[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 11 21:24:22 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a9ae7c04 by Salvatore Bonaccorso at 2024-06-11T22:23:50+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,23 +5,23 @@ CVE-2024-5829 (A vulnerability classified as problematic was found in smallweigi
CVE-2024-5825
REJECTED
CVE-2024-5813 (A medium severity vulnerability in BIPS has been identified where an a ...)
- TODO: check
+ NOT-FOR-US: BIPS
CVE-2024-5812 (A low severity vulnerability in BIPS has been identified where an atta ...)
- TODO: check
+ NOT-FOR-US: BIPS
CVE-2024-5584 (The WordPress Online Booking and Scheduling Plugin \u2013 Bookly plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5531 (The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5398
REJECTED
CVE-2024-5189 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4387
REJECTED
CVE-2024-4206
REJECTED
CVE-2024-4190 (Stored Cross-Site Scripting (XSS) vulnerabilities have been identified ...)
- TODO: check
+ NOT-FOR-US: OpenText ArcSight Logger
CVE-2024-4155
REJECTED
CVE-2024-37325 (Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerabil ...)
@@ -37,199 +37,199 @@ CVE-2024-37294 (Aimeos is an Open Source e-commerce framework for online shops.
CVE-2024-37293 (The AWS Deployment Framework (ADF) is a framework to manage and deploy ...)
TODO: check
CVE-2024-37161 (MeterSphere is an open source continuous testing platform. Prior to ve ...)
- TODO: check
+ NOT-FOR-US: MeterSphere
CVE-2024-36821 (Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 a ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2024-36702 (libiec61850 v1.5 was discovered to contain a heap overflow via the Ber ...)
TODO: check
CVE-2024-36650 (TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-36266 (A vulnerability has been identified in PowerSys (All versions < V3.11) ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35716 (Missing Authorization vulnerability in Copymatic Copymatic \u2013 AI C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35692 (Missing Authorization vulnerability in Termly Cookie Consent.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35685 (Missing Authorization vulnerability in Anders Nor\xe9n Radcliffe 2.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35683 (Missing Authorization vulnerability in Teplitsa of social technologies ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35671 (Missing Authorization vulnerability in Minoji MJ Update History.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35667 (Missing Authorization vulnerability in WP EasyCart.This issue affects ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35665 (Missing Authorization vulnerability in namithjawahar Insert Post Ads.T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35663 (Missing Authorization vulnerability in HahnCreativeGroup WP Translate. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35628 (Missing Authorization vulnerability in Photo Gallery Team Photo Galler ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35303 (A vulnerability has been identified in Tecnomatix Plant Simulation V23 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35292 (A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 ( ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35265 (Windows Perception Service Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35263 (Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35255 (Azure Identity Libraries and Microsoft Authentication Library Elevatio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35254 (Azure Monitor Agent Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35253 (Microsoft Azure File Sync Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35252 (Azure Storage Movement Client Library Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35250 (Windows Kernel-Mode Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35249 (Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35248 (Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnera ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-35213 (An improper input validation vulnerability in the SGI Image Codec of Q ...)
TODO: check
CVE-2024-35212 (A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35211 (A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35210 (A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35209 (A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35208 (A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35207 (A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35206 (A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-35168 (Missing Authorization vulnerability in Discourse WP Discourse.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34826 (Missing Authorization vulnerability in Tobias Conrad Design for Contac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34824 (Missing Authorization vulnerability in ThemeBoy SportsPress \u2013 Spo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34822 (Missing Authorization vulnerability in weDevs weMail.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34821 (Missing Authorization vulnerability in Contact List PRO Contact List \ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34820 (Missing Authorization vulnerability in If So Plugin If-So Dynamic Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34819 (Missing Authorization vulnerability in MoreConvert MC Woocommerce Wish ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34815 (Missing Authorization vulnerability in Codection Import and export use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34813 (Missing Authorization vulnerability in MoreConvert MC Woocommerce Wish ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34804 (Missing Authorization vulnerability in Tagembed.This issue affects Tag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34799 (Missing Authorization vulnerability in Repute Infosystems BookingPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34768 (Missing Authorization vulnerability in Fastly.This issue affects Fastl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34763 (Missing Authorization vulnerability in Tobias Conrad Builder for WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34758 (Missing Authorization vulnerability in Wpmet WP Fundraising Donation a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34753 (Missing Authorization vulnerability in SoftLab Radio Player.This issue ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34442 (Missing Authorization vulnerability in weDevs weDocs.This issue affect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-34406 (Improper exception handling in McAfee Security: Antivirus VPN for Andr ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2024-34405 (Improper deep link validation in McAfee Security: Antivirus VPN for An ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2024-33500 (A vulnerability has been identified in Mendix Applications using Mendi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-32148 (Missing Authorization vulnerability in Salesforce Pardot.This issue af ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32146 (Missing Authorization vulnerability in Aspose.Cloud Marketplace Aspose ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32144 (Missing Authorization vulnerability in Welcart Inc. Welcart e-Commerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32143 (Missing Authorization vulnerability in Podlove Podlove Podcast Publish ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31495 (A improper neutralization of special elements used in an sql command ( ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-30104 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30103 (Microsoft Outlook Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30102 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30101 (Microsoft Office Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30100 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30099 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30097 (Microsoft Speech Application Programming Interface (SAPI) Remote Code ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30096 (Windows Cryptographic Services Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30095 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30094 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30093 (Windows Storage Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30091 (Win32k Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30090 (Microsoft Streaming Service Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30089 (Microsoft Streaming Service Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30088 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30087 (Win32k Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30086 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30085 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30084 (Windows Kernel-Mode Driver Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30083 (Windows Standards-Based Storage Management Service Denial of Service V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30082 (Win32k Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30080 (Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30078 (Windows Wi-Fi Driver Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30077 (Windows OLE Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30076 (Windows Container Manager Service Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30075 (Windows Link Layer Topology Discovery Protocol Remote Code Execution V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30074 (Windows Link Layer Topology Discovery Protocol Remote Code Execution V ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30072 (Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30070 (DHCP Server Service Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30069 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30068 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30067 (Winlogon Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30066 (Winlogon Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30065 (Windows Themes Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30064 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30063 (Windows Distributed File System (DFS) Remote Code Execution Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30062 (Windows Standards-Based Storage Management Service Remote Code Executi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-30052 (Visual Studio Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-2462 (Allow attackers to intercept or falsify data exchanges between the cli ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-2461 (If exploited an attacker could traverse the file system to access fil ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-2013 (An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM se ...)
TODO: check
CVE-2024-2012 (vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that i ...)
@@ -237,37 +237,37 @@ CVE-2024-2012 (vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway t
CVE-2024-2011 (A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNE ...)
TODO: check
CVE-2024-29060 (Visual Studio Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-28024 (A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive inform ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-28023 (A vulnerability exists in the message queueing mechanism that if expl ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-28022 (A vulnerability exists in the FOXMAN-UN/UNEM server / APIGateway that ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-28021 (A vulnerability exists in the FOXMAN-UN/UNEM server that affects the m ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-28020 (A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM appli ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2024-26330 (An issue was discovered in Kape CyberGhostVPN 8.4.3.12823 on Windows. ...)
- TODO: check
+ NOT-FOR-US: Kape CyberGhostVPN
CVE-2024-26010 (A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1. ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-24704 (Missing Authorization vulnerability in AddonMaster Load More Anything. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-24703 (Missing Authorization vulnerability in MultiVendorX WC Marketplace.Thi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23521 (Missing Authorization vulnerability in Happyforms.This issue affects H ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23518 (Missing Authorization vulnerability in Navneil Naicker ACF Photo Galle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23503 (Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-23111 (A use of password hash with insufficient computational effort vulnerab ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-23110 (A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 throug ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2024-21754 (A use of password hash with insufficient computational effort vulnerab ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-52233 (Missing Authorization vulnerability in Post SMTP Post SMTP Mailer/Emai ...)
TODO: check
CVE-2023-52227 (Missing Authorization vulnerability in MailerLite MailerLite \u2013 Wo ...)
@@ -683,7 +683,7 @@ CVE-2024-22296 (Missing Authorization vulnerability in Code for Recovery 12 Step
CVE-2024-22279 (Improper handling of requests in Routing Release > v0.273.0 and <= v0. ...)
NOT-FOR-US: Cloud Foundry
CVE-2024-21751 (Missing Authorization vulnerability in RabbitLoader.This issue affects ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1228 (Use of hard-coded password to the patients' database allows an attacke ...)
NOT-FOR-US: Eurosoft Przychodnia
CVE-2023-40389 (The issue was addressed with improved restriction of data container ac ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9ae7c04b781a3f86d3eccc9ab454be2e6712907
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9ae7c04b781a3f86d3eccc9ab454be2e6712907
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240611/f0537187/attachment.htm>
More information about the debian-security-tracker-commits
mailing list