[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jun 21 21:38:38 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2e91059f by Salvatore Bonaccorso at 2024-06-21T22:37:58+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,97 +1,97 @@
CVE-2024-6241 (A vulnerability was found in Pear Admin Boot up to 2.0.2 and classifie ...)
- TODO: check
+ NOT-FOR-US: Pear Admin Boot
CVE-2024-6240 (Improper privilege management vulnerability in Parallels Desktop Softw ...)
- TODO: check
+ NOT-FOR-US: Parallels Desktop
CVE-2024-6239 (A flaw was found in the Poppler's Pdfinfo utility. This issue occurs w ...)
TODO: check
CVE-2024-6027 (The Themify \u2013 WooCommerce Product Filter plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5859 (The Online Booking & Scheduling Calendar for WordPress by vcita plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5059 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5058 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3036 (Improper Input Validation vulnerability in ABB 800xA Base. An attacker ...)
- TODO: check
+ NOT-FOR-US: ABB 800xA Base
CVE-2024-37790
REJECTED
CVE-2024-37675 (Cross Site Scripting vulnerability in Tessi Docubase Document Manageme ...)
- TODO: check
+ NOT-FOR-US: Tessi Docubase Document Management
CVE-2024-37673 (Cross Site Scripting vulnerability in Tessi Docubase Document Manageme ...)
- TODO: check
+ NOT-FOR-US: Tessi Docubase Document Management
CVE-2024-37672 (Cross Site Scripting vulnerability in Tessi Docubase Document Manageme ...)
- TODO: check
+ NOT-FOR-US: Tessi Docubase Document Management
CVE-2024-37671 (Cross Site Scripting vulnerability in Tessi Docubase Document Manageme ...)
- TODO: check
+ NOT-FOR-US: Tessi Docubase Document Management
CVE-2024-37230 (Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Book Lan ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37227 (Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newslette ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37212 (Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Ali2Woo Lit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37198 (Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37118 (Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny ...)
- TODO: check
+ NOT-FOR-US: Uncanny Owl Uncanny Automator Pro
CVE-2024-35781 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35779 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35778 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35776 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35774 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35772 (Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Huem ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-35771 (Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Cust ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-35770 (Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeograp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35769 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35768 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35767 (Unrestricted Upload of File with Dangerous Type vulnerability in Bogda ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35766 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35764 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35763 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-35762 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35761 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35760 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35759 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35758 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-35757 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35537 (TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 wa ...)
- TODO: check
+ NOT-FOR-US: TVS Motor Company Limited TVS Connect
CVE-2024-31890 (IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for ...)
- TODO: check
+ NOT-FOR-US: IBM X-Force ID:
CVE-2023-51375 (Missing Authorization vulnerability in WPDeveloper EmbedPress.This iss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45673 (Joplin is a free, open source note taking and to-do application. A rem ...)
- TODO: check
+ NOT-FOR-US: Joplin
CVE-2023-45197 (The file upload plugin in Adminer and AdminerEvo allows an attacker to ...)
TODO: check
CVE-2023-39517 (Joplin is a free, open source note taking and to-do application. A Cro ...)
- TODO: check
+ NOT-FOR-US: Joplin
CVE-2023-38506 (Joplin is a free, open source note taking and to-do application. A Cro ...)
- TODO: check
+ NOT-FOR-US: Joplin
CVE-2023-38389 (Incorrect Authorization vulnerability in Artbees JupiterX Core allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37898 (Joplin is a free, open source note taking and to-do application. A Cro ...)
- TODO: check
+ NOT-FOR-US: Joplin
CVE-2024-39277 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -122840,7 +122840,7 @@ CVE-2022-45805 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2022-45804 (Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gall ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45803 (Missing Authorization vulnerability in Nikolay Strikhar WordPress Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45802 (Streampark allows any users to upload a jar as application, but there ...)
NOT-FOR-US: Apache StreamPark
CVE-2022-45801 (Apache StreamPark 1.0.0 to 2.0.0 have a LDAP injection vulnerability. ...)
@@ -127674,7 +127674,7 @@ CVE-2022-44595 (Improper Authentication vulnerability in Melapress WP 2FA allows
CVE-2022-44594 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Code ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44593 (Use of Less Trusted Source vulnerability in SolidWP Solid Security all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-44592
RESERVED
CVE-2022-44591 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anth ...)
@@ -127686,7 +127686,7 @@ CVE-2022-44589 (Exposure of Sensitive Information to an Unauthorized Actor vulne
CVE-2022-44588 (Unauth. SQL Injection vulnerability inCryptocurrency Widgets Pack Plug ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44587 (Insertion of Sensitive Information into Log File vulnerability in WP 2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-44586 (Auth. (admin+) Stored Cross-Site Scripting (XSS) in Ayoub Media AM-HiL ...)
NOT-FOR-US: Ayoub Media
CVE-2022-44585 (Cross-Site Request Forgery (CSRF) vulnerability inMagneticlab S\xe0rlH ...)
@@ -132251,7 +132251,7 @@ CVE-2022-43459 (Cross-Site Request Forgery (CSRF) vulnerability in Forms by Capt
CVE-2022-43458 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Code ...)
NOT-FOR-US: WordPress plugin
CVE-2022-43453 (Missing Authorization vulnerability in Bill Minozzi WP Tools.This issu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-43450 (Authorization Bypass Through User-Controlled Key vulnerability in XWP ...)
NOT-FOR-US: WordPress plugin
CVE-2022-43445
@@ -137774,7 +137774,7 @@ CVE-2022-38063 (Cross-Site Request Forgery (CSRF) vulnerability in Social Login
CVE-2022-38057 (Missing Authorization vulnerability in ThemeHunk Advance WordPress Sea ...)
NOT-FOR-US: WordPress plugin
CVE-2022-38055 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-36418 (Missing Authorization vulnerability in Vagary Digital HREFLANG Tags Li ...)
NOT-FOR-US: WordPress plugin
CVE-2022-36399 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e91059f49539e5a76a49da0c67fc2f6352f41e2
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e91059f49539e5a76a49da0c67fc2f6352f41e2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240621/c5511b4f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list