[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 3 21:53:46 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e513b114 by Salvatore Bonaccorso at 2024-05-03T22:52:24+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -137,9 +137,9 @@ CVE-2024-3550 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for Wo
CVE-2024-3546 (The WordPress Backup & Migration plugin for WordPress is vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3544 (Unauthenticated attackers can perform actions, using SSH private keys, ...)
- TODO: check
+ NOT-FOR-US: ECS Connection Manager (ECS CM)
CVE-2024-3543 (Use of reversible password encryption algorithm allows attackers to de ...)
- TODO: check
+ NOT-FOR-US: ECS Connection Manager (ECS CM)
CVE-2024-3520 (The Country State City Dropdown CF7 plugin for WordPress is vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3517 (The Shortcodes and extra features for Phlox theme plugin for WordPress ...)
@@ -157,77 +157,77 @@ CVE-2024-3479 (An improper export vulnerability was reported in the Motorola Ent
CVE-2024-3473 (The Header Footer Code Manager Pro plugin for WordPress is vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3341 (The Shortcodes and extra features for Phlox theme plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3340 (The Colibri Page Builder plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3338 (The Colibri Page Builder plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3337 (The Colibri Page Builder plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3312 (The Easy Custom Auto Excerpt plugin for WordPress is vulnerable to Sen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3308 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3307 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3295 (The User Registration \u2013 Custom Registration Form, Login Form, and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3287 (The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3275 (The eRoom \u2013 Zoom Meetings & Webinars plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3233 (The Ivory Search \u2013 WordPress Search Plugin plugin for WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3215 (The Paid Memberships Pro \u2013 Content Restriction, User Registration ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3206 (The Different Menu in Different Pages \u2013 Control Menu Visibility ( ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3199 (The The Plus Addons for Elementor plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3197 (The The Plus Addons for Elementor plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3161 (The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3109 (A hard-coded AES key vulnerability was reported in the Motorola GuideM ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2024-3108 (An implicit intent vulnerability was reported for Motorola\u2019s Time ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2024-3107 (The Spectra \u2013 WordPress Gutenberg Blocks plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3074 (The Elementor ImageBox plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3071 (The ACF On-The-Go plugin for WordPress is vulnerable to unauthorized m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3047 (The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3045 (The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3023 (The AnnounceKit plugin for WordPress is vulnerable to Stored Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3021 (The Mhr Post Ticker plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3005 (The LA-Studio Element Kit for Elementor plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34455 (Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directo ...)
TODO: check
CVE-2024-34453 (TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to ...)
- TODO: check
+ NOT-FOR-US: TwoNav
CVE-2024-34449 (Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the v ...)
TODO: check
CVE-2024-34447 (An issue was discovered in Bouncy Castle Java Cryptography APIs before ...)
TODO: check
CVE-2024-34446 (Mullvad VPN through 2024.1 on Android does not set a DNS server in the ...)
- TODO: check
+ NOT-FOR-US: Mullvad VPN
CVE-2024-34408 (Tencent libpag through 4.3.51 has an integer overflow in DecodeStream: ...)
TODO: check
CVE-2024-34404 (A vulnerability was discovered in the Alta Recovery Vault feature of V ...)
- TODO: check
+ NOT-FOR-US: Veritas NetBackup
CVE-2024-34403 (An issue was discovered in uriparser through 0.9.7. ComposeQueryMalloc ...)
TODO: check
CVE-2024-34402 (An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine ...)
TODO: check
CVE-2024-34401 (Savsoft Quiz 6.0 allows stored XSS via the index.php/quiz/insert_quiz/ ...)
- TODO: check
+ NOT-FOR-US: Savsoft Quiz
CVE-2024-34394 (libxmljs2 is vulnerable to a type confusion vulnerability when parsing ...)
TODO: check
CVE-2024-34393 (libxmljs2 is vulnerable to a type confusion vulnerability when parsing ...)
@@ -237,7 +237,7 @@ CVE-2024-34392 (libxmljs is vulnerable to a type confusion vulnerability when pa
CVE-2024-34391 (libxmljs is vulnerable to a type confusion vulnerability when parsing ...)
TODO: check
CVE-2024-34075 (kurwov is a fast, dependency-free library for creating Markov Chains. ...)
- TODO: check
+ NOT-FOR-US: kurwov
CVE-2024-34073 (sagemaker-python-sdk is a library for training and deploying machine l ...)
TODO: check
CVE-2024-34072 (sagemaker-python-sdk is a library for training and deploying machine l ...)
@@ -255,109 +255,109 @@ CVE-2024-34062 (tqdm is an open source progress bar for Python and CLI. Any opti
CVE-2024-34061 (changedetection.io is a free open source web page change detection, we ...)
TODO: check
CVE-2024-34033 (Delta Electronics DIAEnergie has insufficient input validation which m ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-34032 (Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnera ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-34031 (Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnera ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-33956 (Missing Authorization vulnerability in ThemeLocation Custom WooCommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33955 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33954 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33953 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33952 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33951 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33950 (Administrator Cross Site Scripting (XSS) in Archives Calendar Widget < ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33949 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33948 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33947 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33946 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33945 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33944 (Missing Authorization vulnerability in Kestrel WooCommerce AWeber News ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33943 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33942 (Missing Authorization vulnerability in Eric Alli Google Typography.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33941 (Missing Authorization vulnerability in Avirtum iPanorama 360 WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33940 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33938 (Missing Authorization vulnerability in codename065 Sliding Widgets all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33937 (Missing Authorization vulnerability in Nico Martin Progressive WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33936 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33935 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33934 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33932 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33931 (Missing Authorization vulnerability in ilGhera JW Player for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33930 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33929 (Missing Authorization vulnerability in wpWax Directorist.This issue af ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33928 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33927 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33926 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33925 (Missing Authorization vulnerability in Adrian M\xf6rchen Embed Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33924 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33923 (Missing Authorization vulnerability in Smartypants SP Project & Docume ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33922 (Insertion of Sensitive Information into Log File vulnerability in Jord ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33921 (Broken Access Control vulnerability in ReviewX.This issue affects Revi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33920 (Missing Authorization vulnerability in Kama Democracy Poll.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33919 (Missing Authorization vulnerability in Rometheme RomethemeKit For Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33918 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33916 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33915 (Missing Authorization vulnerability in Bowo Debug Log Manager.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33914 (Missing Authorization vulnerability in Exclusive Addons Exclusive Addo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33913 (Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33911 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33844 (The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the M ...)
- TODO: check
+ NOT-FOR-US: Parrot ANAFI USA firmware
CVE-2024-33793 (A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2. ...)
- TODO: check
+ NOT-FOR-US: netis-systems MEX605
CVE-2024-33792 (A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2. ...)
- TODO: check
+ NOT-FOR-US: netis-systems MEX605
CVE-2024-33791 (A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2. ...)
- TODO: check
+ NOT-FOR-US: netis-systems MEX605
CVE-2024-33789 (Linksys E5600 v1.1.0.26 was discovered to contain a command injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-33787 (Hengan Weighing Management Information Query Platform 2019-2021 53.25 ...)
- TODO: check
+ NOT-FOR-US: Hengan Weighing Management Information Query Platform
CVE-2024-33786 (An arbitrary file upload vulnerability in Zhongcheng Kexin Ticketing M ...)
- TODO: check
+ NOT-FOR-US: Zhongcheng Kexin Ticketing Management Platform
CVE-2024-33530 (In Jitsi Meet before 9391, a logic flaw in password-protected Jitsi me ...)
TODO: check
CVE-2024-33398 (There is a ClusterRole in piraeus-operator v2.5.0 and earlier which ha ...)
@@ -367,17 +367,17 @@ CVE-2024-33396 (An issue in karmada-io karmada v1.9.0 and before allows a local
CVE-2024-33394 (An issue in kubevirt kubevirt v1.2.0 and before allows a local attacke ...)
TODO: check
CVE-2024-33305 (SourceCodester Laboratory Management System 1.0 is vulnerable to Cross ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Laboratory Management System
CVE-2024-33303 (SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scrip ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Product Show Room
CVE-2024-33302 (SourceCodester Product Show Room 1.0 and before is vulnerable to Cross ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Product Show Room
CVE-2024-32986 (PWAsForFirefox is a tool to install, manage and use Progressive Web Ap ...)
TODO: check
CVE-2024-32831 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32810 (Missing Authorization vulnerability in ShortPixel ShortPixel Critical ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32638 (Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling' ...)
TODO: check
CVE-2024-32359 (An RBAC authorization risk in Carina v0.13.0 and earlier allows local ...)
@@ -385,69 +385,69 @@ CVE-2024-32359 (An RBAC authorization risk in Carina v0.13.0 and earlier allows
CVE-2024-32114 (In Apache ActiveMQ 6.x, the default configuration doesn't secure the A ...)
TODO: check
CVE-2024-31967 (A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31966 (A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31965 (A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31964 (A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31963 (A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones throug ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2024-31673 (Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in load_data.php via t ...)
- TODO: check
+ NOT-FOR-US: Kliqqi-CMS
CVE-2024-31636 (An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive ...)
TODO: check
CVE-2024-30851 (Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v. ...)
- TODO: check
+ NOT-FOR-US: codesiddhant Jasmin Ransomware
CVE-2024-30306 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30305 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30304 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30303 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30302 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-30301 (Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are aff ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-2967 (The Guest posting / Frontend Posting wordpress plugin \u2013 WP Front ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2960 (The SVS Pricing Tables plugin for WordPress is vulnerable to Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2959 (The SVS Pricing Tables plugin for WordPress is vulnerable to Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2958 (The SVS Pricing Tables plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2876 (The Email Subscribers by Icegram Express \u2013 Email Marketing, Newsl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2867 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2840 (The Enhanced Media Library plugin for WordPress is vulnerable to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2831 (The Calendar plugin for WordPress is vulnerable to SQL Injection via t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2797 (The MailerLite \u2013 Signup forms (official) plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2790 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2765 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2752 (The Where Did You Hear About Us Checkout Field for WooCommerce plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2751 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2750 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2667 (The InstaWP Connect \u2013 1-click WP Staging & Migration plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2661 (The Barcode Scanner and Inventory manager. POS (Point of Sale) \u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2542 (The Jotform Online Forms \u2013 Drag & Drop Form Builder, Securely Emb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2503 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2417 (The User Registration \u2013 Custom Registration Form, Login Form, and ...)
TODO: check
CVE-2024-2410 (The JsonToBinaryStream()function is part of the protocol buffers C++ i ...)
@@ -483,15 +483,15 @@ CVE-2024-29309 (An issue in Alfresco Content Services v.23.3.0.7 allows a remote
CVE-2024-28519 (A kernel handle leak issue in ProcObsrvesx.sys 4.0.0.49 in MicroWorld ...)
TODO: check
CVE-2024-28072 (A highly privileged account can overwrite arbitrary files on the syste ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2024-27453 (In Extreme XOS through 22.6.1.4, a read-only user can escalate privile ...)
TODO: check
CVE-2024-25290 (An issue in Casa Systems NL1901ACV R6B032 allows a remote attacker to ...)
- TODO: check
+ NOT-FOR-US: Casa Systems NL1901ACV R6B032
CVE-2024-25047 (IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 i ...)
NOT-FOR-US: IBM
CVE-2024-24710 (Missing Authorization vulnerability in SlickRemix Feed Them Social.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23914 (Use of Externally-Controlled Format String vulnerability in Merge DICO ...)
TODO: check
CVE-2024-23913 (Use of Out-of-range Pointer Offset vulnerability in Merge DICOM Toolki ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e513b11486af3f572b998f00dca6cfe5e227bb5e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e513b11486af3f572b998f00dca6cfe5e227bb5e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240503/50647be7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list