[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 09 Jul 2024 13:57:20 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
eddbc3d6 by Salvatore Bonaccorso at 2024-07-09T22:56:19+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,59 +9,59 @@ CVE-2024-6237 (A flaw was found in the 389 Directory Server. 
This flaw allows an
        NOTE: https://github.com/389ds/389-ds-base/issues/5989
        NOTE: 
https://github.com/389ds/389-ds-base/commit/e8dd583685e6143f2027f97569de4cc45ba46e14
 (389-ds-base-2.4.5)
 CVE-2024-6222 (In Docker Desktop before v4.29.0, an attacker who has gained 
access to ...)
-       TODO: check
+       NOT-FOR-US: Docker Desktop
 CVE-2024-6168 (The Just Custom Fields plugin for WordPress is vulnerable to 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6167 (The Just Custom Fields plugin for WordPress is vulnerable to 
unauthori ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6069 (The Registration Forms \u2013 User Registration Forms, 
Invitation-Base ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5993 (The Cliengo \u2013 Chatbot plugin for WordPress is vulnerable 
to unaut ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5992 (The Cliengo \u2013 Chatbot plugin for WordPress is vulnerable 
to unaut ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5946 (The Squelch Tabs and Accordions Shortcodes plugin for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5937 (The Simple Alert Boxes plugin for WordPress is vulnerable to 
Stored Cr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5856 (The Comment Images Reloaded plugin for WordPress is vulnerable 
to unau ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5810 (The WP2Speed Faster \u2013 Optimize PageSpeed Insights Score 
90-100 pl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5704 (The XPlainer \u2013 WooCommerce Product FAQ [WooCommerce 
Accordion FAQ ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5669 (The XPlainer \u2013 WooCommerce Product FAQ [WooCommerce 
Accordion FAQ ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5652 (In Docker Desktop on Windows before v4.31.0allows a user in the 
docker ...)
-       TODO: check
+       NOT-FOR-US: Docker Desktop
 CVE-2024-5648 (The LearnDash LMS \u2013 Reports plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5634 (Longse modelLBH30FE200W cameras, as well as products based on 
this dev ...)
-       TODO: check
+       NOT-FOR-US: Longse model LBH30FE200W cameras
 CVE-2024-5633 (Longse modelLBH30FE200W cameras, as well as products based on 
this dev ...)
-       TODO: check
+       NOT-FOR-US: Longse model LBH30FE200W cameras
 CVE-2024-5632 (Longse NVR (Network Video Recorder) modelNVR3608PGE2W, as well 
as prod ...)
-       TODO: check
+       NOT-FOR-US: Longse NVR (Network Video Recorder) model NVR3608PGE2W
 CVE-2024-5631 (Longse NVR (Network Video Recorder) modelNVR3608PGE2W, as well 
as prod ...)
-       TODO: check
+       NOT-FOR-US: Longse NVR (Network Video Recorder) model NVR3608PGE2W
 CVE-2024-5600 (The SCSS Happy Compiler \u2013 Compile SCSS to CSS & Automatic 
Enqueue ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5479 (The Easy Pixels plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5457 (The Panda Video plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5456 (The Panda Video plugin for WordPress is vulnerable to Local 
File Inclu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4868 (The Extensions for Elementor plugin for WordPress is vulnerable 
to Sto ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4862 (The WPBITS Addons For Elementor Page Builder plugin for 
WordPress is v ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4102 (The Pricing Table plugin for WordPress is vulnerable to 
unauthorized a ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4100 (The Pricing Table plugin for WordPress is vulnerable to 
Cross-Site Req ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-40750 (Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 
1.0.10.215314 dev ...)
-       TODO: check
+       NOT-FOR-US: Linksys
 CVE-2024-40742 (A cross-site scripting (XSS) vulnerability in netbox v4.0.3 
allows att ...)
        TODO: check
 CVE-2024-40741 (A cross-site scripting (XSS) vulnerability in netbox v4.0.3 
allows att ...)
@@ -97,59 +97,59 @@ CVE-2024-40727 (A cross-site scripting (XSS) vulnerability 
in netbox v4.0.3 allo
 CVE-2024-40726 (A cross-site scripting (XSS) vulnerability in netbox v4.0.3 
allows att ...)
        TODO: check
 CVE-2024-40039 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-40038 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-40037 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-40036 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-40035 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-40034 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-3608 (The Product Designer plugin for WordPress is vulnerable to 
unauthorize ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3604 (The OSM \u2013 OpenStreetMap plugin for WordPress is vulnerable 
to SQL ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3603 (The OSM \u2013 OpenStreetMap plugin for WordPress is vulnerable 
to Sto ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3596 (RADIUS Protocol under RFC 2865 is susceptible to forgery 
attacks by a  ...)
        TODO: check
 CVE-2024-3563 (The Genesis Blocks plugin for WordPress is vulnerable to Stored 
Cross- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3228 (The Social Sharing Plugin \u2013 Kiwi plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-39899 (PrivateBin is an online pastebin where the server has zero 
knowledge o ...)
        TODO: check
 CVE-2024-39897 (zot is an OCI image registry. Prior to 2.1.0, the cache driver 
`GetBlo ...)
        TODO: check
 CVE-2024-39888 (A vulnerability has been identified in Mendix Encryption (All 
versions ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39876 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39875 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39874 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39873 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39872 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39871 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39870 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39869 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39868 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39867 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39866 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39865 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39698 (electron-updater allows for automatic updates for Electron 
apps. The f ...)
        TODO: check
 CVE-2024-39697 (phonenumber is a library for parsing, formatting and 
validating intern ...)
@@ -157,21 +157,21 @@ CVE-2024-39697 (phonenumber is a library for parsing, 
formatting and validating
 CVE-2024-39684 (Tencent RapidJSON is vulnerable to privilege escalation due to 
an inte ...)
        TODO: check
 CVE-2024-39675 (A vulnerability has been identified in RUGGEDCOM RMC30 (All 
versions < ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39571 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39570 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39569 (A vulnerability has been identified in SINEMA Remote Connect 
Client (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39568 (A vulnerability has been identified in SINEMA Remote Connect 
Client (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39567 (A vulnerability has been identified in SINEMA Remote Connect 
Client (A ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2024-39171 (Directory Travel in PHPVibe v11.0.46 due to incomplete 
blacklist check ...)
-       TODO: check
+       NOT-FOR-US: PHPVibe
 CVE-2024-39118 (Mommy Heather Advanced Backups up to v3.5.3 allows attackers 
to write  ...)
-       TODO: check
+       NOT-FOR-US: Mommy Heather Advanced Backups
 CVE-2024-39063 (Lime Survey <= 6.5.12 is vulnerable to Cross Site Request 
Forgery (CSR ...)
        TODO: check
 CVE-2024-38972 (A cross-site scripting (XSS) vulnerability in netbox v4.0.3 
allows att ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eddbc3d6666ed32ce9ec153cfc9766755d62326c

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eddbc3d6666ed32ce9ec153cfc9766755d62326c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to