[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 22 13:34:22 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
52350c3e by Salvatore Bonaccorso at 2024-07-22T14:33:33+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,105 +1,105 @@
CVE-2024-6970 (A vulnerability classified as critical has been found in itsourcecode ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-6969 (A vulnerability was found in SourceCodester Clinics Patient Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Clinics Patient Management System
CVE-2024-6968 (A vulnerability was found in SourceCodester Clinics Patient Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Clinics Patient Management System
CVE-2024-6967 (A vulnerability was found in SourceCodester Employee and Visitor Gate ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Employee and Visitor Gate Pass Logging System
CVE-2024-6966 (A vulnerability was found in itsourcecode Online Blood Bank Management ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Online Blood Bank Management System
CVE-2024-6965 (A vulnerability has been found in Tenda O3 1.0.0.10 and classified as ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-6964 (A vulnerability, which was classified as critical, was found in Tenda ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-6963 (A vulnerability, which was classified as critical, has been found in T ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-6962 (A vulnerability classified as critical was found in Tenda O3 1.0.0.10. ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-6961 (RAIL documents are an XML-based format invented by Guardrails AI to en ...)
- TODO: check
+ NOT-FOR-US: Guardrails
CVE-2024-6960 (The H2O machine learning platform uses "Iced" classes as the primary m ...)
TODO: check
CVE-2024-6958 (A vulnerability classified as critical was found in itsourcecode Unive ...)
- TODO: check
+ NOT-FOR-US: itsourcecode University Management System
CVE-2024-6957 (A vulnerability classified as critical has been found in itsourcecode ...)
- TODO: check
+ NOT-FOR-US: itsourcecode University Management System
CVE-2024-6956 (A vulnerability was found in itsourcecode University Management System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode University Management System
CVE-2024-6955 (A vulnerability was found in SourceCodester Record Management System 1 ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Record Management System
CVE-2024-6954 (A vulnerability was found in SourceCodester Record Management System 1 ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Record Management System
CVE-2024-6953 (A vulnerability was found in itsourcecode Tailoring Management System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-6952 (A vulnerability has been found in itsourcecode University Management S ...)
- TODO: check
+ NOT-FOR-US: itsourcecode University Management System
CVE-2024-6951 (A vulnerability, which was classified as critical, was found in Source ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Simple Online Book Store System
CVE-2024-6950 (A vulnerability, which was classified as critical, has been found in P ...)
- TODO: check
+ NOT-FOR-US: Prain
CVE-2024-6949 (A vulnerability classified as problematic was found in Gargaj wuhu up ...)
- TODO: check
+ NOT-FOR-US: Gargaj wuhu
CVE-2024-6948 (A vulnerability classified as critical has been found in Gargaj wuhu u ...)
- TODO: check
+ NOT-FOR-US: Gargaj wuhu
CVE-2024-6947 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rate ...)
- TODO: check
+ NOT-FOR-US: Flute CMS
CVE-2024-6946 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been decl ...)
- TODO: check
+ NOT-FOR-US: Flute CMS
CVE-2024-6271 (The Community Events WordPress plugin before 1.5 does not have CSRF ch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6244 (The PZ Frontend Manager WordPress plugin before 1.0.6 does not have CS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6243 (The HTML Forms WordPress plugin before 1.3.33 does not sanitize and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5973 (The MasterStudy LMS WordPress Plugin WordPress plugin before 3.3.24 d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5529 (The WP QuickLaTeX WordPress plugin before 3.8.8 does not sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5004 (The CM Popup Plugin for WordPress WordPress plugin before 1.6.6 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-41709 (Backdrop CMS before 1.27.3 and 1.28.x before 1.28.2 does not sufficien ...)
TODO: check
CVE-2024-41704 (LibreChat through 0.7.4-rc1 does not validate the normalized pathnames ...)
- TODO: check
+ NOT-FOR-US: LibreChat
CVE-2024-41703 (LibreChat through 0.7.4-rc1 has incorrect access control for message u ...)
- TODO: check
+ NOT-FOR-US: LibreChat
CVE-2024-40430 (In SFTPGO 2.6.2, the JWT implementation lacks cerrtain security measur ...)
TODO: check
CVE-2024-38786 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38785 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38784 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38782 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38781 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37485 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37480 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37466 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37465 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37461 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37460 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37459 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37457 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37449 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37447 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37446 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37391 (ProtonVPN before 3.2.10 on Windows mishandles the drive installer path ...)
- TODO: check
+ NOT-FOR-US: ProtonVPN
CVE-2024-6945 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been clas ...)
NOT-FOR-US: Flute CMS
CVE-2024-6944 (A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and class ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52350c3e80f0480c17ba3eb4728d94fd69f3999a
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52350c3e80f0480c17ba3eb4728d94fd69f3999a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240722/1c7288d0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list