Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8675d272 by Salvatore Bonaccorso at 2024-08-31T11:50:56+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14,27 +14,27 @@ CVE-2024-8006 (Remote packet capture support is disabled by
default in libpcap.
CVE-2024-7435 (The Attire theme for WordPress is vulnerable to PHP Object
Injection i ...)
NOT-FOR-US: WordPress theme
CVE-2024-6586 (Lightdash version 0.1024.6 allows users with the necessary
permissions ...)
- TODO: check
+ NOT-FOR-US: Lightdash
CVE-2024-6585 (Multiple stored cross-site scripting (\u201cXSS\u201d)
vulnerabilities ...)
- TODO: check
+ NOT-FOR-US: Lightdash
CVE-2024-5212 (The tagDiv Composer plugin for WordPress is vulnerable to
Reflected Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-45304 (Cairo-Contracts are OpenZeppelin Contracts written in Cairo
for Starkn ...)
TODO: check
CVE-2024-44684 (TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in
/h.php/ ...)
- TODO: check
+ NOT-FOR-US: TpMeCMS
CVE-2024-44683 (Seacms v13 is vulnerable to Cross Site Scripting (XSS) via
admin-video ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-44682 (ShopXO 6.2 is vulnerable to Cross Site Scripting (XSS) in the
backend ...)
- TODO: check
+ NOT-FOR-US: ShopXO
CVE-2024-3886 (The tagDiv Composer plugin for WordPress is vulnerable to
Reflected Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-39747 (IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and
6.3 uses d ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-39579 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0
contains an inc ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-39578 (Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1
contains a UNIX ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-7256 (In affected libpcap versions during the setup of a remote
packet captu ...)
- libpcap <unfixed> (unimportant)
NOTE:
https://github.com/the-tcpdump-group/libpcap/commit/262e4f34979872d822ccedf9f318ed89c4d31c03
(master)
@@ -98,7 +98,7 @@ CVE-2024-7051
CVE-2024-6204 (Zohocorp ManageEngine Exchange Reporter Plus versions
before5715 are v ...)
NOT-FOR-US: Zohocorp ManageEngine
CVE-2024-45047 (svelte performance oriented web framework. A potential mXSS
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: svelte
CVE-2024-44918 (A cross-site scripting (XSS) vulnerability in the component
admin_data ...)
NOT-FOR-US: SeaCMS
CVE-2024-44916 (Vulnerability in admin_ip.php in Seacms v13.1, when
action=set, allows ...)
@@ -159,7 +159,7 @@ CVE-2024-45490 (An issue was discovered in libexpat before
2.6.3. xmlparse.c doe
CVE-2024-45488 (One Identity Safeguard for Privileged Passwords before 7.5.2
allows un ...)
NOT-FOR-US: One Identity Safeguard for Privileged Passwords
CVE-2024-45302 (RestSharp is a Simple REST and HTTP API Client for .NET. The
second ar ...)
- TODO: check
+ NOT-FOR-US: RestSharp
CVE-2024-44944 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.10.3-1
[bookworm] - linux 6.1.106-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8675d272e61b147d91d8287d5fc4d8e0be7d1ba8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8675d272e61b147d91d8287d5fc4d8e0be7d1ba8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
