Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
34471312 by Salvatore Bonaccorso at 2024-07-16T22:23:38+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,85 +1,85 @@
CVE-2024-6621 (The RSS Aggregator \u2013 RSS Import, News Feeds, Feed to Post,
and Au ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6579 (The Web and WooCommerce Addons for WPBakery Builder plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6570 (The Glossary plugin for WordPress is vulnerable to Full Path
Disclosur ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6565 (The AForms \u2014 Form Builder for Price Calculator & Cost
Estimation ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6492 (Exposure of Sensitive Information in edge browser session proxy
featur ...)
- TODO: check
+ NOT-FOR-US: Devolutions Remote Desktop Manager
CVE-2024-6457 (The HUSKY \u2013 Products Filter Professional for WooCommerce
plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6435 (A privilege escalation vulnerability exists in the affected
products w ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-6326 (An exposure of sensitive information vulnerability exists in
the Rockw ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-6325 (The v6.40 release of Rockwell Automation FactoryTalk\xae Policy
Manage ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-6089 (An input validation vulnerability exists in the Rockwell
Automation501 ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-5852 (The WordPress File Upload plugin for WordPress is vulnerable to
Direct ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-40626 (Outline is an open source, collaborative document editor. A
type confu ...)
- TODO: check
+ NOT-FOR-US: Outline
CVE-2024-40516 (An issue in H3C Technologies Co., Limited H3C Magic RC3000
RC3000V100R ...)
- TODO: check
+ NOT-FOR-US: H3C Magic RC3000 RC3000V100R009
CVE-2024-40515 (An issue in SHENZHEN TENDA TECHNOLOGY CO.,LTD Tenda AX2pro
V16.03.29.4 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-40505 (**UNSUPPORTED WHEN ASSIGNED** Directory Traversal
vulnerability in D-L ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-40503 (An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote
attacker to c ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-40456 (ThinkSAAS v3.7.0 was discovered to contain a SQL injection
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: ThinkSAAS
CVE-2024-40455 (An arbitrary file deletion vulnerability in ThinkSAAS v3.7
allows atta ...)
- TODO: check
+ NOT-FOR-US: ThinkSAAS
CVE-2024-40425 (File Upload vulnerability in Nanjin Xingyuantu Technology Co
Sparkshop ...)
- TODO: check
+ NOT-FOR-US: Nanjin Xingyuantu Technology Co Sparkshop
CVE-2024-40394 (Simple Library Management System Project Using PHP/MySQL v1.0
was disc ...)
- TODO: check
+ NOT-FOR-US: Simple Library Management System Project Using PHP/MySQL
CVE-2024-40393 (Online Clinic Management System In PHP With Free Source code
v1.0 was ...)
- TODO: check
+ NOT-FOR-US: Online Clinic Management System In PHP With Free Source code
CVE-2024-40392 (SourceCodester Pharmacy/Medical Store Point of Sale System
Using PHP/M ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Pharmacy/Medical Store Point of Sale System
CVE-2024-40322 (An issue was discovered in JFinalCMS v.5.0.0. There is a SQL
injection ...)
- TODO: check
+ NOT-FOR-US: JFinalCMS
CVE-2024-40130 (open5gs v2.6.4 is vulnerable to Buffer Overflow. via
/lib/core/abts.c.)
- TODO: check
+ NOT-FOR-US: Open5GS
CVE-2024-40129 (Open5GS v2.6.4 is vulnerable to Buffer Overflow. via
/lib/pfcp/context ...)
- TODO: check
+ NOT-FOR-US: Open5GS
CVE-2024-3779 (Denial of service vulnerability present shortly after product
installa ...)
- TODO: check
+ NOT-FOR-US: ESET
CVE-2024-3587 (The Premium Portfolio Features for Phlox theme plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3232 (A formula injection vulnerability exists in Tenable Identity
Exposure ...)
- TODO: check
+ NOT-FOR-US: Tenable
CVE-2024-39908 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1
has some ...)
TODO: check
CVE-2024-39887 (An SQL Injection vulnerability in Apache Superset exists due
to improp ...)
- TODO: check
+ NOT-FOR-US: Apache Superset
CVE-2024-39700 (JupyterLab extension template is a `copier` template for
JupyterLab e ...)
TODO: check
CVE-2024-39036 (SeaCMS v12.9 is vulnerable to Arbitrary File Read via
admin_safe.php.)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-35338 (Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded
password ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-33182 (Tenda AC18 V15.03.3.10_EN was discovered to contain a
stack-based buff ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-33181 (Tenda AC18 V15.03.3.10_EN was discovered to contain a
stack-based buff ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-33180 (Tenda AC18 V15.03.3.10_EN was discovered to contain a
stack-based buff ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-32861 (Under certain circumstances the Software House C\u25cfCURE
9000 Site S ...)
TODO: check
CVE-2024-2691 (The WP Event Manager \u2013 Events Calendar, Registrations,
Sell Ticke ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-22442 (The vulnerability could be remotely exploited to bypass
authentication ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2024-21686 (This High severity Stored XSS vulnerability was introduced in
versions ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2024-1937 (The Brizy \u2013 Page Builder plugin for WordPress is
vulnerable to un ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31456 (There is an SSRF vulnerability in the Fluid Topics platform
that affec ...)
TODO: check
CVE-2023-52886 (In the Linux kernel, the following vulnerability has been
resolved: U ...)
@@ -363443,13 +363443,13 @@ CVE-2019-16643 (An issue was discovered in ZrLog
2.1.1. There is a Stored XSS vu
CVE-2019-16642 (App\Mobile\Controller\ZhuantiController.class.php in TuziCMS
2.0.6 has ...)
NOT-FOR-US: TuziCMS
CVE-2019-16641 (An issue was found on the Ruijie EG-2000 series gateway. There
is a bu ...)
- TODO: check
+ NOT-FOR-US: Ruijie EG-2000
CVE-2019-16640 (An issue was found in upload.php on the Ruijie EG-2000 series
gateway. ...)
- TODO: check
+ NOT-FOR-US: Ruijie EG-2000
CVE-2019-16639 (An issue was found on the Ruijie EG-2000 series gateway. There
is a ne ...)
- TODO: check
+ NOT-FOR-US: Ruijie EG-2000
CVE-2019-16638 (An issue was found on the Ruijie EG-2000 series gateway. An
attacker c ...)
- TODO: check
+ NOT-FOR-US: Ruijie EG-2000
CVE-2019-16637
RESERVED
CVE-2019-16636
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3447131288ebb9014b807e2dd7ff8f79368ae8a1
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3447131288ebb9014b807e2dd7ff8f79368ae8a1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
