[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 4 09:52:20 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b15d75e by Moritz Muehlenhoff at 2024-06-04T10:51:28+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,121 +1,121 @@
 CVE-2024-5485 (The SureTriggers \u2013 Connect All Your Plugins, Apps, Tools & Automa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5422 (An uncontrolled resource consumption of file descriptors in SEH Comput ...)
-	TODO: check
+	NOT-FOR-US: SEH Computertechnik utnserver
 CVE-2024-5421 (Missing input validation and OS command integration of the input in th ...)
-	TODO: check
+	NOT-FOR-US: SEH Computertechnik utnserver
 CVE-2024-5420 (Missing input validation in theSEH Computertechnik utnserver Pro, SEH  ...)
-	TODO: check
+	NOT-FOR-US: SEH Computertechnik utnserver
 CVE-2024-4997 (The WPUpper Share Buttons plugin for WordPress is vulnerable to unauth ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4870 (The Frontend Registration \u2013 Contact Form 7 plugin for WordPress i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4857 (The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitis ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4856 (The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitis ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4750 (The buddyboss-platform WordPress plugin before 2.6.0 contains an IDOR  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4749 (The wp-eMember WordPress plugin before 10.3.9 does not sanitize and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4697 (The Cowidgets \u2013 Elementor Addons plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4552 (The Social Login Lite For WooCommerce plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4462 (The Nafeza Prayer Time plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4274 (The Essential Real Estate plugin for WordPress is vulnerable to unauth ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4273 (The Essential Real Estate plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4253 (A command injection vulnerability exists in the gradio-app/gradio repo ...)
 	TODO: check
 CVE-2024-4180 (The Events Calendar WordPress plugin before 6.4.0.1 does not properly  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4057 (The Gutenberg Blocks with AI by Kadence WP  WordPress plugin before 3. ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3888 (The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3555 (The Social Link Pages: link-in-bio landing pages for your social media ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3230 (The Download Attachments plugin for WordPress is vulnerable to Stored  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3031 (The Fluid Notification Bar plugin for WordPress is vulnerable to Store ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-36782 (TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded  ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-2470 (The Simple Ajax Chat  WordPress plugin before 20240412 does not saniti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2382 (The Authorize.net Payment Gateway For WooCommerce plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2019 (The WP-DB-Table-Editor plugin for WordPress is vulnerable to unauthori ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-29976 (** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vuln ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2024-29975 (** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vuln ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2024-29974 (** UNSUPPORTED WHEN ASSIGNED ** The remote code execution vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2024-29973 (** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2024-29972 (** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2024-20887 (Arbitrary directory creation in GalaxyBudsManager PC prior to version  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20886 (Arbitrary directory creation in Samsung Live Wallpaper PC prior to ver ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20885 (Improper component protection vulnerability in Samsung Dialer prior to ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20884 (Incorrect use of privileged API vulnerability in getSemBatteryUsageSta ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20883 (Incorrect use of privileged API vulnerability in registerBatteryStatsC ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20882 (Out-of-bounds read vulnerability in bootloader prior to SMR June-2024  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20881 (Improper input validation vulnerability in chnactiv TA prior to SMR Ju ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20880 (Stack-based buffer overflow vulnerability in bootloader prior to SMR J ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20879 (Improper input validation vulnerability in libsavscmn.so prior to SMR  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20878 (Heap out-of-bound write vulnerability in parsing grid image in libsavs ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20877 (Heap out-of-bound write vulnerability in parsing grid image header in  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20876 (Improper input validation in libsheifdecadapter.so prior to SMR Jun-20 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20875 (Improper caller verification vulnerability in SemClipboard prior to SM ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20874 (Improper access control vulnerability in SmartManagerCN prior to SMR J ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-20873 (Improper input validation vulnerability in caminfo driver prior to SMR ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-1718 (The Claudio Sanches \u2013 Checkout Cielo for WooCommerce plugin for W ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1717 (The Admin Notices Manager plugin for WordPress is vulnerable to unauth ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0757 (The Insert or Embed Articulate Content into WordPress plugin through 4 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-44235 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-41134 (Authentication Bypass by Spoofing vulnerability in pluginkollektiv Ant ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-40673 (: Improper Control of Interaction Frequency vulnerability in cartpauj  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-40557 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-40332 (Improper Control of Interaction Frequency vulnerability in Lester \u20 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-39161 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-38520 (External Control of Assumed-Immutable Web Parameter vulnerability in P ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-37865 (Authentication Bypass by Spoofing vulnerability in IP2Location Downloa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-34001 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-33930 (Unrestricted Upload of File with Dangerous Type vulnerability in Unlim ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5404 (An unauthenticated remote attackercan change the admin password in amo ...)
 	NOT-FOR-US: ifm electronic GmbH
 CVE-2024-5388



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b15d75efe64c4922ff2b75a335e63fdff2ff016

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b15d75efe64c4922ff2b75a335e63fdff2ff016
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240604/6317abda/attachment.htm>

More information about the debian-security-tracker-commits mailing list