[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Jun 27 11:00:02 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
80df5983 by Moritz Muehlenhoff at 2024-06-27T11:37:59+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
 CVE-2024-6355 (A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522  ...)
-	TODO: check
+	NOT-FOR-US: Genexis Tilgin Fiber Home Gateway
 CVE-2024-6323 (Improper authorization in global search in GitLab EE affecting all ver ...)
 	TODO: check
 CVE-2024-6283 (The DethemeKit For Elementor plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6054 (The Auto Featured Image plugin for WordPress is vulnerable to arbitrar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5655 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
 	TODO: check
 CVE-2024-5601 (The Create by Mediavine plugin for WordPress is vulnerable to Stored C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5430 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
 	TODO: check
 CVE-2024-5289 (The Gutenberg Blocks with AI by Kadence WP \u2013 Page Builder Feature ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4901 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
 	TODO: check
 CVE-2024-4704 (The Contact Form 7 WordPress plugin before 5.9.5 has an open redirect  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4664 (The WP Chat App WordPress plugin before 3.6.5 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4570 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4569 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4557 (Multiple Denial of Service (DoS) conditions has been discovered in Git ...)
 	TODO: check
 CVE-2024-4011 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
@@ -33,43 +33,43 @@ CVE-2024-3959 (An issue was discovered in GitLab CE/EE affecting all versions st
 CVE-2024-3115 (An issue was discovered in GitLab EE affecting all versions starting f ...)
 	TODO: check
 CVE-2024-3111 (The Interactive Content  WordPress plugin before 1.15.8 does not valid ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37734 (An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privile ...)
-	TODO: check
+	NOT-FOR-US: OpenEMR
 CVE-2024-37571 (Buffer Overflow vulnerability in SAS Broker 9.2 build 1495 allows atta ...)
-	TODO: check
+	NOT-FOR-US: SAS Broker
 CVE-2024-37248 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37247 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-36829 (Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers ...)
-	TODO: check
+	NOT-FOR-US: Teldat M1
 CVE-2024-2191 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
 	TODO: check
 CVE-2024-28984 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 10 ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2024-28983 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 10 ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2024-28982 (Hitachi Vantara Pentaho Business Analytics Server versions before 10.1 ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2024-23767 (An issue was discovered on HMS Anybus X-Gateway AB7832-F firmware vers ...)
-	TODO: check
+	NOT-FOR-US: HMS Anybus X-Gateway AB7832-F
 CVE-2024-23766 (An issue was discovered on HMS Anybus X-Gateway AB7832-F 3 devices. Th ...)
-	TODO: check
+	NOT-FOR-US: HMS Anybus X-Gateway AB7832-F
 CVE-2024-23765 (An issue was discovered on HMS Anybus X-Gateway AB7832-F 3 devices. Th ...)
-	TODO: check
+	NOT-FOR-US: HMS Anybus X-Gateway AB7832-F
 CVE-2024-22232 (A specially crafted url can be created which leads to a directory trav ...)
 	TODO: check
 CVE-2024-22231 (Syndic cache directory creation is vulnerable to a directory traversal ...)
 	TODO: check
 CVE-2024-1839 (Intrado 911 Emergency Gateway login form is vulnerable to an unauthent ...)
-	TODO: check
+	NOT-FOR-US: Intrado 911 Emergency Gateway
 CVE-2024-1816 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
 	TODO: check
 CVE-2024-1493 (An issue was discovered in GitLab CE/EE affecting all versions startin ...)
 	TODO: check
 CVE-2024-1330 (The kadence-blocks-pro WordPress plugin before 2.3.8 does not prevent  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-XXXX [RUSTSEC-2024-0345]
 	- rust-sequoia-openpgp <unfixed> (bug #1074352)
 	[bookworm] - rust-sequoia-openpgp <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80df5983a5827d2800fd5a8cfecfc4ac86f40a5a

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80df5983a5827d2800fd5a8cfecfc4ac86f40a5a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240627/7c21d391/attachment.htm>

More information about the debian-security-tracker-commits mailing list