[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 1 20:42:46 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6569647e by Salvatore Bonaccorso at 2024-11-01T21:41:55+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,217 +1,217 @@
CVE-2024-7456 (A SQL injection vulnerability exists in the `/api/v1/external-users` r ...)
- TODO: check
+ NOT-FOR-US: lunary-ai/lunary
CVE-2024-51492 (Zusam is a free and open-source way to self-host private forums. Prior ...)
- TODO: check
+ NOT-FOR-US: Zusam
CVE-2024-51483 (changedetection.io is free, open source web page change detection soft ...)
- TODO: check
+ NOT-FOR-US: changedetection.io
CVE-2024-51432 (Cross Site Scripting vulnerability in FiberHome HG6544C RP2743 allows ...)
- TODO: check
+ NOT-FOR-US: FiberHome
CVE-2024-51431 (LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in / ...)
- TODO: check
+ NOT-FOR-US: LB-LINK BL-WR 1300H
CVE-2024-51407 (Floodlight SDN OpenFlow Controller v.1.2 has an issue that allows loca ...)
- TODO: check
+ NOT-FOR-US: Floodlight SDN OpenFlow Controller
CVE-2024-51406 (Floodlight SDN Open Flow Controller v.1.2 has an issue that allows loc ...)
- TODO: check
+ NOT-FOR-US: Floodlight SDN Open Flow Controller
CVE-2024-51399 (Altai Technologies Ltd Altai IX500 Indoor 22 802.11ac Wave 2 AP After ...)
- TODO: check
+ NOT-FOR-US: Altai Technologies Ltd Altai IX500 Indoor 22 802.11ac Wave 2 AP
CVE-2024-51398 (Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Man ...)
- TODO: check
+ NOT-FOR-US: Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP
CVE-2024-51377 (An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Pre ...)
- TODO: check
+ NOT-FOR-US: Ladybird Web Solution Faveo Helpdesk & Servicedesk
CVE-2024-51252 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
- TODO: check
+ NOT-FOR-US: Draytek Vigor3900
CVE-2024-51248 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
- TODO: check
+ NOT-FOR-US: Draytek Vigor3900
CVE-2024-51247 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
- TODO: check
+ NOT-FOR-US: Draytek Vigor3900
CVE-2024-51245 (In DrayTek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
- TODO: check
+ NOT-FOR-US: Draytek Vigor3900
CVE-2024-51244 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
- TODO: check
+ NOT-FOR-US: Draytek Vigor3900
CVE-2024-49770 (`oak` is a middleware framework for Deno's native HTTP server, Deno De ...)
TODO: check
CVE-2024-49256 (Incorrect Authorization vulnerability in WPChill Htaccess File Editor ...)
- TODO: check
+ NOT-FOR-US: WPChill Htaccess File Editor
CVE-2024-48410 (Cross Site Scripting vulnerability in Camtrace v.9.16.2.1 allows a rem ...)
- TODO: check
+ NOT-FOR-US: Camtrace
CVE-2024-48353 (Yealink Meeting Server before V26.0.0.67 allows attackers to obtain st ...)
- TODO: check
+ NOT-FOR-US: Yealink Meeting Server
CVE-2024-48352 (Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive da ...)
- TODO: check
+ NOT-FOR-US: Yealink Meeting Server
CVE-2024-48289 (An issue in the Bluetooth Low Energy implementation of Cypress Bluetoo ...)
- TODO: check
+ NOT-FOR-US: Cypress Bluetooth SDK
CVE-2024-48270 (An issue in the component /logins of oasys v1.1 allows attackers to ac ...)
TODO: check
CVE-2024-48217 (An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART ...)
- TODO: check
+ NOT-FOR-US: SiSMART
CVE-2024-48045 (Missing Authorization vulnerability in Leevio Happy Addons for Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-48044 (Missing Authorization vulnerability in ShortPixel \u2013 Convert WebP/ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-48039 (Missing Authorization vulnerability in CubeWP CubeWP \u2013 All-in-One ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47362 (Missing Authorization vulnerability in WPChill Strong Testimonials all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47361 (Missing Authorization vulnerability in WPVibes Elementor Addon Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47359 (Missing Authorization vulnerability in Depicter Slider and Popup by Av ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47358 (Missing Authorization vulnerability in Popup Maker allows Accessing Fu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47321 (Missing Authorization vulnerability in Fahad Mahmood WP Datepicker all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47318 (Missing Authorization vulnerability in Magazine3 PWA for WP & AMP allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47317 (Missing Authorization vulnerability in WP Quads Ads by WPQuads \u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47314 (Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47311 (Missing Authorization vulnerability in Kraft Plugins Wheel of Life all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47308 (Missing Authorization vulnerability in Templately allows Accessing Fun ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-47302 (Missing Authorization vulnerability in WPManageNinja LLC Fluent Suppor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44052 (Missing Authorization vulnerability in HelloAsso allows Exploiting Inc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44038 (Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44031 (Missing Authorization vulnerability in BearDev JoomSport allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44021 (Missing Authorization vulnerability in Truepush allows Exploiting Inco ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44020 (Missing Authorization vulnerability in Prasad Kirpekar WP Free SSL \u2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44019 (Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Ca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-44006 (Missing Authorization vulnerability in OnTheGoSystems WooCommerce Mult ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43998 (Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Acc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43982 (Missing Authorization vulnerability in Geek Code Lab Login As Users al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43981 (Missing Authorization vulnerability in AyeCode \u2013 WP Business Dire ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43980 (Missing Authorization vulnerability in CozyThemes Fota WP allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43979 (Missing Authorization vulnerability in CozyThemes Blockbooster allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43974 (Missing Authorization vulnerability in CozyThemes ReviveNews allows Ac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43973 (Missing Authorization vulnerability in AyeCode Ltd GetPaid allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43968 (Broken Access Control vulnerability in Automattic Newspack allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43962 (Missing Authorization vulnerability in LWS LWS Affiliation allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43956 (Missing Authorization vulnerability in Caseproof, LLC Memberpress allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43937 (Missing Authorization vulnerability in Themeum WP Crowdfunding allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43932 (Missing Authorization vulnerability in POSIMYTH The Plus Addons for El ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43929 (Missing Authorization vulnerability in eyecix JobSearch allows Accessi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43928 (Missing Authorization vulnerability in eyecix JobSearch allows Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43925 (Missing Authorization vulnerability in Envira Gallery Team Envira Phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43923 (Missing Authorization vulnerability in Arraytics Timetics allows Acces ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43919 (Access Control vulnerability in YARPP YARPP allows . This issue affec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43355 (Missing Authorization vulnerability in BearDev JoomSport allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43343 (Missing Authorization vulnerability in Etoile Web Design Order Trackin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43341 (Missing Authorization vulnerability in CozyThemes Hello Agency allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43332 (Missing Authorization vulnerability in Jordy Meow Photo Engine allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43323 (Missing Authorization vulnerability in ReviewX allows Accessing Functi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43314 (Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43312 (Missing Authorization vulnerability in WPClever WPC Frequently Bought ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43310 (Missing Authorization vulnerability in UkrSolution Print Barcode Label ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43302 (Missing Authorization vulnerability in Fonts Plugin Fonts allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43298 (Missing Authorization vulnerability in Migrate Clone allows Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43297 (Missing Authorization vulnerability in Migrate Clone allows Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43296 (Missing Authorization vulnerability in bPlugins LLC Flash & HTML5 Vide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43293 (Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43290 (Missing Authorization vulnerability in Atarim allows Accessing Functio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43285 (Missing Authorization vulnerability in Presto Made, Inc Presto Player ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43277 (Missing Authorization vulnerability in AyeCode Ltd UsersWP allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43274 (Missing Authorization vulnerability in JS Help Desk JS Help Desk \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43273 (Missing Authorization vulnerability in icegram Icegram Collect plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43270 (Missing Authorization vulnerability in WPBackItUp Backup and Restore W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43268 (Access Control vulnerability in WPBackItUp Backup and Restore WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43260 (Missing Authorization vulnerability in Creative Motion Clearfy Cache a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43254 (Missing Authorization vulnerability in Zaytech Smart Online Order for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43253 (Missing Authorization vulnerability in Zaytech Smart Online Order for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43235 (Missing Authorization vulnerability in MetaBox.Io Meta Box \u2013 Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43229 (Missing Authorization vulnerability in Cornel Raiu WP Search Analytics ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43223 (Missing Authorization vulnerability in EventPrime Events EventPrime al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43219 (Missing Authorization vulnerability in \u0648\u0648\u06a9\u0627\u0645\ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43215 (Missing Authorization vulnerability in creativemotion Social Slider Fe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43212 (Missing Authorization vulnerability in MagePeople Team WpTravelly allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43211 (Cross Site Scripting (XSS) vulnerability in PluginOps MailChimp Subscr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43209 (Missing Authorization vulnerability in Bitly allows Accessing Function ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43208 (Missing Authorization vulnerability in Miller Media ( Matt Miller ) Se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43162 (Missing Authorization vulnerability in Easy Digital Downloads allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43159 (Missing Authorization vulnerability in Masteriyo Masteriyo - LMS allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43158 (Missing Authorization vulnerability in Masteriyo Masteriyo - LMS allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43157 (Missing Authorization vulnerability in nCrafts FormCraft allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43154 (Missing Authorization vulnerability in BracketSpace Advanced Cron Mana ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43146 (Missing Authorization vulnerability in Ahmed Kaludi, Mohammed Kaludi A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43143 (Missing Authorization vulnerability in Roundup WP Registrations for th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43142 (Missing Authorization vulnerability in Themeum Tutor LMS allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43136 (Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43134 (Missing Authorization vulnerability in xootix Waitlist Woocommerce ( B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43122 (Missing Authorization vulnerability in Creative Motion Robin image opt ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43120 (Missing Authorization vulnerability in XSERVER Inc. TypeSquare Webfont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43119 (Missing Authorization vulnerability in Aruba.It Aruba HiSpeed Cache al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43118 (Missing Authorization vulnerability in WPMU DEV Hummingbird allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-41745 (IBM CICS TX Standard is vulnerable to cross-site scripting. This vulne ...)
NOT-FOR-US: IBM
CVE-2024-41744 (IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery ...)
@@ -223,203 +223,203 @@ CVE-2024-41738 (IBM TXSeries for Multiplatforms 10.1 could allow an attacker to
CVE-2024-40490 (An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to ob ...)
TODO: check
CVE-2024-39664 (Missing Authorization vulnerability in YMC Filter & Grids allows Acces ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39654 (Missing Authorization vulnerability in Fetch Designs Sign-up Sheets al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39650 (Missing Authorization vulnerability in WPWeb Elite WooCommerce PDF Vou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39640 (Missing Authorization vulnerability in QuadLayers WP Social Feed Galle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39639 (Broken Access Control vulnerability in Nickolas Bossinas WordPress Fil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39635 (Missing Authorization vulnerability in KaineLabs Youzify allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39625 (Missing Authorization vulnerability in icegram Icegram allows Accessin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38794 (Missing Authorization vulnerability in MediaRon LLC Custom Query Block ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38792 (Missing Authorization vulnerability in ConveyThis Translate Team Langu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38783 (Missing Authorization vulnerability in Tyche Softwares Arconix FAQ all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38777 (Missing Authorization vulnerability in CreativeMotion Titan Anti-spam ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38774 (Missing Authorization vulnerability in SiteGround SiteGround Security ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38771 (Missing Authorization vulnerability in Atarim allows Accessing Functio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38769 (Missing Authorization vulnerability in Tyche Softwares Arconix Shortco ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38748 (Access Control vulnerability in TheInnovs EleForms allows . This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38745 (Missing Authorization vulnerability in Rymera Web Co Wholesale Suite a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38744 (Missing Authorization vulnerability in Upqode Plum: Spin Wheel & Email ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38743 (Access Control vulnerability in Upqode Plum: Spin Wheel & Email Pop-up ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38740 (Missing Authorization vulnerability in Packlink Shipping S.L. Packlink ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38737 (Missing Authorization vulnerability in Reservation Diary ReDi Restaura ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38733 (Missing Authorization vulnerability in Meks Meks Video Importer allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38727 (Missing Authorization vulnerability in Seraphinite Solutions Seraphini ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38726 (Missing Authorization vulnerability in PickPlugins Product Designer al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38721 (Missing Authorization vulnerability in spider-themes EazyDocs allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38719 (Missing Authorization vulnerability in Creative Motion Auto Featured I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38714 (Missing Authorization vulnerability in Epsiloncool WP Fast Total Searc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38707 (Missing Authorization vulnerability in WPDeveloper EmbedPress allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38702 (Missing Authorization vulnerability in Tyche Softwares Product Deliver ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38695 (Missing Authorization vulnerability in Martin Gibson WP GoToWebinar al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38690 (Missing Authorization vulnerability in Avirtum iPanorama 360 WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37929 (Missing Authorization vulnerability in solwin User Activity Log Pro al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37926 (Missing Authorization vulnerability in Alex Volkov WP Accessibility He ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37921 (Missing Authorization vulnerability in Kiboko Labs Chained Quiz allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37517 (Missing Authorization vulnerability in Brainstorm Force Spectra allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37516 (Missing Authorization vulnerability in fifu.App Featured Image from UR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37510 (Missing Authorization vulnerability in Charitable Donations & Fundrais ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37506 (Missing Authorization vulnerability in Charitable Donations & Fundrais ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37505 (Missing Authorization vulnerability in Rara Themes Business One Page a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37483 (Missing Authorization vulnerability in Post Grid Team by RadiusTheme T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37482 (Missing Authorization vulnerability in Post Grid Team by RadiusTheme T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37481 (Missing Authorization vulnerability in Post Grid Team by RadiusTheme T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37477 (Missing Authorization vulnerability in Automattic Newspack Content Con ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37475 (Missing Authorization vulnerability in Automattic Newspack Newsletters ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37470 (Missing Authorization vulnerability in WofficeIO Woffice Core allows A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37468 (Missing Authorization vulnerability in blazethemes Newsmatic allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37463 (Missing Authorization vulnerability in CRM Perks CRM Perks Forms allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37456 (Missing Authorization vulnerability in Noptin Newsletter Noptin allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37453 (Missing Authorization vulnerability in ProfileGrid User Profiles Profi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37444 (Missing Authorization vulnerability in WPMU DEV Defender Security allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37443 (Missing Authorization vulnerability in Automattic WP Job Manager - Res ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37440 (Missing Authorization vulnerability in Andy Moyle Church Admin allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37439 (Missing Authorization vulnerability in Uncanny Owl Uncanny Toolkit Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37427 (Missing Authorization vulnerability in Arraytics Timetics allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37425 (Missing Authorization vulnerability in Automattic Newspack Blocks news ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37423 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37415 (Missing Authorization vulnerability in E2Pdf.Com allows Exploiting Inc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37411 (Missing Authorization vulnerability in Team Emilia Projects Progress P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37277 (Authorization Bypass Through User-Controlled Key vulnerability in Paid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37276 (Missing Authorization vulnerability in fifu.App Featured Image from UR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37269 (Missing Authorization vulnerability in StylemixThemes Masterstudy Elem ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37255 (Missing Authorization vulnerability in Wpmet Elements kit Elementor ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37254 (Missing Authorization vulnerability in mndpsingh287 File Manager allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37250 (Missing Authorization vulnerability in WPEngine Inc. Advanced Custom F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37249 (Missing Authorization vulnerability in WPEngine Inc. Advanced Custom F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37232 (Missing Authorization vulnerability in Hercules Design Hercules Core a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37226 (Missing Authorization vulnerability in Kanban for WordPress Kanban Boa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37220 (Missing Authorization vulnerability in OptinlyHQ Optinly allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37218 (Missing Authorization vulnerability in WordPress Page Builder Sandwich ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37214 (Missing Authorization vulnerability in Dropshipping Guru Ali2Woo Lite ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37209 (Access Control vulnerability in Prism IT Systems User Rights Access Ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37207 (Missing Authorization vulnerability in Theme4Press Demo Awesome allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37204 (Missing Authorization vulnerability in PropertyHive allows Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37203 (Missing Authorization vulnerability in Laybuy Laybuy Payment Extension ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37201 (Missing Authorization vulnerability in javmah Woocommerce Customers Or ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37123 (Missing Authorization vulnerability in VowelWeb Ibtana allows Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37119 (Missing Authorization vulnerability in Uncanny Owl Uncanny Automator P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37108 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37106 (Missing Authorization vulnerability in WishList Products WishList Memb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37096 (Missing Authorization vulnerability in Popup Box Team Popup allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37095 (Missing Authorization vulnerability in Envira Gallery Team Envira Phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37094 (Access Control vulnerability in StylemixThemes MasterStudy LMS allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-28265 (IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\m ...)
- TODO: check
+ NOT-FOR-US: IBOS
CVE-2024-27525 (Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a r ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2024-27524 (Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a r ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2024-22733 (TP Link MR200 V4 Firmware version 210201 was discovered to contain a n ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-10662 (A vulnerability was found in Tenda AC15 15.03.05.19 and classified as ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10661 (A vulnerability has been found in Tenda AC15 15.03.05.19 and classifie ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-10660 (A vulnerability, which was classified as critical, was found in ESAFEN ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG 5
CVE-2024-10659 (A vulnerability, which was classified as critical, has been found in E ...)
- TODO: check
+ NOT-FOR-US: ESAFENET CDG 5
CVE-2024-10658 (A vulnerability classified as critical was found in Tongda OA up to 11 ...)
- TODO: check
+ NOT-FOR-US: Tongda OA
CVE-2024-10657 (A vulnerability classified as critical has been found in Tongda OA up ...)
- TODO: check
+ NOT-FOR-US: Tongda OA
CVE-2024-10656 (A vulnerability was found in Tongda OA 2017 up to 11.9. It has been ra ...)
- TODO: check
+ NOT-FOR-US: Tongda OA
CVE-2024-10655 (A vulnerability was found in Tongda OA 2017 up to 11.9. It has been de ...)
- TODO: check
+ NOT-FOR-US: Tongda OA
CVE-2024-10654 (A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-10653 (IDExpert from CHANGING Information Technology does not properly valida ...)
- TODO: check
+ NOT-FOR-US: IDExpert
CVE-2024-10652 (IDExpert from CHANGING Information Technology does not properly valida ...)
- TODO: check
+ NOT-FOR-US: IDExpert
CVE-2024-10651 (IDExpert from CHANGING Information Technology does not properly valida ...)
- TODO: check
+ NOT-FOR-US: IDExpert
CVE-2024-10367 (The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10232 (The Group Chat & Video Chat by AtomChat plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9655 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Feature ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7424 (The Multiple Page Generator Plugin \u2013 MPG plugin for WordPress is ...)
@@ -659,7 +659,7 @@ CVE-2024-9419 (Client / Server PCs with the HP Smart Universal Printing Driver i
CVE-2024-9388 (The Black Widgets For Elementor plugin for WordPress is vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9110 (A medium severity vulnerability has been identified within Privileged ...)
- TODO: check
+ NOT-FOR-US: BeyondTrust Privileged Identity
CVE-2024-8512 (The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Exec ...)
NOT-FOR-US: WordPress plugin
CVE-2024-51304 (In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6569647e7b5eb71068a9a9d87be71296458278e5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6569647e7b5eb71068a9a9d87be71296458278e5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241101/c2463c65/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list