[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Aug 2 10:40:49 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
db488a54 by Moritz Mühlenhoff at 2024-08-02T11:39:52+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,37 +1,37 @@
 CVE-2024-7389 (The Forminator plugin for WordPress is vulnerable to Sensitive Informa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7378 (A vulnerability was found in SourceCodester Simple Realtime Quiz Syste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7377 (A vulnerability has been found in SourceCodester Simple Realtime Quiz  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7376 (A vulnerability, which was classified as critical, was found in Source ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7375 (A vulnerability, which was classified as critical, has been found in S ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7374 (A vulnerability classified as critical was found in SourceCodester Sim ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7373 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7372 (A vulnerability was found in SourceCodester Simple Realtime Quiz Syste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7371 (A vulnerability was found in SourceCodester Simple Realtime Quiz Syste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7370 (A vulnerability was found in SourceCodester Simple Realtime Quiz Syste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7369 (A vulnerability was found in SourceCodester Simple Realtime Quiz Syste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7368 (A vulnerability has been found in SourceCodester Simple Realtime Quiz  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7367 (A vulnerability, which was classified as problematic, was found in Sou ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7366 (A vulnerability was found in SourceCodester Tracking Monitoring Manage ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-7093 (Dispatch's notification service uses Jinja templates to generate messa ...)
-	TODO: check
+	NOT-FOR-US: Netflix Dispatch
 CVE-2024-6567 (The Ebook Store plugin for WordPress is vulnerable to Full Path Disclo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5595 (The Essential Blocks  WordPress plugin before 4.7.0 does not validate  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-42461 (In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleabilit ...)
 	TODO: check
 CVE-2024-42460 (In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleabilit ...)
@@ -45,113 +45,113 @@ CVE-2024-41965 (Vim is an open source command line text editor. double-free in d
 CVE-2024-41957 (Vim is an open source command line text editor. Vim < v9.1.0647 has do ...)
 	TODO: check
 CVE-2024-41956 (Soft Serve is a self-hostable Git server for the command line. Prior t ...)
-	TODO: check
+	NOT-FOR-US: Soft Serve
 CVE-2024-41949 (biscuit-rust is the Rust implementation of Biscuit, an authentication  ...)
-	TODO: check
+	NOT-FOR-US: biscuit-rust
 CVE-2024-41948 (biscuit-java is the java implementation of Biscuit, an authentication  ...)
-	TODO: check
+	NOT-FOR-US: biscuit-java
 CVE-2024-41259 (Use of insecure hashing algorithm in the Gravatar's service in Navidro ...)
-	TODO: check
+	NOT-FOR-US: Navidrome
 CVE-2024-3827 (The Spectra Pro plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3238 (The WordPress Menu Plugin \u2014 Superfly Responsive Menu plugin for W ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39668 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39667 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39665 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39663 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39662 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39661 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39660 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39659 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39656 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39655 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39652 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39649 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39648 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39647 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39646 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39644 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39643 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39637 (Server Side Request Forgery (SSRF) vulnerability in Pixelcurve Edubin  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39636 (Deserialization of Untrusted Data vulnerability in CodeSolz Better Fin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39634 (Improper Privilege Management vulnerability in IdeaBox PowerPack Pro f ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39633 (Improper Privilege Management vulnerability in IdeaBox PowerPack for B ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39631 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39630 (Deserialization of Untrusted Data vulnerability in MotoPress Timetable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39629 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39627 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39626 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39624 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39621 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39619 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-39396 (InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: InDesign Desktop
 CVE-2024-39392 (InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: InDesign Desktop
 CVE-2024-38791 (Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38776 (Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson WP Go ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38775 (Improper Privilege Management vulnerability in WebAppick CTX Feed allo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38772 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38770 (Improper Privilege Management vulnerability in Revmakx Backup and Stag ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38768 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38761 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38746 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38482 (CloudLink, versions 7.1.x and 8.x, contain an Improper check or handli ...)
-	TODO: check
+	NOT-FOR-US: CloudLink
 CVE-2024-32931 (Under certain circumstances the exacqVision Web Service can expose aut ...)
-	TODO: check
+	NOT-FOR-US: exacqVision
 CVE-2024-32865 (Under certain circumstances the exacqVision Server will not properly v ...)
-	TODO: check
+	NOT-FOR-US: exacqVision
 CVE-2024-32864 (Under certain circumstances exacqVision Web Services will not enforce  ...)
-	TODO: check
+	NOT-FOR-US: exacqVision
 CVE-2024-32863 (Under certain circumstances the exacqVision Web Services may be suscep ...)
-	TODO: check
+	NOT-FOR-US: exacqVision
 CVE-2024-32862 (Under certain circumstances the ExacqVision Web Services does not prov ...)
-	TODO: check
+	NOT-FOR-US: exacqVision
 CVE-2024-32758 (Under certain circumstances the communication between exacqVision Clie ...)
-	TODO: check
+	NOT-FOR-US: exacqVision
 CVE-2024-22278 (Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2. ...)
-	TODO: check
+	NOT-FOR-US: Harbor
 CVE-2023-52209 (Improper Privilege Management vulnerability in WPForms, LLC. WPForms U ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7365 (A vulnerability was found in SourceCodester Tracking Monitoring Manage ...)
 	NOT-FOR-US: SourceCodester Tracking Monitoring Management System
 CVE-2024-7364 (A vulnerability has been found in SourceCodester Tracking Monitoring M ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db488a54e1e028d8302a40deb1602a4b3b7bb871

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db488a54e1e028d8302a40deb1602a4b3b7bb871
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240802/164dcec5/attachment.htm>

More information about the debian-security-tracker-commits mailing list