[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Jul 21 21:10:13 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
74c2603c by Salvatore Bonaccorso at 2024-07-21T22:09:30+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
CVE-2024-6945 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been clas ...)
- TODO: check
+ NOT-FOR-US: Flute CMS
CVE-2024-6944 (A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and class ...)
- TODO: check
+ NOT-FOR-US: ZhongBangKeJi CRMEB
CVE-2024-6943 (A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and ...)
- TODO: check
+ NOT-FOR-US: ZhongBangKeJi CRMEB
CVE-2024-6942 (A vulnerability, which was classified as problematic, was found in Thi ...)
- TODO: check
+ NOT-FOR-US: ThinkSAAS
CVE-2024-6941 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: ThinkSAAS
CVE-2024-6940 (A vulnerability was found in DedeCMS 5.7.114. It has been classified a ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-6939 (A vulnerability was found in Xinhu RockOA 2.6.3 and classified as prob ...)
- TODO: check
+ NOT-FOR-US: Xinhu RockOA
CVE-2024-6938 (A vulnerability has been found in SiYuan 3.1.0 and classified as probl ...)
- TODO: check
+ NOT-FOR-US: SiYuan
CVE-2024-6937 (A vulnerability, which was classified as problematic, was found in for ...)
- TODO: check
+ NOT-FOR-US: Form Tools
CVE-2024-6936 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: Form Tools
CVE-2024-6935 (A vulnerability classified as problematic was found in formtools.org F ...)
- TODO: check
+ NOT-FOR-US: Form Tools
CVE-2024-6934 (A vulnerability classified as problematic has been found in formtools. ...)
- TODO: check
+ NOT-FOR-US: Form Tools
CVE-2024-6933 (A vulnerability was found in LimeSurvey 6.5.14-240624. It has been rat ...)
TODO: check
CVE-2024-6932 (A vulnerability was found in ClassCMS 4.5. It has been declared as pro ...)
- TODO: check
+ NOT-FOR-US: ClassCMS
CVE-2024-38438 (D-Link - CWE-294: Authentication Bypass by Capture-replay)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-38437 (D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Chan ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-38436 (Commugen SOX 365 \u2013CWE-79: Improper Neutralization of Input During ...)
- TODO: check
+ NOT-FOR-US: Commugen SOX 365
CVE-2024-38435 (Unitronics Vision PLC \u2013CWE-703: Improper Check or Handling of Exc ...)
- TODO: check
+ NOT-FOR-US: Unitronics Vision PLC
CVE-2024-38434 (Unitronics Vision PLC \u2013 CWE-676: Use of Potentially Dangerous ...)
- TODO: check
+ NOT-FOR-US: Unitronics Vision PLC
CVE-2024-37559 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2024-37558 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -93,25 +93,25 @@ CVE-2024-37488 (Improper Neutralization of Input During Web Page Generation (XSS
CVE-2024-37487 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2024-6848 (The Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Edit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6497 (The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37959 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37958 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37957 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37956 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37955 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37954 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37953 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37951 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37950 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2024-37949 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -145,115 +145,115 @@ CVE-2024-37562 (Improper Neutralization of Input During Web Page Generation (XSS
CVE-2024-37561 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2024-6694 (The WP Mail SMTP plugin for WordPress is vulnerable to information exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6637 (The WooCommerce - Social Login plugin for WordPress is vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6636 (The WooCommerce - Social Login plugin for WordPress is vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6635 (The WooCommerce - Social Login plugin for WordPress is vulnerable to a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6560 (The Addonify \u2013 Quick View For WooCommerce plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6491 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6489 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6281 (A path traversal vulnerability exists in the `apply_settings` function ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms
CVE-2024-5804 (The Conditional Fields for Contact Form 7 plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-40348 (An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allow ...)
- TODO: check
+ NOT-FOR-US: Bazaar (not the same as src:bzr)
CVE-2024-40347 (A reflected cross-site scripting (XSS) vulnerability in Hyland Alfresc ...)
- TODO: check
+ NOT-FOR-US: Hyland Alfresco Platform
CVE-2024-3934 (The Mercado Pago payments for WooCommerce plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38767 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38758 (Server-Side Request Forgery (SSRF) vulnerability in WappPress Team Wap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38757 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38750 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38741 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38739 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-38738 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38725 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38722 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38720 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38718 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38713 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38712 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38711 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38710 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38705 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38703 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38698 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38697 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38696 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38694 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38689 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38687 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38686 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38685 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38684 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38683 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38682 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38681 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38680 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38679 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38678 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38677 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38676 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38675 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38674 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38673 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38672 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38671 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38670 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38669 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37961 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37960 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2337 (The Easy Testimonials plugin for WordPress is vulnerable to Stored Cro ...)
TODO: check
CVE-2024-6916 (A vulnerability in Zowe CLI allows local, privileged actors to display ...)
@@ -299,7 +299,7 @@ CVE-2024-41121 (Woodpecker is a simple yet powerful CI/CD engine with great exte
CVE-2024-41107 (The CloudStack SAML authentication (disabled by default) does not enfo ...)
TODO: check
CVE-2024-40400 (An arbitrary file upload vulnerability in the image upload function of ...)
- TODO: check
+ NOT-FOR-US: automad
CVE-2024-39963 (AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Du ...)
NOT-FOR-US: AX3000 Dual-Band Gigabit Wi-Fi 6 Router
CVE-2024-39962 (D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 w ...)
@@ -2396,7 +2396,7 @@ CVE-2024-6528 (CWE-79: Improper Neutralization of Input During Web Page Generati
CVE-2024-6485 (A security vulnerability has been discovered in bootstrap that could e ...)
TODO: check
CVE-2024-6484 (A vulnerability has been identified in Bootstrap that exposes users to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6407 (CWE-200: Information Exposure vulnerability exists that could cause di ...)
NOT-FOR-US: Schneider Electric
CVE-2024-6035 (A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbia ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74c2603ca9a7605e8651b748dd78fd4d7e7b8dfc
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74c2603ca9a7605e8651b748dd78fd4d7e7b8dfc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240721/faaa5f78/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list