Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f11faf45 by Salvatore Bonaccorso at 2024-06-19T10:30:54+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2024-6146 (Actiontec WCB6200Q uh_get_postdata_withupload Stack-based
Buffer Overf ...)
- TODO: check
+ NOT-FOR-US: Actiontec WCB6200Q
CVE-2024-6145 (Actiontec WCB6200Q Cookie Format String Remote Code Execution
Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Actiontec WCB6200Q
CVE-2024-6144 (Actiontec WCB6200Q Multipart Boundary Stack-based Buffer
Overflow Remo ...)
- TODO: check
+ NOT-FOR-US: Actiontec WCB6200Q
CVE-2024-6143 (Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote
Code Exec ...)
- TODO: check
+ NOT-FOR-US: Actiontec WCB6200Q
CVE-2024-6142 (Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote
Code Exe ...)
- TODO: check
+ NOT-FOR-US: Actiontec WCB6200Q
CVE-2024-6132 (The Pexels: Free Stock Photos plugin for WordPress is
vulnerable to ar ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6129 (A vulnerability, which was classified as problematic, was found
in spa ...)
@@ -33,49 +33,49 @@ CVE-2024-5343 (The Photo Gallery, Images, Slider in Rbs
Image Gallery plugin for
CVE-2024-5208 (An uncontrolled resource consumption vulnerability exists in
the `uplo ...)
TODO: check
CVE-2024-5021 (The WordPress Picture / Portfolio / Media Gallery plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4873 (The Replace Image plugin for WordPress is vulnerable to
Insecure Direc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4787 (The Cost Calculator Builder PRO for WordPress is vulnerable to
arbitra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4663 (The OSM Map Widget for Elementor plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4623 (The Blogmentor \u2013 Blog Layouts for Elementor plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4541 (The Custom Product List Table plugin for WordPress is
vulnerable to Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4450 (The AliExpress Dropshipping with AliNext Lite plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3984 (The EmbedSocial \u2013 Social Media Feeds, Reviews and
Galleries plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3894 (The Photo Gallery, Images, Slider in Rbs Image Gallery plugin
for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3229 (The Salon booking system plugin for WordPress is vulnerable to
arbitra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37881 (SiteGuard WP Plugin provides a functionality to customize the
path to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37387 (Use of potentially dangerous function issue exists in Ricoh
Streamline ...)
- TODO: check
+ NOT-FOR-US: Ricoh
CVE-2024-37124 (Use of potentially dangerous function issue exists in Ricoh
Streamline ...)
- TODO: check
+ NOT-FOR-US: Ricoh
CVE-2024-36978 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/affc18fdc694190ca7575b9a86632a73b9fe043d (6.10-rc3)
CVE-2024-36480 (Use of hard-coded credentials issue exists in Ricoh Streamline
NX PC C ...)
- TODO: check
+ NOT-FOR-US: Ricoh
CVE-2024-36252 (Improper restriction of communication channel to intended
endpoints is ...)
- TODO: check
+ NOT-FOR-US: Ricoh
CVE-2024-35298 (Improper authorization in handler for custom URL scheme issue
in 'ZOZO ...)
TODO: check
CVE-2024-2381 (The AliExpress Dropshipping with AliNext Lite plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1407 (The Paid Memberships Pro \u2013 Content Restriction, User
Registration ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0789 (The WP Maintenance plugin for WordPress is vulnerable to IP
Address Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6692 (The Ultimate Blocks \u2013 WordPress Blocks Plugin plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6116 (A vulnerability, which was classified as critical, has been
found in i ...)
NOT-FOR-US: itsourcecode Simple Online Hotel Reservation System
CVE-2024-6115 (A vulnerability classified as critical was found in
itsourcecode Simpl ...)
@@ -102,7 +102,7 @@ CVE-2024-5899 (When Bazel Plugin in intellij imports a
project (either using "im
CVE-2024-5750
REJECTED
CVE-2024-5275 (A hard-coded password in the FileCatalyst TransferAgent can be
found w ...)
- TODO: check
+ NOT-FOR-US: FileCatalyst TransferAgent
CVE-2024-38507 (In JetBrains Hub before 2024.2.34646 stored XSS via project
descriptio ...)
NOT-FOR-US: JetBrains Hub
CVE-2024-38506 (In JetBrains YouTrack before 2024.2.34646 user without
appropriate per ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f11faf457a6a86dc8f9cbf53ca0a1e724531506a
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f11faf457a6a86dc8f9cbf53ca0a1e724531506a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
