[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 19 21:28:39 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ed729cfb by Salvatore Bonaccorso at 2024-06-19T22:28:07+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2024-5676 (The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: Paradox IP150 Internet Module
CVE-2024-4632 (The WooCommerce Checkout & Funnel Builder by CartFlows \u2013 Create H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38358 (Wasmer is a web assembly (wasm) Runtime supporting WASIX, WASI and Ems ...)
- TODO: check
+ NOT-FOR-US: Wasmer (WebAssembly runtime)
CVE-2024-38357 (TinyMCE is an open source rich text editor. A cross-site scripting (XS ...)
TODO: check
CVE-2024-38356 (TinyMCE is an open source rich text editor. A cross-site scripting (XS ...)
@@ -21,97 +21,97 @@ CVE-2024-36116 (Reposilite is an open source, lightweight and easy-to-use reposi
CVE-2024-36115 (Reposilite is an open source, lightweight and easy-to-use repository m ...)
TODO: check
CVE-2024-35780 (Deserialization of Untrusted Data vulnerability in Live Composer Team ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35765 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34993 (In the module "Bulk Export products to Google Merchant-Google Shopping ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2024-34444 (Missing Authorization vulnerability in ThemePunch OHG Slider Revolutio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34443 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32030 (Kafka UI is an Open-Source Web UI for Apache Kafka Management. Kafka U ...)
TODO: check
CVE-2024-22263 (Spring Cloud Data Flow is a microservices-based Streaming and Batch da ...)
TODO: check
CVE-2024-0383 (The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6495 (The YARPP \u2013 Yet Another Related Posts Plugin plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50900 (Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48761 (Missing Authorization vulnerability in Crocoblock JetElements For Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48760 (Missing Authorization vulnerability in Crocoblock JetElements For Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48759 (Missing Authorization vulnerability in Crocoblock JetElements For Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47788 (Missing Authorization vulnerability in Automattic Jetpack.This issue a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47783 (Missing Authorization vulnerability in Thrive Themes Thrive Theme Buil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47771 (Missing Authorization vulnerability in ThemePunch OHG Essential Grid.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47770 (Missing Authorization vulnerability in Muffin Group Betheme.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-47681 (Missing Authorization vulnerability in QuadLayers WooCommerce Checkout ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46148 (Missing Authorization vulnerability in Themify Themify Ultra.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-46146 (Missing Authorization vulnerability in Themify Themify Ultra.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-45658 (Missing Authorization vulnerability in POSIMYTH Nexter.This issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-44151 (Missing Authorization vulnerability in Brainstorm Force Pre-Publish Ch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44148 (Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41805 (Missing Authorization vulnerability in Brainstorm Force Premium Starte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40608 (Missing Authorization vulnerability in Paid Memberships Pro Paid Membe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40004 (Missing Authorization vulnerability in ServMask All-in-One WP Migratio ...)
TODO: check
CVE-2023-39998 (Missing Authorization vulnerability in Muffingroup Betheme.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-39993 (Missing Authorization vulnerability in Wpmet Elements kit Elementor ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39990 (Missing Authorization vulnerability in Paid Memberships Pro.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39922 (Missing Authorization vulnerability in ThemeFusion Avada.This issue af ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-39312 (Missing Authorization vulnerability in ThemeFusion Avada.This issue af ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-39310 (Missing Authorization vulnerability in ThemeFusion Fusion Builder.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38394 (Missing Authorization vulnerability in Artbees JupiterX Core.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38393 (Missing Authorization vulnerability in Saturday Drive Ninja Forms.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38386 (Missing Authorization vulnerability in Saturday Drive Ninja Forms.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37872 (Missing Authorization vulnerability in Woo WooCommerce Ship to Multipl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37870 (Missing Authorization vulnerability in Woo WooCommerce Warranty Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37869 (Missing Authorization vulnerability in Premium Addons Premium Addons P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36684 (Missing Authorization vulnerability in Brainstorm Force Convert Pro.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36683 (Missing Authorization vulnerability in WP SCHEMA PRO Schema Pro.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36676 (Missing Authorization vulnerability in Brainstorm Force Spectra.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36516 (Missing Authorization vulnerability in ThimPress LearnPress.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36515 (Missing Authorization vulnerability in ThimPress LearnPress.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36512 (Missing Authorization vulnerability in Woo AutomateWoo.This issue affe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35050 (Missing Authorization vulnerability in Elementor Elementor Pro.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35049 (Missing Authorization vulnerability in WooCommerce WooCommerce Stripe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-47616 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 5.15.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -102246,7 +102246,7 @@ CVE-2023-25699 (Improper Neutralization of Special Elements used in an OS Comman
CVE-2023-25698 (Cross-Site Request Forgery (CSRF) vulnerability in Studio Wombat Shopp ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25697 (Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25696 (Improper Input Validation vulnerability in the Apache Airflow Hive Pro ...)
NOT-FOR-US: Apache Airflow Hive Provider
CVE-2023-25695 (Generation of Error Message Containing Sensitive Information vulnerabi ...)
@@ -121922,7 +121922,7 @@ CVE-2022-45834
CVE-2022-45833 (Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 on ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45832 (Missing Authorization vulnerability in Hennessey Digital Attorney.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45831 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in biplob01 ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45830
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed729cfb8dac7824d98780a5b2a9af27872e3a13
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed729cfb8dac7824d98780a5b2a9af27872e3a13
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240619/8c68f9f7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list