[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Tue, 04 Jun 2024 01:52:28 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8b15d75e by Moritz Muehlenhoff at 2024-06-04T10:51:28+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,121 +1,121 @@
 CVE-2024-5485 (The SureTriggers \u2013 Connect All Your Plugins, Apps, Tools & 
Automa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5422 (An uncontrolled resource consumption of file descriptors in SEH 
Comput ...)
-       TODO: check
+       NOT-FOR-US: SEH Computertechnik utnserver
 CVE-2024-5421 (Missing input validation and OS command integration of the 
input in th ...)
-       TODO: check
+       NOT-FOR-US: SEH Computertechnik utnserver
 CVE-2024-5420 (Missing input validation in theSEH Computertechnik utnserver 
Pro, SEH  ...)
-       TODO: check
+       NOT-FOR-US: SEH Computertechnik utnserver
 CVE-2024-4997 (The WPUpper Share Buttons plugin for WordPress is vulnerable to 
unauth ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4870 (The Frontend Registration \u2013 Contact Form 7 plugin for 
WordPress i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4857 (The FS Product Inquiry WordPress plugin through 1.1.1 does not 
sanitis ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4856 (The FS Product Inquiry WordPress plugin through 1.1.1 does not 
sanitis ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4750 (The buddyboss-platform WordPress plugin before 2.6.0 contains 
an IDOR  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4749 (The wp-eMember WordPress plugin before 10.3.9 does not sanitize 
and es ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4697 (The Cowidgets \u2013 Elementor Addons plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4552 (The Social Login Lite For WooCommerce plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4462 (The Nafeza Prayer Time plugin for WordPress is vulnerable to 
Stored Cr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4274 (The Essential Real Estate plugin for WordPress is vulnerable to 
unauth ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4273 (The Essential Real Estate plugin for WordPress is vulnerable to 
Stored ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4253 (A command injection vulnerability exists in the 
gradio-app/gradio repo ...)
        TODO: check
 CVE-2024-4180 (The Events Calendar WordPress plugin before 6.4.0.1 does not 
properly  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4057 (The Gutenberg Blocks with AI by Kadence WP  WordPress plugin 
before 3. ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3888 (The tagDiv Composer plugin for WordPress is vulnerable to 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3555 (The Social Link Pages: link-in-bio landing pages for your 
social media ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3230 (The Download Attachments plugin for WordPress is vulnerable to 
Stored  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3031 (The Fluid Notification Bar plugin for WordPress is vulnerable 
to Store ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-36782 (TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a 
hardcoded  ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-2470 (The Simple Ajax Chat  WordPress plugin before 20240412 does not 
saniti ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-2382 (The Authorize.net Payment Gateway For WooCommerce plugin for 
WordPress ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-2019 (The WP-DB-Table-Editor plugin for WordPress is vulnerable to 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-29976 (** UNSUPPORTED WHEN ASSIGNED ** The improper privilege 
management vuln ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2024-29975 (** UNSUPPORTED WHEN ASSIGNED ** The improper privilege 
management vuln ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2024-29974 (** UNSUPPORTED WHEN ASSIGNED ** The remote code execution 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2024-29973 (** UNSUPPORTED WHEN ASSIGNED ** The command injection 
vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2024-29972 (** UNSUPPORTED WHEN ASSIGNED ** The command injection 
vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2024-20887 (Arbitrary directory creation in GalaxyBudsManager PC prior to 
version  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20886 (Arbitrary directory creation in Samsung Live Wallpaper PC 
prior to ver ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20885 (Improper component protection vulnerability in Samsung Dialer 
prior to ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20884 (Incorrect use of privileged API vulnerability in 
getSemBatteryUsageSta ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20883 (Incorrect use of privileged API vulnerability in 
registerBatteryStatsC ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20882 (Out-of-bounds read vulnerability in bootloader prior to SMR 
June-2024  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20881 (Improper input validation vulnerability in chnactiv TA prior 
to SMR Ju ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20880 (Stack-based buffer overflow vulnerability in bootloader prior 
to SMR J ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20879 (Improper input validation vulnerability in libsavscmn.so prior 
to SMR  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20878 (Heap out-of-bound write vulnerability in parsing grid image in 
libsavs ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20877 (Heap out-of-bound write vulnerability in parsing grid image 
header in  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20876 (Improper input validation in libsheifdecadapter.so prior to 
SMR Jun-20 ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20875 (Improper caller verification vulnerability in SemClipboard 
prior to SM ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20874 (Improper access control vulnerability in SmartManagerCN prior 
to SMR J ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20873 (Improper input validation vulnerability in caminfo driver 
prior to SMR ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-1718 (The Claudio Sanches \u2013 Checkout Cielo for WooCommerce 
plugin for W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1717 (The Admin Notices Manager plugin for WordPress is vulnerable to 
unauth ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0757 (The Insert or Embed Articulate Content into WordPress plugin 
through 4 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-44235 (Improper Restriction of Excessive Authentication Attempts 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-41134 (Authentication Bypass by Spoofing vulnerability in 
pluginkollektiv Ant ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40673 (: Improper Control of Interaction Frequency vulnerability in 
cartpauj  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40557 (Improper Neutralization of Script-Related HTML Tags in a Web 
Page (Bas ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-40332 (Improper Control of Interaction Frequency vulnerability in 
Lester \u20 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-39161 (Improper Neutralization of Script-Related HTML Tags in a Web 
Page (Bas ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38520 (External Control of Assumed-Immutable Web Parameter 
vulnerability in P ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37865 (Authentication Bypass by Spoofing vulnerability in IP2Location 
Downloa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34001 (Improper Restriction of Excessive Authentication Attempts 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-33930 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Unlim ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5404 (An unauthenticated remote attackercan change the admin password 
in amo ...)
        NOT-FOR-US: ifm electronic GmbH
 CVE-2024-5388



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b15d75efe64c4922ff2b75a335e63fdff2ff016

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b15d75efe64c4922ff2b75a335e63fdff2ff016
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to