[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jun 22 21:34:52 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2d20a578 by Salvatore Bonaccorso at 2024-06-22T22:34:13+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2024-6253 (A vulnerability was found in itsourcecode Online Food Ordering System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Online Food Ordering System
CVE-2024-6252 (A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classi ...)
- TODO: check
+ NOT-FOR-US: Zorlan SkyCaiji
CVE-2024-6251 (A vulnerability, which was classified as problematic, was found in pla ...)
- TODO: check
+ NOT-FOR-US: playSMS
CVE-2024-5443 (CVE-2024-4320 describes a vulnerability in the parisneo/lollms softwar ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms
CVE-2024-38379 (Apache Allura's neighborhood settings are vulnerable to a stored XSS a ...)
- TODO: check
+ NOT-FOR-US: Apache Allura
CVE-2024-38319 (IBM Security SOAR 51.0.2.0 could allow an authenticated user to execut ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-6120 (The Sparkle Demo Importer plugin for WordPress is vulnerable to unauth ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5966 (The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site ...)
@@ -35,7 +35,7 @@ CVE-2024-37694 (ArcGIS Enterprise Server 10.8.0 allows a remote attacker to obta
CVE-2024-37654 (An issue in BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01B ...)
NOT-FOR-US: BAS-IP
CVE-2024-36532 (Insecure permissions in kruise v1.6.2 allows attackers to access sensi ...)
- TODO: check
+ NOT-FOR-US: Kruise
CVE-2024-34989 (In the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from ...)
NOT-FOR-US: PrestaShop module
CVE-2024-34452 (CMSimple_XH 1.7.6 allows XSS by uploading a crafted SVG document.)
@@ -403,13 +403,13 @@ CVE-2024-38082 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
CVE-2024-37899 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
NOT-FOR-US: XWiki
CVE-2024-37183 (Plain text credentials and session ID can be captured with a network s ...)
- TODO: check
+ NOT-FOR-US: Westermo
CVE-2024-36071 (Samsung Magician 8.0.0 on Windows allows an admin to escalate privileg ...)
NOT-FOR-US: Samsung
CVE-2024-35246 (An attacker may be able to cause a denial-of-service condition by send ...)
- TODO: check
+ NOT-FOR-US: Westermo
CVE-2024-32943 (An attacker may be able to cause a denial-of-service condition by send ...)
- TODO: check
+ NOT-FOR-US: Westermo
CVE-2024-31586 (A Cross Site Scripting (XSS) vulnerability exists in Computer Laborato ...)
NOT-FOR-US: Computer Laboratory Management System
CVE-2024-30848 (Cross-site scripting (XSS) vulnerability in SilverSky E-mail service v ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d20a578c18904b1767671913fcc4ff831f9a6dc
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d20a578c18904b1767671913fcc4ff831f9a6dc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240622/ecda4108/attachment.htm>
More information about the debian-security-tracker-commits
mailing list