Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2c79aabb by Moritz Muehlenhoff at 2024-06-26T11:03:29+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,75 +1,75 @@
CVE-2024-6060 (An information disclosure vulnerability in Phloc Webscopes
7.0.0 allow ...)
- TODO: check
+ NOT-FOR-US: Phloc Webscopes
CVE-2024-5573 (The Easy Table of Contents WordPress plugin before 2.0.66 does
not san ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5473 (The Simple Photoswipe WordPress plugin through 0.1 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5460 (A vulnerability in the default configuration of the Simple
Network Ma ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2024-5332 (The Exclusive Addons for Elementor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5215 (The HT Mega \u2013 Absolute Addons For Elementor plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5199 (The Spotify Play Button WordPress plugin through 1.0 does not
validate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5181 (A command injection vulnerability exists in the mudler/localai
version ...)
- TODO: check
+ NOT-FOR-US: localai
CVE-2024-5173 (The HT Mega \u2013 Absolute Addons For Elementor plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5169 (The Video Widget WordPress plugin through 1.2.3 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5071 (The Bookster WordPress plugin through 1.1.0 allows adding
sensitive p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5019 (In WhatsUp Gold versions released before 2023.1.3, an
unauthenticated ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5018 (In WhatsUp Gold versions released before 2023.1.3, an
unauthenticated ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5017 (In WhatsUp Gold versions released before 2023.1.3, a path
traversal vu ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5016 (In WhatsUp Gold versions released before 2023.1.3, Distributed
Edition ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5015 (In WhatsUp Gold versions released before 2023.1.3,an
authenticated SSR ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5014 (In WhatsUp Gold versions released before 2023.1.3, a Server
Side Reque ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5013 (In WhatsUp Gold versions released before 2023.1.3,an
unauthenticated D ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-5012 (In WhatsUp Gold versions released before 2023.1.3, there is
amissing a ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2024-4959 (The Frontend Checklist WordPress plugin through 2.3.2 does not
sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4957 (The Frontend Checklist WordPress plugin through 2.3.2 does not
sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4869 (The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4758 (The Muslim Prayer Time BD WordPress plugin through 2.4 does not
have C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4106 (A vulnerability has been found in FAST/TOOLS and CI Server. The
affect ...)
- TODO: check
+ NOT-FOR-US: Yokogawa FAST/TOOLS
CVE-2024-4105 (A vulnerability has been found in FAST/TOOLS and CI Server. The
affect ...)
- TODO: check
+ NOT-FOR-US: Yokogawa FAST/TOOLS
CVE-2024-3633 (The WebP & SVG Support WordPress plugin through 1.4.0 does not
sanitis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38526 (pdoc provides API Documentation for Python Projects.
Documentation gen ...)
TODO: check
CVE-2024-38516 (ai-client-html is an Aimeos e-commerce HTML client component.
Debug in ...)
- TODO: check
+ NOT-FOR-US: ai-client-html
CVE-2024-38364 (DSpace is an open source software is a turnkey repository
application ...)
TODO: check
CVE-2024-37855 (An issue in Nepstech Wifi Router xpon (terminal)
NTPL-Xpon1GFEVN, hard ...)
- TODO: check
+ NOT-FOR-US: Nepstech Wifi Router
CVE-2024-37843 (Craft CMS up to v3.7.31 was discovered to contain a SQL
injection vuln ...)
- TODO: check
+ NOT-FOR-US: Craft CMS
CVE-2024-37742 (An issue in Safe Exam Browser for Windows before 3.6 allows an
attacke ...)
- TODO: check
+ NOT-FOR-US: Safe Exam Browser
CVE-2024-37141 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS
7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37140 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS
7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37139 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS
7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-37138 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS
7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-36802
REJECTED
CVE-2024-35527 (An arbitrary file upload vulnerability in
/fileupload/upload.cfm in Da ...)
@@ -85,35 +85,35 @@ CVE-2024-34400 (An issue was discovered in VirtoSoftware
Virto Kanban Board Web
CVE-2024-30931 (Stored Cross Site Scripting vulnerability in Emby Media Server
Emby Me ...)
TODO: check
CVE-2024-30112 (HCL Connections is vulnerable to a cross-site scripting attack
where a ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-29954 (A vulnerability in a password management API in Brocade Fabric
OS vers ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2024-29953 (A vulnerability in the web interface in Brocade Fabric OS
before v9.2. ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2024-29177 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS
7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29176 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS
7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29175 (Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS
7.7.5.4 ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29174 (Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30,
LTS 7.10.1 ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-29173 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS
7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28973 (Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS
7.10.1. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-28830 (Insertion of Sensitive Information into Log File in Checkmk
GmbH's Che ...)
- TODO: check
+ - check-mk <removed>
CVE-2024-27867 (An authentication issue was addressed with improved state
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-24764 (October is a self-hosted CMS platform based on the Laravel PHP
Framewo ...)
- TODO: check
+ NOT-FOR-US: October CMS
CVE-2024-21741 (GigaDevice GD32E103C8T6 devices have Incorrect Access Control.)
- TODO: check
+ NOT-FOR-US: GigaDevice
CVE-2024-21740 (Artery AT32F415CBT7 and AT32F421C8T7 devices have Incorrect
Access Con ...)
- TODO: check
+ NOT-FOR-US: Artery AT32F415CBT7 and AT32F421C8T7 devices
CVE-2024-21739 (Geehy APM32F103CCT6, APM32F103RCT6, APM32F103RCT7, and
APM32F103VCT6 d ...)
- TODO: check
+ NOT-FOR-US: Geehy
CVE-2024-21520 (Versions of the package djangorestframework before 3.15.2 are
vulnerab ...)
TODO: check
CVE-2024-6308 (A vulnerability was found in itsourcecode Simple Online Hotel
Reservat ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c79aabb832a5bdbff670b9d13a6fecb4e8f5423
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c79aabb832a5bdbff670b9d13a6fecb4e8f5423
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
