[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 1 08:59:19 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1068f1aa by Salvatore Bonaccorso at 2025-01-01T09:59:00+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,155 +1,155 @@
CVE-2024-56803 (Ghostty is a cross-platform terminal emulator. Ghostty, as allowed by ...)
- ghostty <itp> (bug #1091469)
CVE-2024-56802 (Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 ...)
- TODO: check
+ NOT-FOR-US: Tapir
CVE-2024-56265 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56256 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56235 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56234 (Missing Authorization vulnerability in VW THEMES VW Automobile Lite al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56233 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56232 (Cross-Site Request Forgery (CSRF) vulnerability in Alexander Volkov WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56231 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56230 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56229 (Cross-Site Request Forgery (CSRF) vulnerability in Searchiq SearchIQ.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56228 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56227 (Missing Authorization vulnerability in WP Royal Royal Elementor Addons ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56226 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56225 (Missing Authorization vulnerability in Leap13 Premium Addons for Eleme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56224 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56223 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56222 (Cross-Site Request Forgery (CSRF) vulnerability in Codebard CodeBard H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56221 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56220 (Incorrect Privilege Assignment vulnerability in SSL Wireless SSL Wirel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56219 (Missing Authorization vulnerability in MarketingFire Widget Options al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56218 (Cross-Site Request Forgery (CSRF) vulnerability in AuRise Creative, Se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56217 (Missing Authorization vulnerability in W3 Eden, Inc. Download Manager ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56216 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56215 (Missing Authorization vulnerability in Stephen Sherrard Member Directo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56214 (Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56213 (Path Traversal: '.../...//' vulnerability in Themewinter Eventin allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56212 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56211 (Missing Authorization vulnerability in DeluxeThemes Userpro.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56210 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56209 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56207 (Cross-Site Request Forgery (CSRF) vulnerability in EditionGuard Dev Te ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56206 (Cross-Site Request Forgery (CSRF) vulnerability in Amarjeet Amar allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56205 (Incorrect Privilege Assignment vulnerability in AI Magic allows Privil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56204 (Cross-Site Request Forgery (CSRF) vulnerability in Yonatan Reinberg of ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56203 (Cross-Site Request Forgery (CSRF) vulnerability in George Holmes II Wa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56198 (path-sanitizer is a simple lightweight npm package for sanitizing path ...)
- TODO: check
+ NOT-FOR-US: path-sanitizer Node.js module
CVE-2024-56071 (Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simpl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56070 (Missing Authorization vulnerability in Azzaroco WP SuperBackup allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56068 (Deserialization of Untrusted Data vulnerability in Azzaroco WP SuperBa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56067 (Missing Authorization vulnerability in Azzaroco WP SuperBackup allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56066 (Missing Authorization vulnerability in Inspry Agency Toolkit allows Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56064 (Unrestricted Upload of File with Dangerous Type vulnerability in Azzar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56063 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56062 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56061 (Missing Authorization vulnerability in Webful Creations Computer Repai ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56046 (Unrestricted Upload of File with Dangerous Type vulnerability in VibeT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56045 (Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56044 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56043 (Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56042 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56041 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56040 (Incorrect Privilege Assignment vulnerability in VibeThemes VibeBP allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56039 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56031 (Missing Authorization vulnerability in Yulio Aleman Jimenez Smart Shop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56021 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56020 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56002 (Missing Authorization vulnerability in Porthas Inc. Contact Form, Surv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-55995 (Missing Authorization vulnerability in Torod Holding LTD Torod allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-55991 (Missing Authorization vulnerability in WP-CRM WP-CRM System allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-55955 (An incorrect permissions assignment vulnerability in Trend Micro Deep ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-55917 (An origin validation error vulnerability in Trend Micro Apex One could ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-55632 (A security agent link following vulnerability in Trend Micro Apex One ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-55631 (An engine link following vulnerability in Trend Micro Apex One could a ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-53647 (Trend Micro ID Security, version 3.0 and below contains a vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-52050 (A LogServer arbitrary file creation vulnerability in Trend Micro Apex ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-52049 (A LogServer link following vulnerability in Trend Micro Apex One could ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-52048 (A LogServer link following vulnerability in Trend Micro Apex One could ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-52047 (A widget local file inclusion vulnerability in Trend Micro Apex One co ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2024-51667 (Missing Authorization vulnerability in David de Boer Paytium.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49698 (Missing Authorization vulnerability in PriceListo Best Restaurant Menu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49694 (Missing Authorization vulnerability in imw3 My Wp Brand \u2013 Hide me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49687 (Missing Authorization vulnerability in StoreApps Smart Manager.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49686 (Missing Authorization vulnerability in Fatcat Apps Landing Page Cat.Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49422 (Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Relea ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-25133 (A flaw was found in the Hive ClusterDeployments resource in OpenShift ...)
- TODO: check
+ NOT-FOR-US: OpenShift
CVE-2024-23438
REJECTED
CVE-2024-23437
@@ -305,51 +305,51 @@ CVE-2024-21679
CVE-2024-21675
REJECTED
CVE-2024-13085 (A vulnerability, which was classified as critical, has been found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13084 (A vulnerability classified as critical was found in PHPGurukul Land Re ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13083 (A vulnerability classified as problematic has been found in PHPGurukul ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13082 (A vulnerability was found in PHPGurukul Land Record System 1.0. It has ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13081 (A vulnerability was found in PHPGurukul Land Record System 1.0. It has ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13080 (A vulnerability was found in PHPGurukul Land Record System 1.0. It has ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13079 (A vulnerability was found in PHPGurukul Land Record System 1.0 and cla ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13078 (A vulnerability has been found in PHPGurukul Land Record System 1.0 an ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13077 (A vulnerability, which was classified as problematic, was found in PHP ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13076 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13075 (A vulnerability classified as problematic was found in PHPGurukul Land ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13074 (A vulnerability classified as problematic has been found in PHPGurukul ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Land Record System
CVE-2024-13072 (A vulnerability was found in 1000 Projects Beauty Parlour Management S ...)
- TODO: check
+ NOT-FOR-US: 1000 Projects Beauty Parlour Management System
CVE-2024-13070 (A vulnerability was found in CodeAstro Online Food Ordering System 1.0 ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Online Food Ordering System
CVE-2024-13069 (A vulnerability was found in SourceCodester Multi Role Login System 1. ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Multi Role Login System
CVE-2024-13067 (A vulnerability was found in CodeAstro Online Food Ordering System 1.0 ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Online Food Ordering System
CVE-2024-13061 (The Electronic Official Document Management System from 2100 Technolog ...)
- TODO: check
+ NOT-FOR-US: Electronic Official Document Management System from 2100 Technology
CVE-2024-12108 (In WhatsUp Gold versions released before 2024.0.2, an attacker can gai ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-12106 (In WhatsUp Gold versions released before 2024.0.2, an unauthenticated ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-12105 (In WhatsUp Gold versions released before 2024.0.2, an authenticated us ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-11846 (The does not sanitise and escape a parameter before outputting it bac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50850 (Missing Authorization vulnerability in Woo WooCommerce Subscriptions a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48775 (Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6603 (A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability ...)
- ffmpeg <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334335
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1068f1aae15984fb959ca419fc5aaa88e2bca463
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1068f1aae15984fb959ca419fc5aaa88e2bca463
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250101/f270faf5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list