[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sat Oct 26 23:44:01 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a3824139 by Moritz Muehlenhoff at 2024-10-27T00:43:39+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
 CVE-2024-9967 (The WP show more plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9853 (The ID-SK Toolkit plugin for WordPress is vulnerable to Stored Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9772 (The The Uix Shortcodes \u2013 Compatible with Gutenberg plugin for Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9642 (The Editor Custom Color Palette plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9637 (The School Management System \u2013 WPSchoolPress plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9501 (The Wp Social Login and Register Social Counter plugin for WordPress i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9116 (The Monkee-Boy Essentials plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8392 (The WordPress Post Grid Layouts with Pagination \u2013 Sogrid plugin f ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10402 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10357 (The Clever Addons for Elementor plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10117 (The WP Crowdfunding plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0128 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-0127 (NVIDIA vGPU software contains a vulnerability in the GPU kernel driver ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-9933 (The WatchTowerHQ plugin for WordPress is vulnerable to authentication  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-9932 (The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary fi ...)
@@ -61,11 +61,11 @@ CVE-2024-48236 (An issue in ofcms 1.1.2 allows a remote attacker to execute arbi
 CVE-2024-48235 (An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary  ...)
 	NOT-FOR-US: ofcms
 CVE-2024-48234 (An issue was discovered in mipjz 5.0.5. In the push method of app\tag\ ...)
-	TODO: check
+	NOT-FOR-US: mipjz
 CVE-2024-48233 (mipjz 5.0.5 is vulnerable to Cross Site Scripting (XSS) in \app\settin ...)
-	TODO: check
+	NOT-FOR-US: mipjz
 CVE-2024-48232 (An issue was found in mipjz 5.0.5. In the mipPost method of \app\setti ...)
-	TODO: check
+	NOT-FOR-US: mipjz
 CVE-2024-48230 (funadmin 5.0.2 is vulnerable to SQL Injection via the parentField para ...)
 	NOT-FOR-US: funadmin
 CVE-2024-48229 (funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click ...)
@@ -87,21 +87,21 @@ CVE-2024-48222 (Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table
 CVE-2024-48218 (Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.)
 	NOT-FOR-US: funadmin
 CVE-2024-47821 (pyLoad is a free and open-source Download Manager. The folder `/.pyloa ...)
-	TODO: check
+	- pyload <itp> (bug #1001980)
 CVE-2024-10092 (The Download Monitor plugin for WordPress is vulnerable to unauthorize ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10091 (The ElementsKit Elementor addons plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0121 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-0120 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-0119 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-0118 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-0117 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-9991 (This vulnerability exists in Philips lighting devices due to storage o ...)
 	NOT-FOR-US: Philips lighting devices
 CVE-2024-9585 (The Image Map Pro plugin for WordPress is vulnerable to Stored Cross-S ...)
@@ -221,19 +221,19 @@ CVE-2024-44099 (There is a possible Local bypass of user interaction due to an i
 CVE-2024-44098 (In lwis_device_event_states_clear_locked of lwis_event.c, there is a p ...)
 	NOT-FOR-US: Android
 CVE-2024-37847 (An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Man ...)
-	TODO: check
+	NOT-FOR-US: MangoOS
 CVE-2024-37846 (MangoOS before 5.2.0 was discovered to contain a Client-Side Template  ...)
-	TODO: check
+	NOT-FOR-US: MangoOS
 CVE-2024-37845 (MangoOS before 5.2.0 was discovered to contain an authenticated remote ...)
-	TODO: check
+	NOT-FOR-US: MangoOS
 CVE-2024-37844 (A stored cross-site scripting (XSS) vulnerability in MangoOS before 5. ...)
-	TODO: check
+	NOT-FOR-US: MangoOS
 CVE-2024-10387 (CVE-2024-10387 IMPACT    A Denial-of-Service vulnerability exists in t ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2024-10386 (CVE-2024-10386 IMPACT    An authentication vulnerability exists in the ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2024-10381 (This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ du ...)
-	TODO: check
+	NOT-FOR-US: Matrix Door Controller Cosec Vega FAXQ
 CVE-2024-10380 (A vulnerability, which was classified as critical, has been found in S ...)
 	NOT-FOR-US: SourceCodester Petrol Pump Management Software
 CVE-2024-10379 (A vulnerability classified as problematic was found in ESAFENET CDG 5. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3824139cb55fb6b9b6349949ca8afc1f88fb17a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3824139cb55fb6b9b6349949ca8afc1f88fb17a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/8af0368f/attachment.htm>

More information about the debian-security-tracker-commits mailing list