[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Jul 21 21:32:58 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
59336dc7 by Salvatore Bonaccorso at 2024-07-21T22:31:53+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -37,61 +37,61 @@ CVE-2024-38435 (Unitronics Vision PLC \u2013CWE-703: Improper Check or Handling
CVE-2024-38434 (Unitronics Vision PLC \u2013 CWE-676: Use of Potentially Dangerous ...)
NOT-FOR-US: Unitronics Vision PLC
CVE-2024-37559 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37558 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37557 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37556 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37552 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37551 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37550 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37549 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37548 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37545 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37538 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37537 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37536 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37523 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37522 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37521 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37519 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37515 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37514 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37512 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37509 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37507 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37500 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37495 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37492 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37489 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37488 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37487 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6848 (The Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Edit ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6497 (The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to S ...)
@@ -113,37 +113,37 @@ CVE-2024-37953 (Improper Neutralization of Input During Web Page Generation (XSS
CVE-2024-37951 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-37950 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37949 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37948 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37947 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37946 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37944 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37943 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37936 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37922 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37920 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37919 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37918 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37565 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37563 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37562 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37561 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6694 (The WP Mail SMTP plugin for WordPress is vulnerable to information exp ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6637 (The WooCommerce - Social Login plugin for WordPress is vulnerable to u ...)
@@ -255,7 +255,7 @@ CVE-2024-37961 (Improper Neutralization of Input During Web Page Generation (XSS
CVE-2024-37960 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: WordPress plugin
CVE-2024-2337 (The Easy Testimonials plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6916 (A vulnerability in Zowe CLI allows local, privileged actors to display ...)
NOT-FOR-US: Zowe CLI
CVE-2024-6908 (Improper privilege management in Yugabyte Platform allows authenticate ...)
@@ -291,11 +291,11 @@ CVE-2024-41281 (Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get
CVE-2024-41172 (In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower vers ...)
NOT-FOR-US: Apache CXF
CVE-2024-41124 (Puncia is the Official CLI utility for Subdomain Center & Exploit Obse ...)
- TODO: check
+ NOT-FOR-US: Puncia
CVE-2024-41122 (Woodpecker is a simple yet powerful CI/CD engine with great extensibil ...)
- TODO: check
+ NOT-FOR-US: Woodpecker
CVE-2024-41121 (Woodpecker is a simple yet powerful CI/CD engine with great extensibil ...)
- TODO: check
+ NOT-FOR-US: Woodpecker
CVE-2024-41107 (The CloudStack SAML authentication (disabled by default) does not enfo ...)
TODO: check
CVE-2024-40400 (An arbitrary file upload vulnerability in the image upload function of ...)
@@ -313,15 +313,15 @@ CVE-2024-39123 (In janeczku Calibre-Web 0.6.0 to 0.6.21, the edit_book_comments
CVE-2024-37066 (A command injection vulnerability exists in Wyze V4 Pro firmware versi ...)
NOT-FOR-US: Wyze
CVE-2024-32007 (An improper input validation of thep2c parameter in the Apache CXF JOS ...)
- TODO: check
+ NOT-FOR-US: Apache CXF
CVE-2024-29736 (A SSRF vulnerability in WADL service description in versions of Apache ...)
- TODO: check
+ NOT-FOR-US: Apache CXF
CVE-2024-29080 (Potential vulnerabilities have been identified in the HP Display Contr ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2024-27489 (An issue in the DelFile() function of WMCMS v4.4 allows attackers to d ...)
- TODO: check
+ NOT-FOR-US: WMCMS
CVE-2024-24970 (Potential vulnerabilities have been identified in the HP Display Contr ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2024-0006 (Information exposure in the logging system in Yugabyte Platform allows ...)
TODO: check
CVE-2024-6903 (A vulnerability, which was classified as critical, has been found in S ...)
@@ -358,9 +358,9 @@ CVE-2024-40642 (The netty incubator codec.bhttp is a java language binary http p
CVE-2024-38156 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-35199 (TorchServe is a flexible and easy-to-use tool for serving and scaling ...)
- TODO: check
+ NOT-FOR-US: TorchServe
CVE-2024-35198 (TorchServe is a flexible and easy-to-use tool for serving and scaling ...)
- TODO: check
+ NOT-FOR-US: TorchServe
CVE-2024-30130 (HCL Nomad server on Domino is vulnerable to the cache containing sensi ...)
NOT-FOR-US: HCL
CVE-2024-21583 (Versions of the package github.com/gitpod-io/gitpod/components/server/ ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59336dc724cf261df75f6b1ccf785ac0a1d86d6d
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59336dc724cf261df75f6b1ccf785ac0a1d86d6d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240721/452a0a80/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list