[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 27 08:29:38 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d588e16e by Salvatore Bonaccorso at 2024-03-27T09:29:11+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,67 +1,67 @@
CVE-2024-30201 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30199 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30198 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30197 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30196 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30195 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30194 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30193 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30192 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2971 (Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negat ...)
TODO: check
CVE-2024-2956 (The Simple Ajax Chat \u2013 Add a Fast, Secure Chat Box plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2954 (The Action Network plugin for WordPress is vulnerable to SQL Injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2945 (A vulnerability was found in Campcodes Online Examination System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Examination System
CVE-2024-2944 (A vulnerability was found in Campcodes Online Examination System 1.0 a ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Examination System
CVE-2024-2943 (A vulnerability has been found in Campcodes Online Examination System ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Examination System
CVE-2024-2942 (A vulnerability, which was classified as critical, was found in Campco ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Examination System
CVE-2024-2941 (A vulnerability, which was classified as critical, has been found in C ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Examination System
CVE-2024-2940 (A vulnerability classified as problematic was found in Campcodes Onlin ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Examination System
CVE-2024-2939 (A vulnerability classified as problematic has been found in Campcodes ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Examination System
CVE-2024-2938 (A vulnerability was found in Campcodes Online Examination System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Examination System
CVE-2024-2935 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Todo List in Kanban Board
CVE-2024-2934 (A vulnerability classified as critical was found in SourceCodester Tod ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Todo List in Kanban Board
CVE-2024-2932 (A vulnerability classified as critical has been found in SourceCodeste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Chatting System
CVE-2024-2930 (A vulnerability was found in SourceCodester Music Gallery Site 1.0. It ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Music Gallery Site
CVE-2024-2927 (A vulnerability was found in code-projects Mobile Shop 1.0. It has bee ...)
- TODO: check
+ NOT-FOR-US: code-projects Mobile Shop
CVE-2024-2917 (A vulnerability was found in Campcodes House Rental Management System ...)
- TODO: check
+ NOT-FOR-US: Campcodes House Rental Management System
CVE-2024-2916 (A vulnerability was found in Campcodes House Rental Management System ...)
- TODO: check
+ NOT-FOR-US: Campcodes House Rental Management System
CVE-2024-2911 (A vulnerability, which was classified as problematic, was found in Tia ...)
- TODO: check
+ NOT-FOR-US: Tianjin PubliCMS
CVE-2024-2910 (A vulnerability, which was classified as critical, has been found in R ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2024-2909 (A vulnerability classified as critical was found in Ruijie RG-EG350 up ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2024-2903 (A vulnerability was found in Tenda AC7 15.03.06.44. It has been classi ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-2781 (The Elementor Website Builder Pro plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2466 (libcurl did not check the server certificate of TLS connections done t ...)
TODO: check
CVE-2024-2398 (When an application tells libcurl it wants to allow HTTP/2 server push ...)
@@ -89,93 +89,93 @@ CVE-2024-2097 (Authenticated List control client can execute the LINQ query in S
CVE-2024-2004 (When a protocol selection parameter option disables all protocols with ...)
TODO: check
CVE-2024-29928 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29927 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29926 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29925 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29924 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29923 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29922 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29921 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29920 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29919 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29918 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29917 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29915 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29914 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29913 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29912 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29911 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29910 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29909 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29908 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29907 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29906 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29820 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28815 (A vulnerability in the BluStar component of Mitel InAttend 2.6 SP4 thr ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-28551 (Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the ssid ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-28545 (Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-28335 (Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell ...)
TODO: check
CVE-2024-27521 (TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an u ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-27188 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-26577 (VSeeFace through 1.13.38.c2 allows attackers to cause a denial of serv ...)
- TODO: check
+ NOT-FOR-US: VSeeFace
CVE-2024-26303 (Authenticated Denial of Service Vulnerability in ArubaOS-Switch SSH Da ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2024-25926 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25920 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25736 (An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58 ...)
- TODO: check
+ NOT-FOR-US: WyreStorm Apollo VX20 devices
CVE-2024-25735 (An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58 ...)
- TODO: check
+ NOT-FOR-US: WyreStorm Apollo VX20 devices
CVE-2024-25734 (An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58 ...)
- TODO: check
+ NOT-FOR-US: WyreStorm Apollo VX20 devices
CVE-2024-25421 (An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remot ...)
TODO: check
CVE-2024-25420 (An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remot ...)
TODO: check
CVE-2024-25138 (In AutomationDirect C-MORE EA9 HMI, credentials used by the platform ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect C-MORE EA9 HMI
CVE-2024-25137 (In AutomationDirect C-MORE EA9 HMI there is a program that copies a bu ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect C-MORE EA9 HMI
CVE-2024-25136 (There is a function in AutomationDirect C-MORE EA9 HMI that allows an ...)
- TODO: check
+ NOT-FOR-US: AutomationDirect C-MORE EA9 HMI
CVE-2024-24842 (Deserialization of Untrusted Data vulnerability in Echo Plugins Knowle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24800 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24700 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-22311 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2024-22300 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -355,7 +355,7 @@ CVE-2024-29808 (The image_id parameter of the AJAX call to the editimage_bwg act
CVE-2024-29684 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
NOT-FOR-US: DedeCMS
CVE-2024-29644 (Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before al ...)
- TODO: check
+ NOT-FOR-US: dcat-admin
CVE-2024-29401 (xzs-mysql 3.8 is vulnerable to Insufficient Session Expiration, which ...)
TODO: check
CVE-2024-29203 (TinyMCE is an open source rich text editor. Across-site scripting (XSS ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d588e16ed3e15b3aa00978bcc5deb3e27207208b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d588e16ed3e15b3aa00978bcc5deb3e27207208b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240327/3e0c707f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list