[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sat Oct 26 23:44:01 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a3824139 by Moritz Muehlenhoff at 2024-10-27T00:43:39+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
CVE-2024-9967 (The WP show more plugin for WordPress is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9853 (The ID-SK Toolkit plugin for WordPress is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9772 (The The Uix Shortcodes \u2013 Compatible with Gutenberg plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9642 (The Editor Custom Color Palette plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9637 (The School Management System \u2013 WPSchoolPress plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9501 (The Wp Social Login and Register Social Counter plugin for WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9116 (The Monkee-Boy Essentials plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8392 (The WordPress Post Grid Layouts with Pagination \u2013 Sogrid plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10402 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10357 (The Clever Addons for Elementor plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10117 (The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0128 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0127 (NVIDIA vGPU software contains a vulnerability in the GPU kernel driver ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-9933 (The WatchTowerHQ plugin for WordPress is vulnerable to authentication ...)
NOT-FOR-US: WordPress plugin
CVE-2024-9932 (The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary fi ...)
@@ -61,11 +61,11 @@ CVE-2024-48236 (An issue in ofcms 1.1.2 allows a remote attacker to execute arbi
CVE-2024-48235 (An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary ...)
NOT-FOR-US: ofcms
CVE-2024-48234 (An issue was discovered in mipjz 5.0.5. In the push method of app\tag\ ...)
- TODO: check
+ NOT-FOR-US: mipjz
CVE-2024-48233 (mipjz 5.0.5 is vulnerable to Cross Site Scripting (XSS) in \app\settin ...)
- TODO: check
+ NOT-FOR-US: mipjz
CVE-2024-48232 (An issue was found in mipjz 5.0.5. In the mipPost method of \app\setti ...)
- TODO: check
+ NOT-FOR-US: mipjz
CVE-2024-48230 (funadmin 5.0.2 is vulnerable to SQL Injection via the parentField para ...)
NOT-FOR-US: funadmin
CVE-2024-48229 (funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click ...)
@@ -87,21 +87,21 @@ CVE-2024-48222 (Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table
CVE-2024-48218 (Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.)
NOT-FOR-US: funadmin
CVE-2024-47821 (pyLoad is a free and open-source Download Manager. The folder `/.pyloa ...)
- TODO: check
+ - pyload <itp> (bug #1001980)
CVE-2024-10092 (The Download Monitor plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10091 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0121 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0120 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0119 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0118 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0117 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-9991 (This vulnerability exists in Philips lighting devices due to storage o ...)
NOT-FOR-US: Philips lighting devices
CVE-2024-9585 (The Image Map Pro plugin for WordPress is vulnerable to Stored Cross-S ...)
@@ -221,19 +221,19 @@ CVE-2024-44099 (There is a possible Local bypass of user interaction due to an i
CVE-2024-44098 (In lwis_device_event_states_clear_locked of lwis_event.c, there is a p ...)
NOT-FOR-US: Android
CVE-2024-37847 (An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Man ...)
- TODO: check
+ NOT-FOR-US: MangoOS
CVE-2024-37846 (MangoOS before 5.2.0 was discovered to contain a Client-Side Template ...)
- TODO: check
+ NOT-FOR-US: MangoOS
CVE-2024-37845 (MangoOS before 5.2.0 was discovered to contain an authenticated remote ...)
- TODO: check
+ NOT-FOR-US: MangoOS
CVE-2024-37844 (A stored cross-site scripting (XSS) vulnerability in MangoOS before 5. ...)
- TODO: check
+ NOT-FOR-US: MangoOS
CVE-2024-10387 (CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in t ...)
NOT-FOR-US: Rockwell Automation
CVE-2024-10386 (CVE-2024-10386 IMPACT An authentication vulnerability exists in the ...)
NOT-FOR-US: Rockwell Automation
CVE-2024-10381 (This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ du ...)
- TODO: check
+ NOT-FOR-US: Matrix Door Controller Cosec Vega FAXQ
CVE-2024-10380 (A vulnerability, which was classified as critical, has been found in S ...)
NOT-FOR-US: SourceCodester Petrol Pump Management Software
CVE-2024-10379 (A vulnerability classified as problematic was found in ESAFENET CDG 5. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3824139cb55fb6b9b6349949ca8afc1f88fb17a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3824139cb55fb6b9b6349949ca8afc1f88fb17a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/8af0368f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list