[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 17 May 2024 02:13:14 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b449683c by Salvatore Bonaccorso at 2024-05-17T10:48:36+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2024-4204 (The Bulk Posts Editing For WordPress plugin for WordPress is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3609 (The ReviewX \u2013 Multi-criteria Rating & Reviews for 
WooCommerce plu ...)
        TODO: check
 CVE-2024-3580 (The Popup4Phone WordPress plugin through 1.3.2 does not 
sanitise and e ...)
@@ -357,35 +357,35 @@ CVE-2024-4838 (The ConvertPlus plugin for WordPress is 
vulnerable to PHP Object
 CVE-2024-4826 (SQL injection vulnerability in Simple PHP Shopping Cart 
affecting vers ...)
        NOT-FOR-US: Simple PHP Shopping Cart
 CVE-2024-4760 (A voltage glitch during the startup of EEFC NVM controllers on 
Microch ...)
-       TODO: check
+       NOT-FOR-US: Microchip SAM E70/S70/V70/V71 microcontrollers
 CVE-2024-4733 (The ShiftController Employee Shift Scheduling plugin is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4642 (A Server-Side Request Forgery (SSRF) vulnerability exists in 
the wandb ...)
-       TODO: check
+       NOT-FOR-US: wandb
 CVE-2024-4635 (The Menu Icons by ThemeIsle plugin for WordPress is vulnerable 
to Stor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4634 (The Elementor Header & Footer Builder plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4617 (The Rank Math SEO with AI Best SEO Tools plugin for WordPress 
is vulne ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4609 (A vulnerability exists in the Rockwell Automation 
FactoryTalk\xae View ...)
-       TODO: check
+       NOT-FOR-US: Rockwell Automation
 CVE-2024-4580 (The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, 
Conditio ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4546 (The Custom Post Type Attachment plugin for WordPress is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4478 (The Happy Addons for Elementor plugin for WordPress is 
vulnerable to S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4400 (The Post and Page Builder by BoldGrid \u2013 Visual Drag and 
Drop Edit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4391 (The Happy Addons for Elementor plugin for WordPress is 
vulnerable to S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4385 (The Envo Extra plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4352 (The Tutor LMS Pro plugin for WordPress is vulnerable to 
unauthorized a ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4351 (The Tutor LMS Pro plugin for WordPress is vulnerable to 
unauthorized a ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4326 (A vulnerability in parisneo/lollms-webui versions up to 9.3 
allows rem ...)
        TODO: check
 CVE-2024-4322 (A path traversal vulnerability exists in the 
parisneo/lollms-webui app ...)
@@ -393,17 +393,17 @@ CVE-2024-4322 (A path traversal vulnerability exists in 
the parisneo/lollms-webu
 CVE-2024-4321 (A Local File Inclusion (LFI) vulnerability exists in the 
gaizhenbiao/c ...)
        TODO: check
 CVE-2024-4318 (The Tutor LMS plugin for WordPress is vulnerable to time-based 
SQL Inj ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4288 (The Appointment Booking Calendar \u2014 Simply Schedule 
Appointments B ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4279 (The Tutor LMS \u2013 eLearning and online course solution 
plugin for W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4263 (A broken access control vulnerability exists in mlflow/mlflow 
versions ...)
-       TODO: check
+       NOT-FOR-US: mlflow
 CVE-2024-4223 (The Tutor LMS plugin for WordPress is vulnerable to 
unauthorized acces ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4222 (The Tutor LMS Pro plugin for WordPress is vulnerable to 
unauthorized a ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4181 (A command injection vulnerability exists in the RunGptLLM class 
of the ...)
        TODO: check
 CVE-2024-4078 (A vulnerability in the parisneo/lollms, specifically in the 
`/unInstal ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b449683c577e035efe7a9feea0fc164278084346

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b449683c577e035efe7a9feea0fc164278084346
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to