[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 9 22:05:08 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8a84b909 by Salvatore Bonaccorso at 2024-05-09T23:02:38+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45,11 +45,11 @@ CVE-2024-4446 (The Content Views \u2013 Post Grid & Filter, Recent Posts, Catego
CVE-2024-4441 (The XML Sitemap & Google News plugin for WordPress is vulnerable to Lo ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4425 (The access control inCemiPark software stores integration (e.g. FTP or ...)
- TODO: check
+ NOT-FOR-US: CemiPark software
CVE-2024-4424 (The access control inCemiPark software does not properly validate user ...)
- TODO: check
+ NOT-FOR-US: CemiPark software
CVE-2024-4423 (The access control inCemiPark software does not properly validate user ...)
- TODO: check
+ NOT-FOR-US: CemiPark software
CVE-2024-4411 (The Mihdan: Yandex Turbo Feed plugin for WordPress is vulnerable to St ...)
NOT-FOR-US: WordPress plugin
CVE-2024-4397 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vul ...)
@@ -121,71 +121,71 @@ CVE-2024-3680 (The Enter Addons \u2013 Ultimate Template Builder for Elementor p
CVE-2024-3595 (The Pure Chat \u2013 Live Chat Plugin & More! plugin for WordPress is ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3461 (KioWare for Windows (versions all through 8.35)allows to brute force t ...)
- TODO: check
+ NOT-FOR-US: KioWare for Windows
CVE-2024-3460 (In KioWare for Windows (versions all through 8.34)it is possible to ex ...)
- TODO: check
+ NOT-FOR-US: KioWare for Windows
CVE-2024-3459 (KioWare for Windows (versions allthrough 8.34)allows to escape the env ...)
- TODO: check
+ NOT-FOR-US: KioWare for Windows
CVE-2024-3070 (The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2024-3068 (The Custom Field Suite plugin for WordPress is vulnerable to Stored Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2024-34559 (Insertion of Sensitive Information into Log File vulnerability in Ghos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34557 (Cross-Site Request Forgery (CSRF) vulnerability in UkrSolution Barcode ...)
TODO: check
CVE-2024-34556 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
TODO: check
CVE-2024-34550 (Insertion of Sensitive Information into Log File vulnerability in Alex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34549 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34445 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34441 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34439 (Cross-Site Request Forgery (CSRF) vulnerability in divSpot DS Site Mes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34437 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34436 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34433 (Deserialization of Untrusted Data vulnerability in OCDI One Click Demo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34432 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34431 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34430 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34429 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34428 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34427 (Cross-Site Request Forgery (CSRF) vulnerability in Huseyin Berberoglu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34426 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34425 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34424 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34423 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34422 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34421 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34420 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34419 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34418 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34417 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34415 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34354 (CMSaaSStarter is a SaaS template/boilerplate built with SvelteKit, Tai ...)
TODO: check
CVE-2024-34352 (1Panel is an open source Linux server operation and maintenance manage ...)
@@ -197,45 +197,45 @@ CVE-2024-34350 (Next.js is a React framework that can provide building blocks to
CVE-2024-34345 (The CycloneDX JavaScript library contains the core functionality of OW ...)
TODO: check
CVE-2024-34338 (A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and ea ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-34220 (Sourcecodester Human Resource Management System 1.0 is vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Human Resource Management System
CVE-2024-34219 (TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vuln ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34218 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34217 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34215 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34213 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...)
TODO: check
CVE-2024-34212 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34211 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hard ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34210 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34209 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34207 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34206 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34205 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a comm ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34204 (TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to co ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34203 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34202 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34201 (TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stac ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34200 (TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-34074 (Frappe is a full-stack web application framework. Prior to 15.26.0 and ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2024-33877 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__c ...)
TODO: check
CVE-2024-33876 (HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_d ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a84b909ab71236e573f6aaa5a87c1069135a280
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a84b909ab71236e573f6aaa5a87c1069135a280
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240509/a563c871/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list