[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Oct 31 10:10:13 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1b93903c by Salvatore Bonaccorso at 2024-10-31T11:09:16+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2024-9708 (The Easy SVG Upload plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9700 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9446 (The WP Simple Anchors Links plugin for WordPress is vulnerable to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9434 (The WPGlobus Translate Options plugin for WordPress is vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9430 (The Get Quote For Woocommerce \u2013 Request A Quote For Woocommerce p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9165 (The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-51427 (An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitr ...)
TODO: check
CVE-2024-51426 (Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remot ...)
@@ -19,19 +19,19 @@ CVE-2024-51425 (Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a
CVE-2024-51424 (An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitr ...)
TODO: check
CVE-2024-51419 (Cross Site Scripting vulnerability in Shenzhen Interconnection Harbor ...)
- TODO: check
+ NOT-FOR-US: Ofweek Online Exhibition
CVE-2024-51243 (The eladmin v2.7 and before contains a remote code execution (RCE) vul ...)
- TODO: check
+ NOT-FOR-US: eladmin
CVE-2024-51242 (A Server-Side Request Forgery (SSRF) vulnerability has been identified ...)
- TODO: check
+ NOT-FOR-US: eladmin
CVE-2024-48807 (Cross Site Scripting vulnerability in PHPGurukul Doctor Appointment Ma ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Doctor Appointment Management System
CVE-2024-48735 (Directory Traversal in /SASStudio/sasexec/sessions/{sessionID}/workspa ...)
- TODO: check
+ NOT-FOR-US: SAS Studio
CVE-2024-48734 (*Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/ ...)
- TODO: check
+ NOT-FOR-US: SAS Studio
CVE-2024-48733 (SQL injection vulnerability in /SASStudio/sasexec/sessions/{sessionID} ...)
- TODO: check
+ NOT-FOR-US: SAS Studio
CVE-2024-48346 (xtreme1 <= v0.9.1 contains a Server-Side Request Forgery (SSRF) vulner ...)
TODO: check
CVE-2024-48311 (Piwigo v14.5.0 was discovered to contain a Cross-Site Request Forgery ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b93903cc9c23b11d83f88be6a167a73feabdc44
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b93903cc9c23b11d83f88be6a167a73feabdc44
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241031/139e33dc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list