[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 5 21:23:27 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
55f1f248 by Salvatore Bonaccorso at 2024-06-05T22:22:37+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2,49 +2,49 @@ CVE-2024-5629 (An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or ea
- pymongo <unfixed>
NOTE: https://jira.mongodb.org/browse/PYTHON-4305
CVE-2024-5571 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5536 (The GamiPress \u2013 Link plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5526 (Grafana OnCall is an easy-to-use on-call management tool that will hel ...)
TODO: check
CVE-2024-5459 (The Restaurant Menu and Food Ordering plugin for WordPress is vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5184 (The EmailGPT service contains a prompt injection vulnerability.The ser ...)
- TODO: check
+ NOT-FOR-US: EmailGPT service
CVE-2024-5037 (A flaw was found in OpenShift's Telemeter. If certain conditions are i ...)
TODO: check
CVE-2024-4821 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4812 (A flaw was found in the Katello plugin for Foreman, where it is possib ...)
TODO: check
CVE-2024-4743 (The LifterLMS \u2013 WordPress LMS Plugin for eLearning plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4009 (Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BC ...)
- TODO: check
+ NOT-FOR-US: ABB, Busch-Jaeger, FTS Display and BCU
CVE-2024-4008 (FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (ve ...)
- TODO: check
+ NOT-FOR-US: ABB, Busch-Jaeger, FTS Display and BCU
CVE-2024-4001 (The Download Manager plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3716 (A flaw was found in foreman-installer when puppet-candlepin is invoked ...)
TODO: check
CVE-2024-3469 (The GP Premium plugin for WordPress is vulnerable to Reflected Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-36837 (SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker ...)
- TODO: check
+ NOT-FOR-US: CRMEB
CVE-2024-36670 (idccms v1.35 was discovered to contain a Cross-Site Request Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36669 (idccms v1.35 was discovered to contain a Cross-Site Request Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36668 (idccms v1.35 was discovered to contain a Cross-Site Request Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36667 (idccms v1.35 was discovered to contain a Cross-Site Request Forgery (C ...)
- TODO: check
+ NOT-FOR-US: idccms
CVE-2024-36129 (The OpenTelemetry Collector offers a vendor-agnostic implementation on ...)
TODO: check
CVE-2024-35674 (Missing Authorization vulnerability in Unlimited Elements Unlimited El ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35673 (Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat by Ruby P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31631
REJECTED
CVE-2024-31630
@@ -66,51 +66,51 @@ CVE-2024-31623
CVE-2024-31622
REJECTED
CVE-2024-28818 (An issue was discovered in Samsung Mobile Processor, Wearable Processo ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27382 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27381 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27380 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27379 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27378 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27377 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27376 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27375 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27374 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27373 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27372 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27371 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-27370 (An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-20405 (A vulnerability in the web-based management interface of Cisco Finesse ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-20404 (A vulnerability in the web-based management interface of Cisco Finesse ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2024-1662 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: PORTY Smart Tech Technology Joint Stock Company PowerBank Application
CVE-2024-1272 (Inclusion of Sensitive Information in Source Code vulnerability in TNB ...)
- TODO: check
+ NOT-FOR-US: TNB Mobile Solutions Cockpit Software
CVE-2023-6734
REJECTED
CVE-2023-50804 (An issue was discovered in Samsung Mobile Processor, Automotive Proces ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-50803 (An issue was discovered in Samsung Mobile Processor, Automotive Proces ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-49928 (An issue was discovered in Samsung Mobile Processor, Automotive Proces ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-49927 (An issue was discovered in Samsung Mobile Processor, Automotive Proces ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-5636 (A vulnerability was found in itsourcecode Bakery Online Ordering Syste ...)
NOT-FOR-US: Bakery Online Ordering System
CVE-2024-5635 (A vulnerability was found in itsourcecode Bakery Online Ordering Syste ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55f1f2486276cef54b9a90ae42a146037cf747a6
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55f1f2486276cef54b9a90ae42a146037cf747a6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240605/b7f0592d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list