[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Dec 17 08:59:15 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6de0d8f0 by Moritz Muehlenhoff at 2024-12-17T09:58:57+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,11 +3,11 @@ CVE-2024-9624 (The WP All Import Pro plugin for WordPress is vulnerable to Serve
 CVE-2024-56017 (Cross-Site Request Forgery (CSRF) vulnerability in Tom Royal Stop Regi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-55951 (Metabase is an open-source data analytics platform. For new sandboxing ...)
-	TODO: check
+	NOT-FOR-US: Metabase
 CVE-2024-55864 (Cross-site scripting vulnerability exists in My WP Customize Admin/Fro ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-55557 (ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardco ...)
-	NOT-FOR-US: WordPress plugin
+	NOT-FOR-US: Weasis
 CVE-2024-55554 (Intrexx Portal Server before 12.0.2 allows XSS via a user-defined port ...)
 	NOT-FOR-US: Intrexx Portal Server
 CVE-2024-55452 (A URL redirection vulnerability exists in UJCMS 9.6.3 due to improper  ...)
@@ -23,45 +23,45 @@ CVE-2024-55100 (A stored cross-site scripting (XSS) vulnerability in the compone
 CVE-2024-55085 (GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the t ...)
 	NOT-FOR-US: GetSimple CMS CE
 CVE-2024-54125 (Improper authorization in handler for custom URL scheme issue in "Shon ...)
-	TODO: check
+	NOT-FOR-US: Shonen Jump+
 CVE-2024-52949 (iptraf-ng 1.2.1 has a stack-based buffer overflow.)
 	TODO: check
 CVE-2024-38499 (CA Client Automation (ITCM) allows non-admin/non-root users to encrypt ...)
-	TODO: check
+	NOT-FOR-US: Broadcom CA Client Automation
 CVE-2024-37776 (A cross-site scripting (XSS) vulnerability in Sunbird DCIM dcTrack v9. ...)
-	TODO: check
+	NOT-FOR-US: Sunbird DCIM dcTrack
 CVE-2024-37775 (Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attacke ...)
-	TODO: check
+	NOT-FOR-US: Sunbird DCIM dcTrack
 CVE-2024-37774 (A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 all ...)
-	TODO: check
+	NOT-FOR-US: Sunbird DCIM dcTrack
 CVE-2024-37773 (An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows a ...)
-	TODO: check
+	NOT-FOR-US: Sunbird DCIM dcTrack
 CVE-2024-35230 (GeoServer is an open source software server written in Java that allow ...)
 	TODO: check
 CVE-2024-29671 (Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 all ...)
-	TODO: check
+	NOT-FOR-US: NEXTU FLATA AX1500 Router
 CVE-2024-12443 (The CRM Perks \u2013 WordPress HelpDesk Integration \u2013 Zendesk, Fr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12356 (A critical vulnerability has been discovered in Privileged Remote Acce ...)
-	TODO: check
+	NOT-FOR-US: BeyondTrust
 CVE-2024-12239 (The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12220 (The SMS for WooCommerce plugin for WordPress is vulnerable to Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12219 (The Stop Registration Spam plugin for WordPress is vulnerable to Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11999 (CWE-1104: Use of Unmaintained Third-Party Components vulnerability exi ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2024-11906 (The TPG Get Posts plugin for WordPress is vulnerable to Stored Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11905 (The Animated Counters plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11902 (The Slope Widgets plugin for WordPress is vulnerable to Stored Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11900 (The Portfolio \u2013 Filterable Masonry Portfolio Gallery for Professi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10205 (Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on  ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2024-8058 (An improper parsing vulnerability was reported in the FileZ client tha ...)
 	NOT-FOR-US: FileZ client
 CVE-2024-6002



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6de0d8f0408e35b433c23c53bd2ec5a4f429fe2e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6de0d8f0408e35b433c23c53bd2ec5a4f429fe2e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241217/95fb0de0/attachment.htm>

More information about the debian-security-tracker-commits mailing list