[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jun 26 10:04:10 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2c79aabb by Moritz Muehlenhoff at 2024-06-26T11:03:29+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,75 +1,75 @@
CVE-2024-6060 (An information disclosure vulnerability in Phloc Webscopes 7.0.0 allow ...)
- TODO: check
+ NOT-FOR-US: Phloc Webscopes
CVE-2024-5573 (The Easy Table of Contents WordPress plugin before 2.0.66 does not san ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5473 (The Simple Photoswipe WordPress plugin through 0.1 does not sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5460 (A vulnerability in the default configuration of the Simple Network Ma ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2024-5332 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5215 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5199 (The Spotify Play Button WordPress plugin through 1.0 does not validate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5181 (A command injection vulnerability exists in the mudler/localai version ...)
- TODO: check
+ NOT-FOR-US: localai
CVE-2024-5173 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5169 (The Video Widget WordPress plugin through 1.2.3 does not sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5071 (The Bookster WordPress plugin through 1.1.0 allows adding sensitive p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5019 (In WhatsUp Gold versions released before 2023.1.3, an unauthenticated ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5018 (In WhatsUp Gold versions released before 2023.1.3, an unauthenticated ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5017 (In WhatsUp Gold versions released before 2023.1.3, a path traversal vu ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5016 (In WhatsUp Gold versions released before 2023.1.3, Distributed Edition ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5015 (In WhatsUp Gold versions released before 2023.1.3,an authenticated SSR ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5014 (In WhatsUp Gold versions released before 2023.1.3, a Server Side Reque ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5013 (In WhatsUp Gold versions released before 2023.1.3,an unauthenticated D ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5012 (In WhatsUp Gold versions released before 2023.1.3, there is amissing a ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-4959 (The Frontend Checklist WordPress plugin through 2.3.2 does not sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4957 (The Frontend Checklist WordPress plugin through 2.3.2 does not sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4869 (The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4758 (The Muslim Prayer Time BD WordPress plugin through 2.4 does not have C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4106 (A vulnerability has been found in FAST/TOOLS and CI Server. The affect ...)
- TODO: check
+ NOT-FOR-US: Yokogawa FAST/TOOLS
CVE-2024-4105 (A vulnerability has been found in FAST/TOOLS and CI Server. The affect ...)
- TODO: check
+ NOT-FOR-US: Yokogawa FAST/TOOLS
CVE-2024-3633 (The WebP & SVG Support WordPress plugin through 1.4.0 does not sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38526 (pdoc provides API Documentation for Python Projects. Documentation gen ...)
TODO: check
CVE-2024-38516 (ai-client-html is an Aimeos e-commerce HTML client component. Debug in ...)
- TODO: check
+ NOT-FOR-US: ai-client-html
CVE-2024-38364 (DSpace is an open source software is a turnkey repository application ...)
TODO: check
CVE-2024-37855 (An issue in Nepstech Wifi Router xpon (terminal) NTPL-Xpon1GFEVN, hard ...)
- TODO: check
+ NOT-FOR-US: Nepstech Wifi Router
CVE-2024-37843 (Craft CMS up to v3.7.31 was discovered to contain a SQL injection vuln ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2024-37742 (An issue in Safe Exam Browser for Windows before 3.6 allows an attacke ...)
- TODO: check
+ NOT-FOR-US: Safe Exam Browser
CVE-2024-37141 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37140 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37139 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37138 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-36802
REJECTED
CVE-2024-35527 (An arbitrary file upload vulnerability in /fileupload/upload.cfm in Da ...)
@@ -85,35 +85,35 @@ CVE-2024-34400 (An issue was discovered in VirtoSoftware Virto Kanban Board Web
CVE-2024-30931 (Stored Cross Site Scripting vulnerability in Emby Media Server Emby Me ...)
TODO: check
CVE-2024-30112 (HCL Connections is vulnerable to a cross-site scripting attack where a ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-29954 (A vulnerability in a password management API in Brocade Fabric OS vers ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2024-29953 (A vulnerability in the web interface in Brocade Fabric OS before v9.2. ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2024-29177 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29176 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29175 (Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.4 ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29174 (Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1 ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29173 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28973 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28830 (Insertion of Sensitive Information into Log File in Checkmk GmbH's Che ...)
- TODO: check
+ - check-mk <removed>
CVE-2024-27867 (An authentication issue was addressed with improved state management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-24764 (October is a self-hosted CMS platform based on the Laravel PHP Framewo ...)
- TODO: check
+ NOT-FOR-US: October CMS
CVE-2024-21741 (GigaDevice GD32E103C8T6 devices have Incorrect Access Control.)
- TODO: check
+ NOT-FOR-US: GigaDevice
CVE-2024-21740 (Artery AT32F415CBT7 and AT32F421C8T7 devices have Incorrect Access Con ...)
- TODO: check
+ NOT-FOR-US: Artery AT32F415CBT7 and AT32F421C8T7 devices
CVE-2024-21739 (Geehy APM32F103CCT6, APM32F103RCT6, APM32F103RCT7, and APM32F103VCT6 d ...)
- TODO: check
+ NOT-FOR-US: Geehy
CVE-2024-21520 (Versions of the package djangorestframework before 3.15.2 are vulnerab ...)
TODO: check
CVE-2024-6308 (A vulnerability was found in itsourcecode Simple Online Hotel Reservat ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c79aabb832a5bdbff670b9d13a6fecb4e8f5423
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c79aabb832a5bdbff670b9d13a6fecb4e8f5423
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240626/5f245c7e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list