[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 9 21:37:31 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b6ba3516 by Salvatore Bonaccorso at 2024-05-09T22:31:53+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61,65 +61,65 @@ CVE-2024-4383 (The Simple Membership plugin for WordPress is vulnerable to Store
CVE-2024-4339 (The Prime Slider \u2013 Addons For Elementor (Revolution of a slider, ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4335 (The Rank Math SEO with AI Best SEO Tools plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4316 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4314 (The Hostel plugin for WordPress is vulnerable to Cross-Site Request Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4312 (The Soccer Engine \u2013 Soccer Plugin for WordPress plugin for WordPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4193 (The Testimonial Slider plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4158 (The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-4150 (The Simple Basic Contact Form plugin for WordPress is vulnerable to Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4107 (The Elementor Website Builder \u2013 More than Just a Page Builder Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4104 (The ADFO \u2013 Custom data in admin dashboard plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4103 (The ADFO \u2013 Custom data in admin dashboard plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4082 (The Joli FAQ SEO \u2013 WordPress FAQ Plugin plugin for WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4041 (The Yoast SEO plugin for WordPress is vulnerable to Reflected Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4038 (The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3990 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3989 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3974 (The BuddyPress plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3954 (The Ditty plugin for WordPress is vulnerable to PHP Object Injection i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3952 (The Advanced Ads \u2013Ad Manager & AdSense plugin for WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3923 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3916 (The Swift Framework plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3915 (The Swift Framework plugin for WordPress is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3831 (The Enter Addons \u2013 Ultimate Template Builder for Elementor plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3809 (The Porto Theme - Functionality plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3808 (The Porto Theme - Functionality plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3807 (The Porto theme for WordPress is vulnerable to Local File Inclusion in ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-3806 (The Porto theme for WordPress is vulnerable to Local File Inclusion in ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-3727 (A flaw was found in the github.com/containers/image library. This flaw ...)
TODO: check
CVE-2024-3722 (The Swift Performance Lite plugin for WordPress is vulnerable to unaut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3680 (The Enter Addons \u2013 Ultimate Template Builder for Elementor plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3595 (The Pure Chat \u2013 Live Chat Plugin & More! plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3461 (KioWare for Windows (versions all through 8.35)allows to brute force t ...)
TODO: check
CVE-2024-3460 (In KioWare for Windows (versions all through 8.34)it is possible to ex ...)
@@ -127,9 +127,9 @@ CVE-2024-3460 (In KioWare for Windows (versions all through 8.34)it is possible
CVE-2024-3459 (KioWare for Windows (versions allthrough 8.34)allows to escape the env ...)
TODO: check
CVE-2024-3070 (The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3068 (The Custom Field Suite plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34559 (Insertion of Sensitive Information into Log File vulnerability in Ghos ...)
TODO: check
CVE-2024-34557 (Cross-Site Request Forgery (CSRF) vulnerability in UkrSolution Barcode ...)
@@ -317,13 +317,13 @@ CVE-2024-31952 (An issue was discovered in Samsung Magician 8.0.0 on macOS. Beca
CVE-2024-31803 (Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attack ...)
TODO: check
CVE-2024-2923 (The Magical Addons For Elementor ( Header Footer Builder, Free Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2846 (The Visual Footer Credit Remover plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2785 (The The Plus Addons for Elementor plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2290 (The Advanced Ads plugin for WordPress is vulnerable to PHP Object Inje ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29800 (Deserialization of Untrusted Data vulnerability in Timber Team & Contr ...)
TODO: check
CVE-2024-29166 (HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, r ...)
@@ -355,19 +355,19 @@ CVE-2024-23473 (The SolarWinds Access Rights Manager was found to contain a hard
CVE-2024-22910 (Cross Site Scripting (XSS) vulnerability in CrushFTP v.10.6.0 and v.10 ...)
TODO: check
CVE-2024-1693 (The SP Project & Document Manager plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1467 (The Starter Templates \u2014 Elementor, WordPress & Beaver Builder Tem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1230 (The SimpleShop plugin for WordPress is vulnerable to Cross-Site Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1229 (The SimpleShop plugin for WordPress is vulnerable to unauthorized disc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1166 (The Image Hover Effects \u2013 Elementor Addon plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0445 (The The Plus Addons for Elementor plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6327 (The ShopLentor (formerly WooLentor) plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-33655
- unbound 1.20.0-1
NOTE: https://nlnetlabs.nl/downloads/unbound/CVE-2024-33655.txt
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6ba351604fa2bff7a16fb04c8fc11638c324be8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6ba351604fa2bff7a16fb04c8fc11638c324be8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240509/32a2e5f5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list