[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 28 20:51:16 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6aa435c8 by Salvatore Bonaccorso at 2024-03-28T21:36:11+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,91 +1,91 @@
CVE-2024-3042 (A vulnerability was found in SourceCodester Simple Subscription Websit ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Simple Subscription Website
CVE-2024-3041 (A vulnerability has been found in Netentsec NS-ASG Application Securit ...)
- TODO: check
+ NOT-FOR-US: Netentsec NS-ASG Application Security Gateway
CVE-2024-3040 (A vulnerability, which was classified as critical, was found in Netent ...)
- TODO: check
+ NOT-FOR-US: Netentsec NS-ASG Application Security Gateway
CVE-2024-3039 (A vulnerability classified as critical has been found in Shanghai Brad ...)
- TODO: check
+ NOT-FOR-US: Shanghai Brad Technology BladeX
CVE-2024-3019 (A flaw was found in PCP. The default pmproxy configuration exposes the ...)
TODO: check
CVE-2024-31140 (In JetBrains TeamCity before 2024.03 server administrators could remov ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31139 (In JetBrains TeamCity before 2024.03 xXE was possible in the Maven bui ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31138 (In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distri ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31137 (In JetBrains TeamCity before 2024.03 reflected XSS was possible via Sp ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31136 (In JetBrains TeamCity before 2024.03 2FA could be bypassed by providin ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31135 (In JetBrains TeamCity before 2024.03 open redirect was possible on the ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31134 (In JetBrains TeamCity before 2024.03 authenticated users without admin ...)
- TODO: check
+ NOT-FOR-US: JetBrains TeamCity
CVE-2024-31065 (Cross Site Scripting vulnerability in Insurance Mangement System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-31064 (Cross Site Scripting vulnerability in Insurance Mangement System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-31063 (Cross Site Scripting vulnerability in Insurance Mangement System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-31062 (Cross Site Scripting vulnerability in Insurance Mangement System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-31061 (Cross Site Scripting vulnerability in Insurance Mangement System v.1.0 ...)
- TODO: check
+ NOT-FOR-US: Insurance Mangement System
CVE-2024-30612 (Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the dev ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30607 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the device ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30606 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the page p ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30604 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the list1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30603 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the urls p ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30602 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedS ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30601 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the time p ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30600 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedE ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30599 (Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the device ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30598 (Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30597 (Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30596 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30595 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30594 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30593 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30592 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30591 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30590 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30589 (Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30588 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30587 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30586 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30585 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30584 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30583 (Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-30422 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30421 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Events Man ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2947 (A flaw was found in Cockpit. Deleting a sosreport with a crafted name ...)
TODO: check
CVE-2024-29898 (CreateWiki is Miraheze's MediaWiki extension for requesting & creating ...)
@@ -97,73 +97,73 @@ CVE-2024-29896 (Astro-Shield is a library to compute the subresource integrity h
CVE-2024-29882 (SRS is a simple, high-efficiency, real-time video server. SRS's `/api/ ...)
TODO: check
CVE-2024-29200 (Kimai is a web-based multi-user time-tracking application. The permiss ...)
- TODO: check
+ NOT-FOR-US: Kimai
CVE-2024-28713 (An issue in Mblog Blog system v.3.5.0 allows an attacker to execute ar ...)
- TODO: check
+ NOT-FOR-US: Mblog Blog system
CVE-2024-28109 (veraPDF-library is a PDF/A validation library. Executing policy checks ...)
- TODO: check
+ NOT-FOR-US: veraPDF-library
CVE-2024-28091 (Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T ...)
- TODO: check
+ NOT-FOR-US: Technicolor
CVE-2024-28090 (Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T ...)
- TODO: check
+ NOT-FOR-US: Technicolor
CVE-2024-27775 (SysAid before version 23.2.14 b18 -CWE-918: Server-Side Request Forger ...)
- TODO: check
+ NOT-FOR-US: SysAid
CVE-2024-27719 (A cross site scripting (XSS) vulnerability in rems FAQ Management Syst ...)
- TODO: check
+ NOT-FOR-US: rems FAQ Management System
CVE-2024-25971 (Dell PowerProtect Data Manager, version 19.15, contains an XML Externa ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25963 (Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25961 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an imp ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25960 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a clea ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25959 (Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an ins ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25955 (Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injecti ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25954 (Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an in ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25953 (Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNI ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25952 (Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNI ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25946 (Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injecti ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25506 (Cross Site Scripting vulnerability in Process Maker, Inc ProcessMaker ...)
- TODO: check
+ NOT-FOR-US: Process Maker
CVE-2024-0259 (Fortra's Robot Schedule Enterprise Agent for Windows prior to version ...)
- TODO: check
+ NOT-FOR-US: Fortra
CVE-2023-6437 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-45715 (The console may experience a service interruption when processing file ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-45706 (An administrative user of WebReports may perform a Cross Site Scriptin ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-45705 (An administrative user of WebReports may perform a Server Side Request ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-42974 (A race condition was addressed with improved state handling. This issu ...)
TODO: check
CVE-2023-42962 (This issue was addressed with improved checks This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42947 (A path handling issue was addressed with improved validation. This iss ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42936 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42931 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42930 (This issue was addressed with improved checks. This issue is fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42913 (This issue was addressed through improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42896 (An issue was addressed with improved handling of temporary files. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42893 (A permissions issue was addressed by removing vulnerable code and addi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-42892 (A use-after-free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-40390 (A privacy issue was addressed by moving sensitive data to a protected ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-3024 (A vulnerability was found in appneta tcpreplay up to 4.4.4. It has bee ...)
TODO: check
CVE-2024-3015 (A vulnerability classified as critical was found in SourceCodester Sim ...)
@@ -243,49 +243,49 @@ CVE-2024-2998 (A vulnerability was found in Bdtask Multi-Store Inventory Managem
CVE-2024-2997 (A vulnerability was found in Bdtask Multi-Store Inventory Management S ...)
NOT-FOR-US: Bdtask Multi-Store Inventory Management System
CVE-2024-2890 (Unrestricted Upload of File with Dangerous Type vulnerability in Tumul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2818 (An issue has been discovered in GitLab CE/EE affecting all versions be ...)
TODO: check
CVE-2024-2111 (The Events Manager \u2013 Calendar, Bookings, Tickets, and more! plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2110 (The Events Manager \u2013 Calendar, Bookings, Tickets, and more! plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2091 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29241 (Missing authorization vulnerability in System webapi component in Syno ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29240 (Missing authorization vulnerability in LayoutSave webapi component in ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29239 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29238 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29237 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29236 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29235 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29234 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29233 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29232 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29231 (Improper validation of array index vulnerability in UserPrivilege.Enum ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29230 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29229 (Missing authorization vulnerability in GetLiveViewPath webapi componen ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29228 (Missing authorization vulnerability in GetStmUrlPath webapi component ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29227 (Improper neutralization of special elements used in an SQL command ('S ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-29100 (Unrestricted Upload of File with Dangerous Type vulnerability in Jordy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29090 (Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28016 (Improper Access Controlvulnerability in NEC Corporation Aterm WG1800HP ...)
TODO: check
CVE-2024-28015 (Improper Neutralization of Special Elements used in an OS Command vuln ...)
@@ -311,37 +311,37 @@ CVE-2024-28006 (Improper authentication vulnerability in NEC Corporation Aterm W
CVE-2024-28005 (Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2 ...)
TODO: check
CVE-2024-28004 (Missing Authorization vulnerability in ExtendThemes Colibri Page Build ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28003 (Missing Authorization vulnerability in Megamenu Max Mega Menu.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28002 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28001 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-27999 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25924 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25923 (Insertion of Sensitive Information into Log File vulnerability in Peep ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25599 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25354 (RegEx Denial of Service in domain-suffix 1.0.8 allows attackers to cra ...)
TODO: check
CVE-2024-23500 (Server-Side Request Forgery (SSRF) vulnerability in Kadence WP Gutenbe ...)
TODO: check
CVE-2024-22138 (Insertion of Sensitive Information into Log File vulnerability in Sera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1770 (The Meta Tag Manager plugin for WordPress is vulnerable to PHP Object ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0980 (The Auto-update service for Okta Verify for Windows is vulnerable to t ...)
- TODO: check
+ NOT-FOR-US: Okta
CVE-2024-0677 (The Pz-LinkCard WordPress plugin through 2.5.1 does not prevent users ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0673 (The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0672 (The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0079 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
TODO: check
CVE-2024-0077 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
@@ -358,21 +358,21 @@ CVE-2023-52628 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux 5.10.205-1
NOTE: https://git.kernel.org/linus/fd94d9dadee58e09b49075240fe83423eb1dcd36 (6.6-rc1)
CVE-2023-52234 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-52231 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50374 (Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP \u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47438 (SQL Injection vulnerability in Reportico Till 8.1.0 allows attackers t ...)
- TODO: check
+ NOT-FOR-US: Reportico Till
CVE-2023-39313 (Server-Side Request Forgery (SSRF) vulnerability in ThemeFusion Avada. ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-39309 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36679 (Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-34370 (Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-30238 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2024-30186 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -1039,7 +1039,7 @@ CVE-2024-29684 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forg
CVE-2024-29644 (Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before al ...)
NOT-FOR-US: dcat-admin
CVE-2024-29401 (xzs-mysql 3.8 is vulnerable to Insufficient Session Expiration, which ...)
- TODO: check
+ NOT-FOR-US: xzs-mysql
CVE-2024-29203 (TinyMCE is an open source rich text editor. Across-site scripting (XSS ...)
TODO: check
CVE-2024-29197 (Pimcore is an Open Source Data & Experience Management Platform. Any c ...)
@@ -75634,7 +75634,7 @@ CVE-2023-0584 (The VK Blocks plugin for WordPress is vulnerable to improper auth
CVE-2023-0583 (The VK Blocks plugin for WordPress is vulnerable to improper authoriza ...)
NOT-FOR-US: VK Blocks plugin for WordPress
CVE-2023-0582 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: ForgeRock
CVE-2023-0581 (The PrivateContent plugin for WordPress is vulnerable to protection me ...)
NOT-FOR-US: PrivateContent plugin for WordPress
CVE-2023-0580 (Insecure Storage of Sensitive Information vulnerability in ABB My Cont ...)
@@ -92415,7 +92415,7 @@ CVE-2022-45852
CVE-2022-45851 (Missing Authorization vulnerability in ShareThis ShareThis Dashboard f ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45850 (Cross-Site Request Forgery (CSRF) vulnerability in Nickys Image Map Pr ...)
- TODO: check
+ NOT-FOR-US: Nickys Image Map
CVE-2022-45849 (Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45848 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability inContest Gall ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6aa435c8023dd4abae4ad85bb47253c3137e8805
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6aa435c8023dd4abae4ad85bb47253c3137e8805
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240328/90ec0415/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list