[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sun Sep 8 18:36:48 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4ed1968a by Moritz Muehlenhoff at 2024-09-08T19:36:30+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2,39 +2,39 @@ CVE-2024-XXXX [RUSTSEC-2024-0373]
- rust-quinn-proto <not-affected> (Only affects 0.11.x)
NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0373.html
CVE-2024-8572 (A vulnerability was found in Gouniverse GoLang CMS 1.4.0. It has been ...)
- TODO: check
+ NOT-FOR-US: Gouniverse GoLang CMS
CVE-2024-8571 (A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a ...)
- TODO: check
+ NOT-FOR-US: erjemin roll_cms
CVE-2024-8570 (A vulnerability was found in itsourcecode Tailoring Management System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-8569 (A vulnerability has been found in code-projects Hospital Management Sy ...)
- TODO: check
+ NOT-FOR-US: code-projects Hospital Management System
CVE-2024-8568 (A vulnerability, which was classified as critical, was found in Mini-T ...)
- TODO: check
+ NOT-FOR-US: Mini-Tmall
CVE-2024-8567 (A vulnerability, which was classified as critical, has been found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Payroll Management System
CVE-2024-8566 (A vulnerability classified as problematic was found in code-projects O ...)
- TODO: check
+ NOT-FOR-US: Online Shop Store
CVE-2024-8565 (A vulnerability was found in SourceCodesters Clinics Patient Managemen ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-8564 (A vulnerability was found in SourceCodester PHP CRUD 1.0. It has been ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2024-6928 (The Opti Marketing WordPress plugin through 2.0.9 does not properly sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6925 (The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6924 (The TrueBooker WordPress plugin before 1.0.3 does not properly saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6859 (The WP MultiTasking WordPress plugin through 0.1.12 does not validate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6856 (The WP MultiTasking WordPress plugin through 0.1.12 does not have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6855 (The WP MultiTasking WordPress plugin through 0.1.12 does not have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6853 (The WP MultiTasking WordPress plugin through 0.1.12 does not have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6852 (The WP MultiTasking WordPress plugin through 0.1.12 does not have CSR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8563 (A vulnerability was found in SourceCodester PHP CRUD 1.0. It has been ...)
NOT-FOR-US: SourceCodester PHP CRUD
CVE-2024-8562 (A vulnerability was found in SourceCodester PHP CRUD 1.0 and classifie ...)
@@ -161,7 +161,7 @@ CVE-2024-7493 (The WPCOM Member plugin for WordPress is vulnerable to privilege
CVE-2024-6445 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
NOT-FOR-US: DataFlowX Technology DataDiodeX
CVE-2024-45758 (H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JD ...)
- TODO: check
+ NOT-FOR-US: H2O.ai
CVE-2024-45405 (`gix-path` is a crate of the `gitoxide` project (an implementation of ...)
- rust-gix-path <unfixed>
NOTE: https://github.com/advisories/GHSA-m8rp-vv92-46c7
@@ -357,7 +357,7 @@ CVE-2024-8395 (FlyCASS CASS and KCM systems did not correctly filter SQL queries
CVE-2024-8363 (The Share This Image plugin for WordPress is vulnerable to Stored Cros ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7884 (When a canister method is called via ic_cdk::call* , a new Future Call ...)
- TODO: check
+ NOT-FOR-US: Rust crate ic-cdk
CVE-2024-7605 (The HelloAsso plugin for WordPress is vulnerable to unauthorized modif ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7591 (Improper Input Validation vulnerability in Progress LoadMaster allows ...)
@@ -381,7 +381,7 @@ CVE-2024-5309 (The Form Vibes \u2013 Database Manager for Forms plugin for WordP
CVE-2024-45589 (RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 imprope ...)
NOT-FOR-US: RapidIdentity
CVE-2024-45401 (stripe-cli is a command-line tool for the payment processor Stripe. A ...)
- TODO: check
+ NOT-FOR-US: stripe-cli
CVE-2024-45392 (SuiteCRM is an open-source customer relationship management (CRM) syst ...)
NOT-FOR-US: SuiteCRM
CVE-2024-45178 (An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ed1968a295793145f2c5cde8e9364f9999b1859
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ed1968a295793145f2c5cde8e9364f9999b1859
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240908/b87c4151/attachment.htm>
More information about the debian-security-tracker-commits
mailing list