[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Thu, 08 Aug 2024 02:00:50 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b9549601 by Moritz Muehlenhoff at 2024-08-08T10:31:59+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
 CVE-2024-7561 (The The Next theme for WordPress is vulnerable to PHP Object 
Injection ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-7560 (The News Flash theme for WordPress is vulnerable to PHP Object 
Injecti ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-7548 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-7492 (The MainWP Child Reports plugin for WordPress is vulnerable to 
Cross-S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-7486 (The MultiPurpose theme for WordPress is vulnerable to PHP 
Object Injec ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-7350 (The Appointment Booking Calendar Plugin and Online Scheduling 
Plugin \ ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-7150 (The Slider by 10Web \u2013 Responsive Image Slider plugin for 
WordPres ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6987 (The Orchid Store theme for WordPress is vulnerable to 
unauthorized mod ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-6893 (The "soap_cgi.pyc" API handler allows the XML body of SOAP 
requests to ...)
-       TODO: check
+       NOT-FOR-US: Journyx
 CVE-2024-6892 (Attackers can craft a malicious link that once clicked will 
execute ar ...)
-       TODO: check
+       NOT-FOR-US: Journyx
 CVE-2024-6891 (Attackers with a valid username and password can exploit a 
python code ...)
-       TODO: check
+       NOT-FOR-US: Journyx
 CVE-2024-6890 (Password reset tokens are generated using an insecure source of 
random ...)
-       TODO: check
+       NOT-FOR-US: Journyx
 CVE-2024-6884 (The Gutenberg Blocks with AI by Kadence WP  WordPress plugin 
before 3. ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6869 (The Falang multilanguage for WordPress plugin for WordPress is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6824 (The Premium Addons for Elementor plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6707 (Attacker controlled files can be uploaded to arbitrary 
locations on th ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2024-6706 (Attackers can craft a malicious prompt that coerces the 
language model ...)
-       TODO: check
+       NOT-FOR-US: Open WebUI
 CVE-2024-6552 (The Booking for Appointments and Events Calendar \u2013 Amelia 
plugin  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6481 (The Search & Filter Pro WordPress plugin before 2.5.18 does not 
saniti ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6254 (The Brizy \u2013 Page Builder plugin for WordPress is 
vulnerable to Cr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5668 (The Lightbox & Modal Popup WordPress Plugin \u2013 FooBox 
plugin for W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5226 (The Fuse Social Floating Sidebar plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-38202 (Summary Microsoft was notified that an elevation of privilege 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2024-22069 (There is a permission and access control vulnerability of 
ZTE's ZXV10  ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2024-21302 (Summary: Microsoft was notified that an elevation of privilege 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2024-43168
        - unbound 1.20.0-1
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2303462



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9549601438a0252ca686b131db87d8a001a376a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9549601438a0252ca686b131db87d8a001a376a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to