[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Oct 17 23:34:13 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
04238176 by Moritz Mühlenhoff at 2024-10-17T11:20:44+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
CVE-2024-9951 (The WP Photo Album Plus plugin for WordPress is vulnerable to Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9940 (The Calculated Fields Form plugin for WordPress is vulnerable to HTML ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9863 (The UserPro plugin for WordPress is vulnerable to privilege escalation ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9862 (The Miniorange OTP Verification with Firebase plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9861 (The Miniorange OTP Verification with Firebase plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9352 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9351 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9347 (The The Ultimate WordPress Toolkit \u2013 WP Extended plugin for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9263 (The WP Timetics- AI-powered Appointment Booking Calendar and Online Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9240 (The ReDi Restaurant Reservation plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9215 (The Co-Authors, Multiple Authors and Guest Authors in an Author Box wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9213 (The \u0627\u0641\u0632\u0648\u0646\u0647 \u067e\u06cc\u0627\u0645\u06a ...)
TODO: check
CVE-2024-8719 (The Flexmls\xae IDX Plugin plugin for WordPress is vulnerable to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-7994 (A maliciously crafted RFA file, when parsed through Autodesk Revit, ca ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-7993 (A maliciously crafted PDF file, when parsed through Autodesk Revit, ca ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2024-7417 (The Royal Elementor Addons and Templates plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5429 (The Logo Slider WordPress plugin before 4.1.0 does not validate and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49593 (In Advanced Custom Fields (ACF) before 6.3.9 and Secure Custom Fields ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-48918 (RDS Light is a simplified version of the Reflective Dialogue System (R ...)
TODO: check
CVE-2024-48758 (dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forg ...)
- TODO: check
+ NOT-FOR-US: dingfanzu CMS
CVE-2024-48180 (ClassCMS <=4.8 is vulnerable to file inclusion in the nowView method i ...)
- TODO: check
+ NOT-FOR-US: ClassCMS
CVE-2024-47889 (Action Mailer is a framework for designing email service layers. Start ...)
TODO: check
CVE-2024-47888 (Action Text brings rich text content and editing to Rails. Starting in ...)
@@ -47,15 +47,15 @@ CVE-2024-47888 (Action Text brings rich text content and editing to Rails. Start
CVE-2024-47887 (Action Pack is a framework for handling and responding to web requests ...)
TODO: check
CVE-2024-46213 (REDAXO CMS v2.11.0 was discovered to contain a remote code execution ( ...)
- TODO: check
+ NOT-FOR-US: REDAXO CMS
CVE-2024-46212 (An issue in the component /index.php?page=backup/export of REDAXO CMS ...)
- TODO: check
+ NOT-FOR-US: REDAXO CMS
CVE-2024-45767 (Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) a ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-45766 (Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) a ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-44762 (A discrepancy in error messages for invalid login attempts in Webmin U ...)
- TODO: check
+ - webmin <removed>
CVE-2024-3187 (This issue tracks two CWE-416 Use After Free (UAF) and one CWE-415 Dou ...)
TODO: check
CVE-2024-3186 (CWE-476 NULL Pointer Dereference vulnerability in the evalExpr() funct ...)
@@ -956,7 +956,7 @@ CVE-2024-41997 (An issue was discovered in version of Warp Terminal prior to 202
CVE-2024-40616
REJECTED
CVE-2023-50780 (Apache ActiveMQ Artemis allows access to diagnostic information and co ...)
- TODO: check
+ NOT-FOR-US: Apache ActiveMQ Artemis
CVE-2023-48082 (Nagios XI before 5.11.3 2024R1 was discovered to improperly handle API ...)
NOT-FOR-US: Nagios XI
CVE-2023-45817
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/042381767611f1e463bdd4fd55ac4806fc3d73e2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/042381767611f1e463bdd4fd55ac4806fc3d73e2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241017/6ab621da/attachment.htm>
More information about the debian-security-tracker-commits
mailing list