Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
23ec3578 by Salvatore Bonaccorso at 2025-02-04T06:47:08+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,9 +5,9 @@ CVE-2025-25066 (nDPI through 4.12 has a potential stack-based
buffer overflow in
NOTE: Introduced by:
https://github.com/ntop/nDPI/commit/b9348e9d6e0e754c4b17661c643ca258f1540ca1
(4.12)
NOTE: Fixed by:
https://github.com/ntop/nDPI/commit/678697b5eb6c3caa5dd5f8cccfe9eed8d13b94bb
CVE-2025-25065 (SSRF vulnerability in the RSS feed parser in Zimbra
Collaboration 9.0. ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2025-25064 (SQL injection vulnerability in the ZimbraSyncService SOAP
endpoint in ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2025-25063 (An XSS issue was discovered in Backdrop CMS 1.28.x before
1.28.5 and 1 ...)
- backdrop <itp> (bug #914257)
CVE-2025-25062 (An XSS issue was discovered in Backdrop CMS 1.28.x before
1.28.5 and 1 ...)
@@ -15,211 +15,211 @@ CVE-2025-25062 (An XSS issue was discovered in Backdrop
CMS 1.28.x before 1.28.5
CVE-2025-24898 (rust-openssl is a set of OpenSSL bindings for the Rust
programming lan ...)
TODO: check
CVE-2025-24781 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24707 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24697 (Missing Authorization vulnerability in Realwebcare Image
Gallery \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24684 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24676 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24661 (Deserialization of Untrusted Data vulnerability in MagePeople
Team Tax ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24660 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24656 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24646 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24643 (Missing Authorization vulnerability in Amento Tech Pvt ltd
WPGuppy all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24642 (Missing Authorization vulnerability in theme funda Setup
Default Featu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24639 (Insertion of Sensitive Information Into Sent Data
vulnerability in GRE ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24631 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24630 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24629 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24620 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24605 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24576 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24574 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24569 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24559 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24557 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24556 (Insertion of Sensitive Information into Log File vulnerability
in Dual ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24545 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24544 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24541 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-24536 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23984 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23923 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23920 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23819 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23799 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23755 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23747 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23685 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23614 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23599 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23594 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23593 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23591 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23590 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23588 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23582 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23581 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23561 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23527 (Missing Authorization vulnerability in Hemnath Mouli WC Wallet
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-23491 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22978 (eladmin <=2.7 is vulnerable to CSV Injection in the exception
log down ...)
- TODO: check
+ NOT-FOR-US: eladmin
CVE-2025-22775 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22704 (Cross-Site Request Forgery (CSRF) vulnerability in Abinav
Thakuri Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22703 (Cross-Site Request Forgery (CSRF) vulnerability in
manuelvicedo Forge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22701 (Server-Side Request Forgery (SSRF) vulnerability in NotFound
Traveler ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22695 (Authorization Bypass Through User-Controlled Key vulnerability
in NirW ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22694 (Missing Authorization vulnerability in theDotstore Hide
Shipping Metho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22693 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22691 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22690 (Cross-Site Request Forgery (CSRF) vulnerability in DigiTimber
DigiTimb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22688 (Cross-Site Request Forgery (CSRF) vulnerability in Ederson
Peka Unlimi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22686 (Missing Authorization vulnerability in GSheetConnector CF7
Google Shee ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22685 (Cross-Site Request Forgery (CSRF) vulnerability in CheGevara
Tags to K ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22684 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22683 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22682 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22681 (Missing Authorization vulnerability in Xfinity Soft Content
Cloner all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22679 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22677 (Missing Authorization vulnerability in UIUX Lab Uix Shortcodes
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22292 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22260 (Missing Authorization vulnerability in Pixelite Meta Tag
Manager. This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-20643 (In DA, there is a possible out of bounds read due to a missing
bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20642 (In DA, there is a possible out of bounds write due to a
missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20641 (In DA, there is a possible out of bounds write due to a
missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20640 (In DA, there is a possible out of bounds read due to a missing
bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20639 (In DA, there is a possible out of bounds write due to a
missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20638 (In DA, there is a possible read of uninitialized heap data due
to unin ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20637 (In network HW, there is a possible system hang due to an
uncaught exce ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20636 (In secmem, there is a possible out of bounds write due to a
missing bo ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20635 (In V6 DA, there is a possible out of bounds write due to a
missing bou ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20634 (In Modem, there is a possible out of bounds write due to a
missing bou ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20633 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20632 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-20631 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2025-0974 (A vulnerability, which was classified as critical, has been
found in M ...)
- TODO: check
+ NOT-FOR-US: MaxD Lightning Module on OpenCart
CVE-2025-0973 (A vulnerability classified as critical was found in CmsEasy
7.7.7.9. T ...)
- TODO: check
+ NOT-FOR-US: CmsEasy
CVE-2025-0972 (A vulnerability classified as problematic has been found in
Zenvia Mov ...)
- TODO: check
+ NOT-FOR-US: Zenvia Movidesk
CVE-2025-0971 (A vulnerability was found in Zenvia Movidesk up to 25.01.22. It
has be ...)
- TODO: check
+ NOT-FOR-US: Zenvia Movidesk
CVE-2025-0970 (A vulnerability was found in Zenvia Movidesk up to 25.01.22. It
has be ...)
- TODO: check
+ NOT-FOR-US: Zenvia Movidesk
CVE-2025-0015 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel
Driver, Arm ...)
TODO: check
CVE-2024-6790 (Loop with Unreachable Exit Condition ('Infinite Loop')
vulnerability i ...)
TODO: check
CVE-2024-57968 (Advantive VeraCore before 2024.4.2.1 allows remote
authenticated users ...)
- TODO: check
+ NOT-FOR-US: Advantive VeraCore
CVE-2024-57967 (PVWA (Password Vault Web Access) in CyberArk Privileged Access
Manager ...)
- TODO: check
+ NOT-FOR-US: CyberArk
CVE-2024-57966 (libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to
an absol ...)
TODO: check
CVE-2024-57669 (Directory Traversal vulnerability in Zrlog backup-sql-file.jar
v.3.0.3 ...)
- TODO: check
+ NOT-FOR-US: Zrlog
CVE-2024-57522 (SourceCodester Packers and Movers Management System v1.0 is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Packers and Movers Management System
CVE-2024-57498 (Cross Site Scripting vulnerability in sayski ForestBlog
20241223 allow ...)
- TODO: check
+ NOT-FOR-US: ForestBlog
CVE-2024-57452 (ChestnutCMS <=1.5.0 has an arbitrary file deletion
vulnerability in co ...)
- TODO: check
+ NOT-FOR-US: ChestnutCMS
CVE-2024-57450 (ChestnutCMS <=1.5.0 is vulnerable to File Upload via the
Create templa ...)
- TODO: check
+ NOT-FOR-US: ChestnutCMS
CVE-2024-57362
REJECTED
CVE-2024-57238 (Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable
to SQL In ...)
- TODO: check
+ NOT-FOR-US: Prolink
CVE-2024-57237 (Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable
to Cross ...)
- TODO: check
+ NOT-FOR-US: Prolink
CVE-2024-57175 (A Stored Cross-Site Scripting (XSS) vulnerability was
identified in th ...)
- TODO: check
+ NOT-FOR-US: PHPGURUKUL Online Birth Certificate System
CVE-2024-57099 (ClassCMS v4.8 has a code execution vulnerability. Attackers
can exploi ...)
- TODO: check
+ NOT-FOR-US: ClassCMS
CVE-2024-57098 (Moss v0.1.3 version has an SQL injection vulnerability that
allows att ...)
TODO: check
CVE-2024-57097 (ClassCMS 4.8 is vulnerable to Cross Site Scripting (XSS) in
class/admi ...)
- TODO: check
+ NOT-FOR-US: ClassCMS
CVE-2024-57004 (Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail
1.6.9 al ...)
TODO: check
CVE-2024-56946 (Denial of service in DNS-over-QUIC in Technitium DNS Server <=
v13.2.2 ...)
@@ -231,87 +231,87 @@ CVE-2024-56161 (Improper signature verification in AMD
CPU ROM microcode patch l
CVE-2024-55456 (lunasvg v3.0.1 was discovered to contain a segmentation
violation via ...)
TODO: check
CVE-2024-54840 (PVWA (Password Vault Web Access) in CyberArk Privileged Access
Manager ...)
- TODO: check
+ NOT-FOR-US: CyberArk
CVE-2024-53943 (An issue was discovered in NRadio N8-180 NROS-1.9.2.n3.c5
devices. The ...)
- TODO: check
+ NOT-FOR-US: NRadio
CVE-2024-53942 (An issue was discovered on NRadio N8-180 NROS-1.9.2.n3.c5
devices. The ...)
- TODO: check
+ NOT-FOR-US: NRadio
CVE-2024-50656 (itsourcecode Placement Management System 1.0 is vulnerable to
Cross Si ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Placement Management System
CVE-2024-50500 (Missing Authorization vulnerability in By Averta Shortcodes
and extra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49843 (Memory corruption while processing IOCTL from user space to
handle GPU ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49840 (Memory corruption while Invoking IOCTL calls from user-space
to valida ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49839 (Memory corruption during management frame processing due to
mismatch i ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49838 (Information disclosure while parsing the OCI IE with invalid
length.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49837 (Memory corruption while reading CPU state data during guest VM
suspend ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49834 (Memory corruption while power-up or power-down sequence of the
camera ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49833 (Memory corruption can occur in the camera when an invalid CID
is used.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49832 (Memory corruption in Camera due to unusually high number of
nodes pass ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45584 (Memory corruption can occur when a compat IOCTL call is
followed by a ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45582 (Memory corruption while validating number of devices in Camera
kernel ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45573 (Memory corruption may occour while generating test pattern due
to nega ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45571 (Memory corruption may occour occur when stopping the WLAN
interface af ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45569 (Memory corruption while parsing the ML IE due to invalid frame
content ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45561 (Memory corruption while handling IOCTL call from user-space
to set la ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45560 (Memory corruption while taking a snapshot with hardware
encoder due to ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-43333 (Incorrect Privilege Assignment vulnerability in NotFound Admin
and Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38420 (Memory corruption while configuring a Hypervisor based input
virtual d ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-38418 (Memory corruption while parsing the memory map info in IOCTL
calls.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-38417 (Information disclosure while processing IO control commands.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-38416 (Information disclosure during audio playback.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-38414 (Information disclosure while processing information on
firmware image ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-38413 (Memory corruption while processing frame packets.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-38412 (Memory corruption while invoking IOCTL calls from user-space
to kernel ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-38411 (Memory corruption while registering a buffer from user-space
to kernel ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-38404 (Transient DOS when registration accept OTA is received with
incorrect ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-36437 (The com.enflick.android.TextNow (aka TextNow: Call + Text
Unlimited) a ...)
- TODO: check
+ NOT-FOR-US: com.enflick.android.TextNow application
CVE-2024-20147 (In Bluetooth FW, there is a possible reachable assertion due
to improp ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2024-20142 (In V5 DA, there is a possible out of bounds write due to a
missing bou ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2024-20141 (In V5 DA, there is a possible out of bounds write due to a
missing bou ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2024-13347 (The Essential WP Real Estate WordPress plugin through 1.1.3
does not e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12859 (The BoomBox Theme Extensions plugin for WordPress is
vulnerable to Loc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12511 (With address book access, SMB/FTP settings could be modified,
redirect ...)
- TODO: check
+ NOT-FOR-US: Xerox
CVE-2024-12510 (If LDAP settings are accessed, authentication could be
redirected to a ...)
- TODO: check
+ NOT-FOR-US: Xerox
CVE-2024-11134 (The Eventer plugin for WordPress is vulnerable to unauthorized
access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11133 (The Eventer plugin for WordPress is vulnerable to unauthorized
access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11132 (The Eventer plugin for WordPress is vulnerable to Stored
Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10395 (No proper validation of the length of user input in
http_server_get_co ...)
TODO: check
CVE-2025-0967 (A vulnerability was found in code-projects Chat System 1.0 and
classif ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23ec3578a077821f28f3c69b96476ddd2be509de
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23ec3578a077821f28f3c69b96476ddd2be509de
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
