diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2024-04-30 22:44:47 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-04-30 22:44:47 +0200 |
| commit | b62f2ac4682e34b8398a26c1acb62f5c3307d586 (patch) | |
| tree | 0bfc6902947bf02add8af8e0385c801a45ffb4a8 | |
| parent | 1d4588a82192ea1354111a2308d5b6f6ea37ac5e (diff) | |
Process some NFUs
| -rw-r--r-- | data/CVE/list | 46 |
1 files changed, 23 insertions, 23 deletions
diff --git a/data/CVE/list b/data/CVE/list index d5faf010d1..782e22fe99 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,55 +1,55 @@ CVE-2024-4340 (Passing a heavily nested list to sqlparse.parse() leads to a Denial of ...) TODO: check CVE-2024-4337 (Adive Framework 2.0.8, does not sufficiently encode user-controlled in ...) - TODO: check + NOT-FOR-US: Adive Framework CVE-2024-4336 (Adive Framework 2.0.8, does not sufficiently encode user-controlled in ...) - TODO: check + NOT-FOR-US: Adive Framework CVE-2024-4185 (The Customer Email Verification for WooCommerce plugin for WordPress i ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-3746 (The entire parent directory - C:\ScadaPro and its sub-directories and ...) - TODO: check + NOT-FOR-US: Measuresoft CVE-2024-3411 (Implementations of IPMI Authenticated sessions does not provide enough ...) TODO: check CVE-2024-3072 (The ACF Front End Editor plugin for WordPress is vulnerable to unautho ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-34088 (In FRRouting (FRR) through 9.1, it is possible for the get_edge() func ...) TODO: check CVE-2024-33832 (OneNav v0.9.35-20240318 was discovered to contain a Server-Side Reques ...) - TODO: check + NOT-FOR-US: OneNav CVE-2024-33831 (A stored cross-site scripting (XSS) vulnerability in the Advanced Expe ...) TODO: check CVE-2024-33465 (Cross Site Scripting vulnerability in MajorDoMo before v.0662e5e allow ...) - TODO: check + NOT-FOR-US: MajorDoMo (aka Major Domestic Module) CVE-2024-33437 (An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to o ...) - TODO: check + NOT-FOR-US: CSS Exfil Protection CVE-2024-33436 (An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to o ...) - TODO: check + NOT-FOR-US: CSS Exfil Protection CVE-2024-33383 (Arbitrary File Read vulnerability in novel-plus 4.3.0 and before allow ...) - TODO: check + NOT-FOR-US: novel-plus CVE-2024-33371 (Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remot ...) - TODO: check + NOT-FOR-US: DedeCMS CVE-2024-33332 (An issue discovered in SpringBlade 3.7.1 allows attackers to obtain se ...) - TODO: check + NOT-FOR-US: SpringBlade CVE-2024-33309 (An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and i ...) - TODO: check + NOT-FOR-US: TVS Motor Company Limited TVS Connet CVE-2024-33308 (An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and i ...) - TODO: check + NOT-FOR-US: TVS Motor Company Limited TVS Connet CVE-2024-33275 (SQL injection vulnerability in Webbax supernewsletter v.1.4.21 and bef ...) - TODO: check + NOT-FOR-US: PrestaShop module CVE-2024-33274 (Directory Traversal vulnerability in FME Modules customfields v.2.2.7 ...) - TODO: check + NOT-FOR-US: PrestaShop module CVE-2024-33273 (SQL injection vulnerability in shipup before v.3.3.0 allows a remote a ...) - TODO: check + NOT-FOR-US: PrestaShop module CVE-2024-33270 (An issue in FME Modules fileuploads v.2.0.3 and before and fixed in v2 ...) - TODO: check + NOT-FOR-US: PrestaShop module CVE-2024-33267 (SQL Injection vulnerability in Hero hfheropayment v.1.2.5 and before a ...) - TODO: check + NOT-FOR-US: PrestaShop module CVE-2024-33103 (An arbitrary file upload vulnerability in the Media Manager component ...) TODO: check CVE-2024-33102 (A stored cross-site scripting (XSS) vulnerability in the component /pu ...) - TODO: check + NOT-FOR-US: ThinkSAAS CVE-2024-33101 (A stored cross-site scripting (XSS) vulnerability in the component /ac ...) - TODO: check + NOT-FOR-US: ThinkSAAS CVE-2024-2877 (Vault Enterprise, when configured with performance standby nodes and a ...) TODO: check CVE-2024-2663 (The ZD YouTube FLV Player plugin for WordPress is vulnerable to Server ...) @@ -61,7 +61,7 @@ CVE-2024-2378 (A vulnerability exists in the web-authentication component of the CVE-2024-2377 (A vulnerability exists in the too permissive HTTP response header web ...) TODO: check CVE-2024-29384 (An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to o ...) - TODO: check + NOT-FOR-US: CSS Exfil Protection CVE-2024-29320 (Wallos before 1.15.3 is vulnerable to SQL Injection via the category a ...) TODO: check CVE-2024-28716 (An issue in OpenStack Storlets yoga-eom allows a remote attacker to ex ...) @@ -140,7 +140,7 @@ CVE-2024-34044 (The O-RAN E2T I-Release buildPrometheusList function can have a CVE-2024-34043 (O-RAN RICAPP kpimon-go I-Release has a segmentation violation via a ce ...) NOT-FOR-US: O-RAN CVE-2024-33522 (In vulnerable versions of Calico (v3.27.2 and below), Calico Enterpris ...) - TODO: check + NOT-FOR-US: Calico CVE-2024-33401 (Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remot ...) NOT-FOR-US: DedeCMS CVE-2024-33350 (Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote at ...) |