[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Oct 1 10:48:07 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
982a3fcd by Moritz Muehlenhoff at 2024-10-01T11:47:50+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,63 +15,63 @@ CVE-2024-9269 (The Relogo plugin for WordPress is vulnerable to Stored Cross-Sit
 CVE-2024-9267 (The Easy WordPress Subscribe \u2013 Optin Hound plugin for WordPress i ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-9194 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Octopus Server
 CVE-2024-9145 (Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 an ...)
-	TODO: check
+	NOT-FOR-US: Visual Studio Code extension
 CVE-2024-9119 (The SVG Complete plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9108 (The Wechat Social login plugin for WordPress is vulnerable to arbitrar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9106 (The Wechat Social login plugin for WordPress is vulnerable to authenti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8990 (The Geo Mashup plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8989 (The Free Responsive Testimonials, Social Proof Reviews, and Customer R ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8981 (The Broken Link Checker plugin for WordPress is vulnerable to Reflecte ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8728 (The Easy Load More plugin for WordPress is vulnerable to Reflected Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8727 (The DK PDF plugin for WordPress is vulnerable to Reflected Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8720 (The RumbleTalk Live Group Chat \u2013 HTML5 plugin for WordPress is vu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8718 (The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflec ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8675 (The Soumettre.fr plugin for WordPress is vulnerable to unauthorized mo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8632 (The KB Support \u2013 WordPress Help Desk and Knowledge Base plugin fo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8548 (The KB Support \u2013 WordPress Help Desk and Knowledge Base plugin fo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8107 (The Slider Revolution plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7869 (The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7675 (A maliciously crafted DWF file, when parsed in w3dtk.dll through Autod ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2024-7674 (A maliciously crafted DWF file, when parsed in dwfcore.dll through Aut ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2024-7673 (A maliciously crafted DWFX file, when parsed in w3dtk.dll through Auto ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2024-7672 (A maliciously crafted DWF file, when parsed in dwfcore.dll through Aut ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2024-7671 (A maliciously crafted DWFX file, when parsed in dwfcore.dll through Au ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2024-7670 (A maliciously crafted DWFX file, when parsed in w3dtk.dll through Auto ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2024-7434 (The UltraPress theme for WordPress is vulnerable to PHP Object Injecti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7433 (The Empowerment theme for WordPress is vulnerable to PHP Object Inject ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7432 (The Unseen Blog theme for WordPress is vulnerable to PHP Object Inject ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-47560 (RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect author ...)
-	TODO: check
+	NOT-FOR-US: RevoWorks Cloud Client
 CVE-2024-47396 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	TODO: check
 CVE-2024-47295 (Insecure initial password configuration issue in SEIKO EPSON Web Confi ...)
-	TODO: check
+	NOT-FOR-US: EIKO
 CVE-2024-46503 (An issue in the _readFileSync function of Simple-Spellchecker v1.0.2 a ...)
 	TODO: check
 CVE-2024-45073 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored c ...)
@@ -85,7 +85,7 @@ CVE-2024-21531 (All versions of the package git-shallow-clone are vulnerable to
 CVE-2024-21489 (Versions of the package uplot before 1.6.31 are vulnerable to Prototyp ...)
 	TODO: check
 CVE-2024-0116 (NVIDIA Triton Inference Server contains a vulnerability where a user m ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-9355
 	NOT-FOR-US: golang-fips
 CVE-2024-9158 (A stored cross site scripting vulnerability exists in Nessus Network M ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/982a3fcd559a3400cdfa883b42166d2b13b88f8c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/982a3fcd559a3400cdfa883b42166d2b13b88f8c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241001/75d6d3db/attachment.htm>

More information about the debian-security-tracker-commits mailing list