[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jun 28 11:20:24 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6f67210a by Moritz Muehlenhoff at 2024-06-28T12:19:51+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,93 +1,93 @@
CVE-2024-6296 (The Stackable \u2013 Page Builder Gutenberg Blocks plugin for WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6288 (The Conversios \u2013 Google Analytics 4 (GA4), Meta Pixel & more Via ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6071 (PTC Creo Elements/Direct License Server exposes a web interface which ...)
- TODO: check
+ NOT-FOR-US: PTC Creo Elements/Direct License Server
CVE-2024-5864 (The Easy Affiliate Links plugin for WordPress is vulnerable to unautho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5863 (The Easy Image Collage plugin for WordPress is vulnerable to unauthori ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5796 (The Infinite theme for WordPress is vulnerable to Stored Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5788 (The Silesia theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5730 (The Pagerank tools WordPress plugin through 1.1.5 does not sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5729 (The Simple AL Slider WordPress plugin through 1.2.10 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5728 (The Animated AL List WordPress plugin through 1.0.6 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5727 (The Widget4Call WordPress plugin through 1.0.7 does not sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5642 (CPython 3.9 and earlier doesn't disallow configuring an empty list ("[ ...)
TODO: check
CVE-2024-5570 (The Simple Photoswipe WordPress plugin through 0.1 does not have autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4395 (The XPC service within the audit functionality of Jamf Compliance Edit ...)
- TODO: check
+ NOT-FOR-US: Jamf
CVE-2024-39708 (An issue was discovered in the Agent in Delinea Privilege Manager (for ...)
- TODO: check
+ NOT-FOR-US: Delinea Privilege Manager
CVE-2024-39705 (NLTK through 3.8.1 allows remote code execution if untrusted packages ...)
TODO: check
CVE-2024-39352 (A vulnerability regarding incorrect authorization is found in the firm ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-39351 (A vulnerability regarding improper neutralization of special elements ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-39350 (A vulnerability regarding authentication bypass by spoofing is found i ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-39349 (A vulnerability regarding buffer copy without checking size of input ( ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-39348 (Download of code without integrity check vulnerability in AirPrint fun ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-39347 (Incorrect default permissions vulnerability in firewall functionality ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2024-39209 (luci-app-sms-tool v1.9-6 was discovered to contain a command injection ...)
- TODO: check
+ NOT-FOR-US: luci-app-sms-tool
CVE-2024-39134 (A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attac ...)
TODO: check
CVE-2024-39132 (A NULL Pointer Dereference vulnerability in DumpTS v0.1.0-nightly allo ...)
- TODO: check
+ NOT-FOR-US: DumpTS
CVE-2024-37282 (It was identified that under certain specific preconditions, an API ke ...)
- TODO: check
+ NOT-FOR-US: Elastic Cloud
CVE-2024-37137 (Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptogra ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-36755 (D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-36075 (Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify thr ...)
- TODO: check
+ NOT-FOR-US: CoSoSys
CVE-2024-36074 (Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify thr ...)
- TODO: check
+ NOT-FOR-US: CoSoSys
CVE-2024-36073 (Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify thr ...)
- TODO: check
+ NOT-FOR-US: CoSoSys
CVE-2024-36072 (Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify thr ...)
- TODO: check
+ NOT-FOR-US: CoSoSys
CVE-2024-36059 (Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart u ...)
- TODO: check
+ NOT-FOR-US: Kalkitech ASE
CVE-2024-30135 (HCL DRYiCE AEX is potentially impacted by disclosure of sensitive info ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-30111 (HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerabi ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-30110 (HCL DRYiCE AEX product is impacted by lack of input validation vulnera ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-30109 (HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-2973 (An Authentication Bypass Using an Alternate Path or Channel vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2024-2795 (The SEO SIMPLE PACK plugin for WordPress is vulnerable to Information ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-22276 (VMware Cloud Director Object Storage Extension contains an Insertion o ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2024-22272 (VMware Cloud Director contains an Improper Privilege Management vulner ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2024-22260 (VMware Workspace One UEM update addresses an information exposure vuln ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-52892 (In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, ...)
TODO: check
CVE-2023-47803 (A vulnerability regarding improper limitation of a pathname to a restr ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2023-47802 (A vulnerability regarding improper neutralization of special elements ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2016-20022 (In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core ...)
TODO: check
CVE-2024-6388 (Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, be ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f67210a8d86cf2c174b25490bcceab80ebb0436
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f67210a8d86cf2c174b25490bcceab80ebb0436
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240628/407819a0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list