Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
74c2603c by Salvatore Bonaccorso at 2024-07-21T22:09:30+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
CVE-2024-6945 (A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has
been clas ...)
- TODO: check
+ NOT-FOR-US: Flute CMS
CVE-2024-6944 (A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0
and class ...)
- TODO: check
+ NOT-FOR-US: ZhongBangKeJi CRMEB
CVE-2024-6943 (A vulnerability has been found in ZhongBangKeJi CRMEB up to
5.4.0 and ...)
- TODO: check
+ NOT-FOR-US: ZhongBangKeJi CRMEB
CVE-2024-6942 (A vulnerability, which was classified as problematic, was found
in Thi ...)
- TODO: check
+ NOT-FOR-US: ThinkSAAS
CVE-2024-6941 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: ThinkSAAS
CVE-2024-6940 (A vulnerability was found in DedeCMS 5.7.114. It has been
classified a ...)
- TODO: check
+ NOT-FOR-US: DedeCMS
CVE-2024-6939 (A vulnerability was found in Xinhu RockOA 2.6.3 and classified
as prob ...)
- TODO: check
+ NOT-FOR-US: Xinhu RockOA
CVE-2024-6938 (A vulnerability has been found in SiYuan 3.1.0 and classified
as probl ...)
- TODO: check
+ NOT-FOR-US: SiYuan
CVE-2024-6937 (A vulnerability, which was classified as problematic, was found
in for ...)
- TODO: check
+ NOT-FOR-US: Form Tools
CVE-2024-6936 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: Form Tools
CVE-2024-6935 (A vulnerability classified as problematic was found in
formtools.org F ...)
- TODO: check
+ NOT-FOR-US: Form Tools
CVE-2024-6934 (A vulnerability classified as problematic has been found in
formtools. ...)
- TODO: check
+ NOT-FOR-US: Form Tools
CVE-2024-6933 (A vulnerability was found in LimeSurvey 6.5.14-240624. It has
been rat ...)
TODO: check
CVE-2024-6932 (A vulnerability was found in ClassCMS 4.5. It has been declared
as pro ...)
- TODO: check
+ NOT-FOR-US: ClassCMS
CVE-2024-38438 (D-Link - CWE-294: Authentication Bypass by Capture-replay)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-38437 (D-Link - CWE-288:Authentication Bypass Using an Alternate Path
or Chan ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2024-38436 (Commugen SOX 365 \u2013CWE-79: Improper Neutralization of
Input During ...)
- TODO: check
+ NOT-FOR-US: Commugen SOX 365
CVE-2024-38435 (Unitronics Vision PLC \u2013CWE-703: Improper Check or
Handling of Exc ...)
- TODO: check
+ NOT-FOR-US: Unitronics Vision PLC
CVE-2024-38434 (Unitronics Vision PLC \u2013 CWE-676: Use of Potentially
Dangerous ...)
- TODO: check
+ NOT-FOR-US: Unitronics Vision PLC
CVE-2024-37559 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2024-37558 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
@@ -93,25 +93,25 @@ CVE-2024-37488 (Improper Neutralization of Input During Web
Page Generation (XSS
CVE-2024-37487 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2024-6848 (The Post and Page Builder by BoldGrid \u2013 Visual Drag and
Drop Edit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6497 (The SEO Plugin by Squirrly SEO plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37959 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37958 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37957 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37956 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37955 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37954 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37953 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37951 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37950 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2024-37949 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
@@ -145,115 +145,115 @@ CVE-2024-37562 (Improper Neutralization of Input During
Web Page Generation (XSS
CVE-2024-37561 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2024-6694 (The WP Mail SMTP plugin for WordPress is vulnerable to
information exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6637 (The WooCommerce - Social Login plugin for WordPress is
vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6636 (The WooCommerce - Social Login plugin for WordPress is
vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6635 (The WooCommerce - Social Login plugin for WordPress is
vulnerable to a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6560 (The Addonify \u2013 Quick View For WooCommerce plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6491 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6489 (The Getwid \u2013 Gutenberg Blocks plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6281 (A path traversal vulnerability exists in the `apply_settings`
function ...)
- TODO: check
+ NOT-FOR-US: parisneo/lollms
CVE-2024-5804 (The Conditional Fields for Contact Form 7 plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-40348 (An issue in the component /api/swaggerui/static of Bazaar
v1.4.3 allow ...)
- TODO: check
+ NOT-FOR-US: Bazaar (not the same as src:bzr)
CVE-2024-40347 (A reflected cross-site scripting (XSS) vulnerability in Hyland
Alfresc ...)
- TODO: check
+ NOT-FOR-US: Hyland Alfresco Platform
CVE-2024-3934 (The Mercado Pago payments for WooCommerce plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38767 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38758 (Server-Side Request Forgery (SSRF) vulnerability in WappPress
Team Wap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38757 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38750 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38741 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38739 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-38738 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38725 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38722 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38720 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38718 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38713 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38712 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38711 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38710 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38705 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38703 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38698 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38697 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38696 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38694 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38689 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38687 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38686 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38685 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38684 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38683 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38682 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38681 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38680 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38679 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38678 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38677 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38676 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38675 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38674 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38673 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38672 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38671 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38670 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-38669 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37961 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-37960 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2337 (The Easy Testimonials plugin for WordPress is vulnerable to
Stored Cro ...)
TODO: check
CVE-2024-6916 (A vulnerability in Zowe CLI allows local, privileged actors to
display ...)
@@ -299,7 +299,7 @@ CVE-2024-41121 (Woodpecker is a simple yet powerful CI/CD
engine with great exte
CVE-2024-41107 (The CloudStack SAML authentication (disabled by default) does
not enfo ...)
TODO: check
CVE-2024-40400 (An arbitrary file upload vulnerability in the image upload
function of ...)
- TODO: check
+ NOT-FOR-US: automad
CVE-2024-39963 (AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and
AX3000 Du ...)
NOT-FOR-US: AX3000 Dual-Band Gigabit Wi-Fi 6 Router
CVE-2024-39962 (D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router
v21_D240126 w ...)
@@ -2396,7 +2396,7 @@ CVE-2024-6528 (CWE-79: Improper Neutralization of Input
During Web Page Generati
CVE-2024-6485 (A security vulnerability has been discovered in bootstrap that
could e ...)
TODO: check
CVE-2024-6484 (A vulnerability has been identified in Bootstrap that exposes
users to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6407 (CWE-200: Information Exposure vulnerability exists that could
cause di ...)
NOT-FOR-US: Schneider Electric
CVE-2024-6035 (A Stored Cross-Site Scripting (XSS) vulnerability exists in
gaizhenbia ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74c2603ca9a7605e8651b748dd78fd4d7e7b8dfc
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74c2603ca9a7605e8651b748dd78fd4d7e7b8dfc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
