[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Tue, 17 Dec 2024 00:59:24 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6de0d8f0 by Moritz Muehlenhoff at 2024-12-17T09:58:57+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,11 +3,11 @@ CVE-2024-9624 (The WP All Import Pro plugin for WordPress is 
vulnerable to Serve
 CVE-2024-56017 (Cross-Site Request Forgery (CSRF) vulnerability in Tom Royal 
Stop Regi ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-55951 (Metabase is an open-source data analytics platform. For new 
sandboxing ...)
-       TODO: check
+       NOT-FOR-US: Metabase
 CVE-2024-55864 (Cross-site scripting vulnerability exists in My WP Customize 
Admin/Fro ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-55557 (ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has 
a hardco ...)
-       NOT-FOR-US: WordPress plugin
+       NOT-FOR-US: Weasis
 CVE-2024-55554 (Intrexx Portal Server before 12.0.2 allows XSS via a 
user-defined port ...)
        NOT-FOR-US: Intrexx Portal Server
 CVE-2024-55452 (A URL redirection vulnerability exists in UJCMS 9.6.3 due to 
improper  ...)
@@ -23,45 +23,45 @@ CVE-2024-55100 (A stored cross-site scripting (XSS) 
vulnerability in the compone
 CVE-2024-55085 (GetSimple CMS CE 3.3.19 suffers from arbitrary code execution 
in the t ...)
        NOT-FOR-US: GetSimple CMS CE
 CVE-2024-54125 (Improper authorization in handler for custom URL scheme issue 
in "Shon ...)
-       TODO: check
+       NOT-FOR-US: Shonen Jump+
 CVE-2024-52949 (iptraf-ng 1.2.1 has a stack-based buffer overflow.)
        TODO: check
 CVE-2024-38499 (CA Client Automation (ITCM) allows non-admin/non-root users to 
encrypt ...)
-       TODO: check
+       NOT-FOR-US: Broadcom CA Client Automation
 CVE-2024-37776 (A cross-site scripting (XSS) vulnerability in Sunbird DCIM 
dcTrack v9. ...)
-       TODO: check
+       NOT-FOR-US: Sunbird DCIM dcTrack
 CVE-2024-37775 (Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Sunbird DCIM dcTrack
 CVE-2024-37774 (A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack 
v9.1.2 all ...)
-       TODO: check
+       NOT-FOR-US: Sunbird DCIM dcTrack
 CVE-2024-37773 (An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 
allows a ...)
-       TODO: check
+       NOT-FOR-US: Sunbird DCIM dcTrack
 CVE-2024-35230 (GeoServer is an open source software server written in Java 
that allow ...)
        TODO: check
 CVE-2024-29671 (Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router 
v.1.0.2 all ...)
-       TODO: check
+       NOT-FOR-US: NEXTU FLATA AX1500 Router
 CVE-2024-12443 (The CRM Perks \u2013 WordPress HelpDesk Integration \u2013 
Zendesk, Fr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12356 (A critical vulnerability has been discovered in Privileged 
Remote Acce ...)
-       TODO: check
+       NOT-FOR-US: BeyondTrust
 CVE-2024-12239 (The PowerPack Lite for Beaver Builder plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12220 (The SMS for WooCommerce plugin for WordPress is vulnerable to 
Cross-Si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12219 (The Stop Registration Spam plugin for WordPress is vulnerable 
to Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11999 (CWE-1104: Use of Unmaintained Third-Party Components 
vulnerability exi ...)
-       TODO: check
+       NOT-FOR-US: Schneider
 CVE-2024-11906 (The TPG Get Posts plugin for WordPress is vulnerable to Stored 
Cross-S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11905 (The Animated Counters plugin for WordPress is vulnerable to 
Stored Cro ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11902 (The Slope Widgets plugin for WordPress is vulnerable to Stored 
Cross-S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11900 (The Portfolio \u2013 Filterable Masonry Portfolio Gallery for 
Professi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-10205 (Authentication Bypass vulnerability in Hitachi Ops Center 
Analyzer on  ...)
-       TODO: check
+       NOT-FOR-US: Hitachi
 CVE-2024-8058 (An improper parsing vulnerability was reported in the FileZ 
client tha ...)
        NOT-FOR-US: FileZ client
 CVE-2024-6002



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6de0d8f0408e35b433c23c53bd2ec5a4f429fe2e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6de0d8f0408e35b433c23c53bd2ec5a4f429fe2e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to