Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8c89233a by Salvatore Bonaccorso at 2024-07-13T06:32:20+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,61 +1,61 @@
CVE-2024-6495 (The Premium Addons for Elementor plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6353 (The Wallet for WooCommerce plugin for WordPress is vulnerable
to SQL I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6328 (The MStore API \u2013 Create Native Android & iOS Apps On The
Cloud pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5325 (The Form Vibes plugin for WordPress is vulnerable to SQL
Injection via ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-40690 (IBM InfoSphere Server 11.7 is vulnerable to cross-site
scripting. This ...)
NOT-FOR-US: IBM
CVE-2024-40552 (PublicCMS v4.0.202302.e was discovered to contain a remote
commande ex ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40551 (An arbitrary file upload vulnerability in the component
/admin/cmsTemp ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40550 (An arbitrary file upload vulnerability in the component
/admin/cmsTemp ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40549 (An arbitrary file upload vulnerability in the component
/admin/cmsTemp ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40548 (An arbitrary file upload vulnerability in the component
/admin/cmsTemp ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40547 (PublicCMS v4.0.202302.e was discovered to contain an arbitrary
file co ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40546 (An arbitrary file upload vulnerability in the component
/admin/cmsWebF ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40545 (An arbitrary file upload vulnerability in the component
/admin/cmsWebF ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40544 (PublicCMS v4.0.202302.e was discovered to contain a
Server-Side Reques ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40543 (PublicCMS v4.0.202302.e was discovered to contain a
Server-Side Reques ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2024-40542 (my-springsecurity-plus before v2024.07.03 was discovered to
contain a ...)
- TODO: check
+ NOT-FOR-US: witmy my-springsecurity-plus
CVE-2024-40541 (my-springsecurity-plus before v2024.07.03 was discovered to
contain a ...)
- TODO: check
+ NOT-FOR-US: witmy my-springsecurity-plus
CVE-2024-40540 (my-springsecurity-plus before v2024.07.03 was discovered to
contain a ...)
- TODO: check
+ NOT-FOR-US: witmy my-springsecurity-plus
CVE-2024-40539 (my-springsecurity-plus before v2024.07.03 was discovered to
contain a ...)
- TODO: check
+ NOT-FOR-US: witmy my-springsecurity-plus
CVE-2024-40522 (There is a remote code execution vulnerability in SeaCMS 12.9.
The vul ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-40521 (SeaCMS 12.9 has a remote code execution vulnerability. The
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-40520 (SeaCMS 12.9 has a remote code execution vulnerability. The
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-40519 (SeaCMS 12.9 has a remote code execution vulnerability. The
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-40518 (SeaCMS 12.9 has a remote code execution vulnerability. The
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-40110 (Sourcecodester Poultry Farm Management System v1.0 contains an
Unauthe ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Poultry Farm Management System
CVE-2024-39917 (xrdp is an open source RDP server. xrdp versions prior to
0.10.0 have ...)
TODO: check
CVE-2024-39916 (FOG is a free open-source cloning/imaging/rescue
suite/inventory manag ...)
- TODO: check
+ NOT-FOR-US: FOG
CVE-2024-39914 (FOG is a cloning/imaging/rescue suite/inventory management
system. Pri ...)
- TODO: check
+ NOT-FOR-US: FOG
CVE-2024-39909 (KubeClarity is a tool for detection and management of Software
Bill Of ...)
- TODO: check
+ NOT-FOR-US: KubeClarity
CVE-2024-39903 (Solara is a pure Python, React-style framework for scaling
Jupyter and ...)
TODO: check
CVE-2024-39340 (Securepoint UTM before 12.6.5 mishandles OTP codes.)
@@ -576,7 +576,7 @@ CVE-2024-6588 (The PowerPress Podcasting plugin by Blubrry
plugin for WordPress
CVE-2024-6555 (The WP Popups \u2013 WordPress Popup builder plugin for
WordPress is v ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6468 (Vault and Vault Enterprise did not properly handle requests
originatin ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Vault
CVE-2024-6396 (A vulnerability in the `_backup_run` function in aimhubio/aim
version ...)
NOT-FOR-US: aimhubio/aim
CVE-2024-6392 (The Image Optimizer, Resizer and CDN \u2013 Sirv plugin for
WordPress ...)
@@ -608,11 +608,11 @@ CVE-2024-1375 (The Event post plugin for WordPress is
vulnerable to unauthorized
CVE-2024-0974 (The Social Media Widget WordPress plugin before 4.0.9 does not
sanitis ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6681 (A vulnerability, which was classified as critical, has been
found in w ...)
- TODO: check
+ NOT-FOR-US: witmy my-springsecurity-plus
CVE-2024-6680 (A vulnerability classified as critical was found in witmy
my-springsec ...)
- TODO: check
+ NOT-FOR-US: witmy my-springsecurity-plus
CVE-2024-6679 (A vulnerability classified as critical has been found in witmy
my-spri ...)
- TODO: check
+ NOT-FOR-US: witmy my-springsecurity-plus
CVE-2024-6643
REJECTED
CVE-2024-6531 (A vulnerability has been identified in Bootstrap that exposes
users to ...)
@@ -729,7 +729,7 @@ CVE-2024-2602 (CWE-22: Improper Limitation of a Pathname to
a Restricted Directo
CVE-2024-28872 (The TLS certificate validation code is flawed. An attacker can
obtain ...)
TODO: check
CVE-2024-6676 (A vulnerability has been found in witmy my-springsecurity-plus
up to 2 ...)
- TODO: check
+ NOT-FOR-US: witmy my-springsecurity-plus
CVE-2024-6666 (The WP ERP plugin for WordPress is vulnerable to SQL Injection
via the ...)
NOT-FOR-US: WordPress plugin
CVE-2024-6655
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c89233aebf7f5a1b0208bf8dab8d25753a0e42e
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c89233aebf7f5a1b0208bf8dab8d25753a0e42e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
