Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c4356745 by Salvatore Bonaccorso at 2024-07-04T22:54:36+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,49 +1,49 @@
CVE-2024-6513
REJECTED
CVE-2024-6511 (A vulnerability classified as problematic was found in
y_project RuoYi ...)
- TODO: check
+ NOT-FOR-US: y_project RuoYi
CVE-2024-6507 (Command injection when ingesting a remote Kaggle dataset due to
a lack ...)
- TODO: check
+ NOT-FOR-US: deeplake
CVE-2024-6506 (Information exposure vulnerability in the MRW plugin, in
its5.4.3 vers ...)
- TODO: check
+ NOT-FOR-US: MRW plugin
CVE-2024-6434 (The Premium Addons for Elementor plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6319 (The IMGspider plugin for WordPress is vulnerable to arbitrary
file upl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6318 (The IMGspider plugin for WordPress is vulnerable to arbitrary
file upl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5943 (The Nested Pages plugin for WordPress is vulnerable to
Cross-Site Requ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3904 (Incorrect Default Permissions vulnerability in Smart Device
Communicat ...)
- TODO: check
+ NOT-FOR-US: Smart Device Communication Gateway on MELIPC Series
MI5122-VW firmware
CVE-2024-39934 (Robotmk before 2.0.1 allows a local user to escalate
privileges (e.g., ...)
- TODO: check
+ NOT-FOR-US: Robotmk
CVE-2024-39933 (Gogs through 0.13.0 allows argument injection during the
tagging of a ...)
- TODO: check
+ NOT-FOR-US: Go Git Service
CVE-2024-39932 (Gogs through 0.13.0 allows argument injection during the
previewing of ...)
- TODO: check
+ NOT-FOR-US: Go Git Service
CVE-2024-39931 (Gogs through 0.13.0 allows deletion of internal files.)
- TODO: check
+ NOT-FOR-US: Go Git Service
CVE-2024-39930 (The built-in SSH server of Gogs through 0.13.0 allows argument
injecti ...)
- TODO: check
+ NOT-FOR-US: Go Git Service
CVE-2024-39929 (Exim through 4.97.1 misparses a multiline RFC 2231 header
filename, an ...)
TODO: check
CVE-2024-39211 (Kaiten 57.128.8 allows remote attackers to enumerate user
accounts via ...)
- TODO: check
+ NOT-FOR-US: Kaiten
CVE-2024-39165 (QR/demoapp/qr_image.php in Asial JpGraph Professional through
4.2.6-pr ...)
- TODO: check
+ NOT-FOR-US: Asial JpGraph Professional
CVE-2024-37476 (Cross Site Scripting (XSS) vulnerability in Automattic
Newspack Campai ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37474 (Cross Site Scripting (XSS) vulnerability in Automattic
Newspack Ads al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37472 (Cross Site Scripting (XSS) vulnerability in WofficeIO Woffice
allows R ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-37471 (Cross Site Scripting (XSS) vulnerability in WofficeIO Woffice
Core all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-32754 (Under certain circumstances, when the controller is in factory
reset m ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2024-22277 (VMware Cloud Director Availability contains an HTML injection
vulnerab ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2024-1574 (Use of Externally-Controlled Input to Select Classes or Code
('Unsafe ...)
TODO: check
CVE-2024-1573 (Improper Authentication vulnerability in the mobile monitoring
feature ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4356745d3e61587c484a4203131c16e1c1aed48
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4356745d3e61587c484a4203131c16e1c1aed48
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
