WooC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48745 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48335 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48318 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48290 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48285 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48276 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48271 (Authentication Bypass by Spoofing vulnerability in yonifre Maspik \u20 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47837 (Improper Privilege Management vulnerability in Repute Infosystems ARMe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47818 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47769 (Authentication Bypass by Spoofing vulnerability in WP Maintenance allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47663 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47513 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47189 (Improper Authentication vulnerability in WPMU DEV Defender Security al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46630 (Improper Authentication vulnerability in wpase Admin and Site Enhancem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46310 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45635 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45053 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45009 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5485 (The SureTriggers \u2013 Connect All Your Plugins, Apps, Tools & Automa ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5422 (An uncontrolled resource consumption of file descriptors in SEH Comput ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ca884cc7e85fc9936356cfbad25ad7150ca4b8c
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ca884cc7e85fc9936356cfbad25ad7150ca4b8c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240604/bb5a3197/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list