[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 12 21:44:50 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5233344d by Salvatore Bonaccorso at 2024-06-12T22:44:07+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -79,7 +79,7 @@ CVE-2024-36761 (naga v0.14.0 was discovered to contain a stack overflow via the
CVE-2024-36699 (GNU Debugger v8.2 to v14.2 was discovered to contain a buffer overflow ...)
TODO: check
CVE-2024-36691 (Insecure permissions in the AdminController.AjaxSave() method of PPGo_ ...)
- TODO: check
+ NOT-FOR-US: PPGo_Jobs
CVE-2024-36265 (** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability ...)
NOT-FOR-US: Apache Submarine Server Core
CVE-2024-36264 (** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerability ...)
@@ -87,83 +87,83 @@ CVE-2024-36264 (** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerab
CVE-2024-36263 (** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Ele ...)
NOT-FOR-US: Apache Submarine Server Core
CVE-2024-34065 (Strapi is an open-source content management system. By combining two v ...)
- TODO: check
+ NOT-FOR-US: Strapi
CVE-2024-31881 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
NOT-FOR-US: IBM
CVE-2024-31217 (Strapi is an open-source content management system. Prior to version 4 ...)
- TODO: check
+ NOT-FOR-US: Strapi
CVE-2024-2747 (CWE-428: Unquoted search path or element vulnerability exists in Easer ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2024-2300 (HP Advance Mobile Applications for iOS and Android are potentially vul ...)
- TODO: check
+ NOT-FOR-US: HP Advance Mobile Applications for iOS and Android
CVE-2024-2230
REJECTED
CVE-2024-2092 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29181 (Strapi is an open-source content management system. Prior to version 4 ...)
- TODO: check
+ NOT-FOR-US: Strapi
CVE-2024-28964 (Dell Common Event Enabler, version 8.9.10.0 and prior, contain an inse ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28762 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 ...)
NOT-FOR-US: IBM
CVE-2024-25949 (Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x an ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-24051 (Improper input validation of printing files in Monoprice Select Mini V ...)
- TODO: check
+ NOT-FOR-US: Monoprice Select Mini
CVE-2024-22855 (A cross-site scripting (XSS) vulnerability in the User Maintenance sec ...)
- TODO: check
+ NOT-FOR-US: ITSS iMLog
CVE-2024-1891 (A stored cross site scripting vulnerability exists in Tenable Security ...)
- TODO: check
+ NOT-FOR-US: Tenable Security Center
CVE-2024-1766 (The Download Manager plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1659 (Arbitrary File Upload vulnerability in MegaBIP software allows attacke ...)
- TODO: check
+ NOT-FOR-US: MegaBIP
CVE-2024-1577 (Remote Code Execution vulnerability in MegaBIP software allows to exec ...)
- TODO: check
+ NOT-FOR-US: MegaBIP
CVE-2024-1576 (SQL Injection vulnerability in MegaBIP software allows attacker to obt ...)
- TODO: check
+ NOT-FOR-US: MegaBIP
CVE-2024-0865 (CWE-798: Use of hard-coded credentials vulnerability exists that could ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2023-52177 (Missing Authorization vulnerability in SoftLab Integrate Google Drive. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52117 (Missing Authorization vulnerability in Metagauss ProfileGrid.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51680 (Missing Authorization vulnerability in TechnoVama Quotes for WooCommer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51679 (Missing Authorization vulnerability in BulkGate BulkGate SMS Plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51671 (Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51670 (Missing Authorization vulnerability in FunnelKit FunnelKit Checkout.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51537 (Missing Authorization vulnerability in Awesome Support Team Awesome Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51526 (Missing Authorization vulnerability in Brett Shumaker Simple Staff Lis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51524 (Missing Authorization vulnerability in weForms.This issue affects weFo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51413 (Missing Authorization vulnerability in Piotnet Forms.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49559 (An issue in vektah gqlparser open-source-library v.2.5.10 allows a rem ...)
TODO: check
CVE-2023-48280 (Missing Authorization vulnerability in Consensu.IO Consensu.Io.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47845 (Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47828 (Missing Authorization vulnerability in Mandrill wpMandrill.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44234 (Missing Authorization vulnerability in Bastianon Massimo WP GPX Map.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41240 (Missing Authorization vulnerability in Vark Pricing Deals for WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40672 (Missing Authorization vulnerability in Hardik Chavada Sticky Social Me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40603 (Missing Authorization vulnerability in Gangesh Matta Simple Org Chart. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40209 (Missing Authorization vulnerability in Himalaya Saxena Highcompress Im ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38395 (Missing Authorization vulnerability in Afzal Multani WP Clone Menu.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5892 (The Divi Torque Lite \u2013 Divi Theme and Extra Theme plugin for Word ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5873
@@ -102039,7 +102039,7 @@ CVE-2023-25032 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-25031 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kibo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25030 (Missing Authorization vulnerability in Buy Me a Coffee.This issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25029 (Cross-Site Request Forgery (CSRF) vulnerability in utahta WP Social Bo ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25028 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in chuy ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5233344d645e41a6fa6bc87bc1563923e5a9f1d0
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5233344d645e41a6fa6bc87bc1563923e5a9f1d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240612/c5faf78f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list