[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2aefba91 by Salvatore Bonaccorso at 2024-06-22T10:38:33+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,47 +1,47 @@
 CVE-2024-6120 (The Sparkle Demo Importer plugin for WordPress is vulnerable to 
unauth ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5966 (The Grey Opaque theme for WordPress is vulnerable to Stored 
Cross-Site ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-5965 (The Mosaic theme for WordPress is vulnerable to Stored 
Cross-Site Scri ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-5791 (The Online Booking & Scheduling Calendar for WordPress by vcita 
plugin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5596 (The ARMember Premium plugin for WordPress is vulnerable to 
Cross-Site  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5346 (The Flatsome theme for WordPress is vulnerable to Stored 
Cross-Site Sc ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-4940 (An open redirect vulnerability exists in the gradio-app/gradio, 
affect ...)
-       TODO: check
+       NOT-FOR-US: Gradio
 CVE-2024-4874 (The Bricks Builder plugin for WordPress is vulnerable to 
Insecure Dire ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4313 (The Table Addons for Elementor plugin for WordPress is 
vulnerable to S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3593 (The UberMenu plugin for WordPress is vulnerable to Cross-Site 
Request  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37694 (ArcGIS Enterprise Server 10.8.0 allows a remote attacker to 
obtain sen ...)
-       TODO: check
+       NOT-FOR-US: ArcGIS Enterprise Server
 CVE-2024-37654 (An issue in BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, 
AV-01KD, AV-01B ...)
-       TODO: check
+       NOT-FOR-US: BAS-IP
 CVE-2024-36532 (Insecure permissions in kruise v1.6.2 allows attackers to 
access sensi ...)
        TODO: check
 CVE-2024-34989 (In the module RSI PDF/HTML catalog evolution (prestapdf) <= 
7.0.0 from ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop module
 CVE-2024-34452 (CMSimple_XH 1.7.6 allows XSS by uploading a crafted SVG 
document.)
-       TODO: check
+       NOT-FOR-US: CMSimple_XH
 CVE-2024-2484 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable 
to Store ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-21519 (This affects versions of the package opencart/opencart from 
4.0.0.0. A ...)
-       TODO: check
+       NOT-FOR-US: OpenCart
 CVE-2024-21518 (This affects versions of the package opencart/opencart from 
4.0.0.0. A ...)
-       TODO: check
+       NOT-FOR-US: OpenCart
 CVE-2024-21517 (This affects versions of the package opencart/opencart from 
4.0.0.0. A ...)
-       TODO: check
+       NOT-FOR-US: OpenCart
 CVE-2024-21516 (This affects versions of the package opencart/opencart from 
4.0.0.0. A ...)
-       TODO: check
+       NOT-FOR-US: OpenCart
 CVE-2024-21515 (This affects versions of the package opencart/opencart from 
4.0.0.0. A ...)
-       TODO: check
+       NOT-FOR-US: OpenCart
 CVE-2024-21514 (This affects versions of the package opencart/opencart from 
0.0.0. An  ...)
-       TODO: check
+       NOT-FOR-US: OpenCart
 CVE-2024-6241 (A vulnerability was found in Pear Admin Boot up to 2.0.2 and 
classifie ...)
        NOT-FOR-US: Pear Admin Boot
 CVE-2024-6240 (Improper privilege management vulnerability in Parallels 
Desktop Softw ...)
@@ -571253,7 +571253,7 @@ CVE-2014-8770 (Unrestricted file upload vulnerability 
in magmi/web/magmi.php in
 CVE-2012-6665 (Directory traversal vulnerability in index.php in phpMoneyBooks 
1.0.4  ...)
        NOT-FOR-US: phpMoneyBooks
 CVE-2012-6664 (Multiple directory traversal vulnerabilities in the TFTP Server 
in Dis ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2012-6663 (General Electric D20ME devices are not properly configured and 
reveal  ...)
        NOT-FOR-US: General Electric D20ME devices
 CVE-2014-8988 (MantisBT before 1.2.18 allows remote authenticated users to 
bypass the ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aefba91d435ab8ae37960efc9c472b942c2dcb8

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aefba91d435ab8ae37960efc9c472b942c2dcb8
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits