[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Jun 10 11:17:05 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d0fe9338 by Moritz Muehlenhoff at 2024-06-10T12:16:23+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,227 +1,227 @@
CVE-2024-5389 (In lunary-ai/lunary version 1.2.13, an insufficient granularity of acc ...)
- TODO: check
+ NOT-FOR-US: lunary-ai/lunary
CVE-2024-4746 (Missing Authorization vulnerability in Netgsm.This issue affects Netgs ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4328 (A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_ ...)
- TODO: check
+ NOT-FOR-US: lollms-webui
CVE-2024-37880 (The Kyber reference implementation before 9b8d306, when compiled by LL ...)
TODO: check
CVE-2024-35742 (Missing Authorization vulnerability in Code Parrots Easy Forms for Mai ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35741 (Missing Authorization vulnerability in Awesome Support Team Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35735 (Missing Authorization vulnerability in CodePeople WP Time Slots Bookin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35729 (Missing Authorization vulnerability in Tickera.This issue affects Tick ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35727 (Missing Authorization vulnerability in actpro Extra Product Options fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35726 (Missing Authorization vulnerability in ThemeKraft WooBuddy.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35725 (Missing Authorization vulnerability in LA-Studio LA-Studio Element Kit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35724 (Missing Authorization vulnerability in Bosa Themes Bosa Elementor Addo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35723 (Missing Authorization vulnerability in Andrew Rapps Dashboard To-Do Li ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35722 (Missing Authorization vulnerability in A WP Life Slider Responsive Sli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35721 (Missing Authorization vulnerability in A WP Life Image Gallery \u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35720 (Missing Authorization vulnerability in A WP Life Album Gallery \u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35717 (Missing Authorization vulnerability in A WP Life Media Slider \u2013 P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37570 (On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.h ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-37569 (An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-37568 (lepture Authlib before 1.3.1 has algorithm confusion with asymmetric p ...)
TODO: check
CVE-2024-35748 (Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35669 (Missing Authorization vulnerability in Bowo Debug Log Manager.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35662 (Missing Authorization vulnerability in Andreas Sofantzis Simple COD Fe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35661 (Missing Authorization vulnerability in SoftLab Upload Fields for WPFor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35660 (Missing Authorization vulnerability in Jewel Theme Master Addons for E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34802 (Missing Authorization vulnerability in AdFoxly AdFoxly \u2013 Ad Manag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34435 (Missing Authorization vulnerability in CodeRevolution Aiomatic.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33572 (Missing Authorization vulnerability in POSIMYTH The Plus Blocks for Bl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33565 (Missing Authorization vulnerability in UkrSolution Barcode Scanner wit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33564 (Missing Authorization vulnerability in 8theme XStore.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33563 (Missing Authorization vulnerability in 8theme XStore.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33561 (Missing Authorization vulnerability in 8theme XStore.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33555 (Missing Authorization vulnerability in 8theme XStore Core.This issue a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33547 (Missing Authorization vulnerability in AA-Team WZone.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33545 (Missing Authorization vulnerability in AA-Team WZone.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33543 (Missing Authorization vulnerability in CodePeople WP Time Slots Bookin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32824 (Missing Authorization vulnerability in Evergreen Content Poster.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32821 (Missing Authorization vulnerability in TotalSuite Total Poll Lite.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32820 (Missing Authorization vulnerability in Social Share Pro Social Share I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32818 (Missing Authorization vulnerability in realmag777 WordPress Meta Data ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32814 (Missing Authorization vulnerability in Zorem Advanced Local Pickup for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32813 (Missing Authorization vulnerability in SoftLab Integrate Google Drive. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32811 (Insertion of Sensitive Information into Log File vulnerability in Octo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32805 (Missing Authorization vulnerability in Social Snap.This issue affects ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32804 (Missing Authorization vulnerability in Martin Gibson WP GoToWebinar.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32799 (Missing Authorization vulnerability in Merv Barrett Easy Property List ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32798 (Missing Authorization vulnerability in WP Travel Engine.This issue aff ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32797 (Missing Authorization vulnerability in Martin Gibson WP LinkedIn Auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32792 (Missing Authorization vulnerability in WPMU DEV Hummingbird.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32787 (Missing Authorization vulnerability in Copy Content Protection Team Se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32784 (Missing Authorization vulnerability in CookieHub.This issue affects Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32783 (Missing Authorization vulnerability in wpcreativeidea Advanced Testimo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32779 (Missing Authorization vulnerability in Avirtum Vision Interactive.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32778 (Missing Authorization vulnerability in Contest Gallery.This issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32777 (Missing Authorization vulnerability in BizSwoop a CPF Concepts, LLC Br ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32727 (Missing Authorization vulnerability in Rometheme RomethemeForm For Ele ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32725 (Missing Authorization vulnerability in Saleswonder 5 Stars Rating Funn ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32715 (Missing Authorization vulnerability in Olive Themes Olive One Click De ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32714 (Missing Authorization vulnerability in Academy LMS academy.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32713 (Missing Authorization vulnerability in AutoWriter AI Post Generator | ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32705 (Missing Authorization vulnerability in reputeinfosystems ARForms.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32704 (Missing Authorization vulnerability in reputeinfosystems ARForms.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32703 (Missing Authorization vulnerability in reputeinfosystems ARForms.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32701 (Missing Authorization vulnerability in InstaWP Team InstaWP Connect.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32081 (Missing Authorization vulnerability in Websupporter Filter Custom Fiel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31423 (Missing Authorization vulnerability in Alex Volkov WP Accessibility He ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31359 (Missing Authorization vulnerability in Premmerce Premmerce Product Fil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31352 (Missing Authorization vulnerability in Email Subscribers & Newsletters ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31350 (Missing Authorization vulnerability in AWP Classifieds Team AWP Classi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31347 (Missing Authorization vulnerability in Data443 Tracking Code Manager.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31307 (Missing Authorization vulnerability in appscreo Easy Social Share Butt ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31304 (Missing Authorization vulnerability in MultiVendorX WC Marketplace.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31294 (Missing Authorization vulnerability in Fahad Mahmood WP Sort Order.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31284 (Missing Authorization vulnerability in WPDeveloper EmbedPress.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31283 (Missing Authorization vulnerability in zorem Advanced Local Pickup for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31276 (Missing Authorization vulnerability in WPFactory Products, Order & Cus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31275 (Missing Authorization vulnerability in Metagauss EventPrime.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31274 (Missing Authorization vulnerability in WPDeveloper EmbedPress.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31273 (Missing Authorization vulnerability in JS Help Desk JS Help Desk \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31267 (Missing Authorization vulnerability in WP Desk Flexible Checkout Field ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31261 (Missing Authorization vulnerability in Aakash Chakravarthy Announcer \ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31252 (Missing Authorization vulnerability in dFactory Responsive Lightbox.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31248 (Missing Authorization vulnerability in Team Plugins360 All-in-One Vide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31246 (Missing Authorization vulnerability in Post Grid Team by WPXPO PostX \ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31244 (Missing Authorization vulnerability in Bricksforge.This issue affects ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31243 (Missing Authorization vulnerability in Bricksforge.This issue affects ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31098 (Missing Authorization vulnerability in Mr.Ebabi New Order Notification ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30544 (Missing Authorization vulnerability in UPQODE Whizzy.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30539 (Missing Authorization vulnerability in Awesome Support Team Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30538 (Missing Authorization vulnerability in DELUCKS GmbH DELUCKS SEO.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30537 (Missing Authorization vulnerability in WPClever WPC Badge Management f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30534 (Missing Authorization vulnerability in typps Calendarista Basic Editio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30529 (Missing Authorization vulnerability in Tainacan.Org Tainacan.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30517 (Missing Authorization vulnerability in Sliced Invoices.This issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30515 (Missing Authorization vulnerability in Pixelite Events Manager.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30512 (Missing Authorization vulnerability in weForms.This issue affects weFo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30485 (Missing Authorization vulnerability in XLPlugins Finale Lite.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30481 (Broken Access Control vulnerability in Samuel Marshall JCH Optimize.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30470 (Missing Authorization vulnerability in YITH YITH WooCommerce Account F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30467 (Missing Authorization vulnerability in WPDeveloper Essential Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30466 (Missing Authorization vulnerability in OnTheGoSystems WooCommerce Mult ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30465 (Missing Authorization vulnerability in Pagelayer Team PageLayer.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30464 (Missing Authorization vulnerability in WPZOOM Social Icons Widget & Bl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2408 (The openssl_private_decrypt function in PHP, when using PKCS1 padding ...)
TODO: check
CVE-2024-25929 (Missing Authorization vulnerability in MultiVendorX Product Catalog En ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25092 (Missing Authorization vulnerability in XLPlugins NextMove Lite.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24716 (Missing Authorization vulnerability in Awesome Support Team Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52232 (Missing Authorization vulnerability in Pluggabl LLC Booster Plus for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52230 (Missing Authorization vulnerability in Pluggabl LLC Booster Plus for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51494 (Missing Authorization vulnerability in Woo WooCommerce Product Vendors ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45188 (IBM Engineering Lifecycle Optimization Publishing 7.0.2 and 7.03 could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-34003 (Missing Authorization vulnerability in Woo WooCommerce Box Office.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37535 (GNOME VTE before 0.76.3 allows an attacker to cause a denial of servic ...)
- vte <unfixed>
[bookworm] - vte <no-dsa> (Minor issue)
@@ -252,7 +252,7 @@ CVE-2024-5766 (A vulnerability was found in Likeshop up to 2.5.7 and classified
CVE-2024-5654 (The CF7 Google Sheets Connector plugin for WordPress is vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4680 (A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to r ...)
- TODO: check
+ NOT-FOR-US: zenml
CVE-2024-4146 (In lunary-ai/lunary version v1.2.13, an improper authorization vulnera ...)
NOT-FOR-US: lunary-ai/lunary
CVE-2024-37408 (fprintd through 1.94.3 lacks a security attention mechanism, and thus ...)
@@ -430,9 +430,9 @@ CVE-2024-4468 (The Salon booking system plugin for WordPress is vulnerable to un
CVE-2024-3668 (The PowerPack Pro for Elementor plugin for WordPress is vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2024-1694 (Inappropriate implementation in Google Updator prior to 1.3.36.351 in ...)
- TODO: check
+ - chromium <not-affected> (Only affects update of Google Chrome)
CVE-2023-7261 (Inappropriate implementation in Google Updator prior to 1.3.36.351 in ...)
- TODO: check
+ - chromium <not-affected> (Only affects update of Google Chrome)
CVE-2023-49224 (Precor touchscreen console P62, P80, and P82 contains a default SSH pu ...)
NOT-FOR-US: Precor touchscreen console
CVE-2023-49223 (Precor touchscreen console P62, P80, and P82 could allow a remote atta ...)
@@ -517,7 +517,7 @@ CVE-2024-5426 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery p
CVE-2024-5382 (The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditio ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4610 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm ...)
- TODO: check
+ NOT-FOR-US: Arm
CVE-2024-4152
REJECTED
CVE-2024-3380
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d0fe9338add33dc787d4125d0c9fbf12243197b3
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d0fe9338add33dc787d4125d0c9fbf12243197b3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240610/643f08a1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list