[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Fri, 28 Jun 2024 03:20:32 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6f67210a by Moritz Muehlenhoff at 2024-06-28T12:19:51+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,93 +1,93 @@
 CVE-2024-6296 (The Stackable \u2013 Page Builder Gutenberg Blocks plugin for 
WordPres ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6288 (The Conversios \u2013 Google Analytics 4 (GA4), Meta Pixel & 
more Via  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6071 (PTC Creo Elements/Direct License Server exposes a web interface 
which  ...)
-       TODO: check
+       NOT-FOR-US: PTC Creo Elements/Direct License Server
 CVE-2024-5864 (The Easy Affiliate Links plugin for WordPress is vulnerable to 
unautho ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5863 (The Easy Image Collage plugin for WordPress is vulnerable to 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5796 (The Infinite theme for WordPress is vulnerable to Stored 
Cross-Site Sc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5788 (The Silesia theme for WordPress is vulnerable to Stored 
Cross-Site Scr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5730 (The Pagerank tools WordPress plugin through 1.1.5 does not 
sanitise an ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5729 (The Simple AL Slider WordPress plugin through 1.2.10 does not 
sanitise ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5728 (The Animated AL List WordPress plugin through 1.0.6 does not 
sanitise  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5727 (The Widget4Call WordPress plugin through 1.0.7 does not 
sanitise and e ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5642 (CPython 3.9 and earlier doesn't disallow configuring an empty 
list ("[ ...)
        TODO: check
 CVE-2024-5570 (The Simple Photoswipe WordPress plugin through 0.1 does not 
have autho ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4395 (The XPC service within the audit functionality of Jamf 
Compliance Edit ...)
-       TODO: check
+       NOT-FOR-US: Jamf
 CVE-2024-39708 (An issue was discovered in the Agent in Delinea Privilege 
Manager (for ...)
-       TODO: check
+       NOT-FOR-US: Delinea Privilege Manager
 CVE-2024-39705 (NLTK through 3.8.1 allows remote code execution if untrusted 
packages  ...)
        TODO: check
 CVE-2024-39352 (A vulnerability regarding incorrect authorization is found in 
the firm ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-39351 (A vulnerability regarding improper neutralization of special 
elements  ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-39350 (A vulnerability regarding authentication bypass by spoofing is 
found i ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-39349 (A vulnerability regarding buffer copy without checking size of 
input ( ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-39348 (Download of code without integrity check vulnerability in 
AirPrint fun ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-39347 (Incorrect default permissions vulnerability in firewall 
functionality  ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2024-39209 (luci-app-sms-tool v1.9-6 was discovered to contain a command 
injection ...)
-       TODO: check
+       NOT-FOR-US: luci-app-sms-tool
 CVE-2024-39134 (A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 
allows attac ...)
        TODO: check
 CVE-2024-39132 (A NULL Pointer Dereference vulnerability in DumpTS 
v0.1.0-nightly allo ...)
-       TODO: check
+       NOT-FOR-US: DumpTS
 CVE-2024-37282 (It was identified that under certain specific preconditions, 
an API ke ...)
-       TODO: check
+       NOT-FOR-US: Elastic Cloud
 CVE-2024-37137 (Dell Key Trust Platform, v3.0.6 and prior, contains Use of a 
Cryptogra ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2024-36755 (D-Link DIR-1950 up to v1.11B03 does not validate SSL 
certificates when ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2024-36075 (Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys 
Unify thr ...)
-       TODO: check
+       NOT-FOR-US: CoSoSys
 CVE-2024-36074 (Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys 
Unify thr ...)
-       TODO: check
+       NOT-FOR-US: CoSoSys
 CVE-2024-36073 (Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys 
Unify thr ...)
-       TODO: check
+       NOT-FOR-US: CoSoSys
 CVE-2024-36072 (Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys 
Unify thr ...)
-       TODO: check
+       NOT-FOR-US: CoSoSys
 CVE-2024-36059 (Directory Traversal vulnerability in Kalkitech ASE ASE61850 
IEDSmart u ...)
-       TODO: check
+       NOT-FOR-US: Kalkitech ASE
 CVE-2024-30135 (HCL DRYiCE AEX is potentially impacted by disclosure of 
sensitive info ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2024-30111 (HCL DRYiCE AEX product is impacted by Missing Root Detection 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2024-30110 (HCL DRYiCE AEX product is impacted by lack of input validation 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2024-30109 (HCL DRYiCE AEX is impacted by a lack of clickjacking 
protection in the ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2024-2973 (An Authentication Bypass Using an Alternate Path or Channel 
vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: Juniper
 CVE-2024-2795 (The SEO SIMPLE PACK plugin for WordPress is vulnerable to 
Information  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-22276 (VMware Cloud Director Object Storage Extension contains an 
Insertion o ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2024-22272 (VMware Cloud Director contains an Improper Privilege 
Management vulner ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2024-22260 (VMware Workspace One UEM update addresses an information 
exposure vuln ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2023-52892 (In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 
3.0.33,  ...)
        TODO: check
 CVE-2023-47803 (A vulnerability regarding improper limitation of a pathname to 
a restr ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2023-47802 (A vulnerability regarding improper neutralization of special 
elements  ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2016-20022 (In the Linux kernel before 4.8, usb_parse_endpoint in 
drivers/usb/core ...)
        TODO: check
 CVE-2024-6388 (Marco Trevisan discovered that the Ubuntu Advantage Desktop 
Daemon, be ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f67210a8d86cf2c174b25490bcceab80ebb0436

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f67210a8d86cf2c174b25490bcceab80ebb0436
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to