[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sun, 21 Jul 2024 13:33:08 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
59336dc7 by Salvatore Bonaccorso at 2024-07-21T22:31:53+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,61 +37,61 @@ CVE-2024-38435 (Unitronics Vision PLC \u2013CWE-703: 
Improper Check or Handling
 CVE-2024-38434 (Unitronics Vision PLC \u2013    CWE-676: Use of Potentially 
Dangerous  ...)
        NOT-FOR-US: Unitronics Vision PLC
 CVE-2024-37559 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37558 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37557 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37556 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37552 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37551 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37550 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37549 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37548 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37545 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37538 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37537 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37536 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37523 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37522 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37521 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-37519 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37515 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37514 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37512 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37509 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37507 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37500 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37495 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37492 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37489 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37488 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37487 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6848 (The Post and Page Builder by BoldGrid \u2013 Visual Drag and 
Drop Edit ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-6497 (The SEO Plugin by Squirrly SEO plugin for WordPress is 
vulnerable to S ...)
@@ -113,37 +113,37 @@ CVE-2024-37953 (Improper Neutralization of Input During 
Web Page Generation (XSS
 CVE-2024-37951 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-37950 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37949 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37948 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37947 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37946 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37944 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37943 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37936 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37922 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37920 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37919 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37918 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37565 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37563 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37562 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37561 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6694 (The WP Mail SMTP plugin for WordPress is vulnerable to 
information exp ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-6637 (The WooCommerce - Social Login plugin for WordPress is 
vulnerable to u ...)
@@ -255,7 +255,7 @@ CVE-2024-37961 (Improper Neutralization of Input During Web 
Page Generation (XSS
 CVE-2024-37960 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-2337 (The Easy Testimonials plugin for WordPress is vulnerable to 
Stored Cro ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6916 (A vulnerability in Zowe CLI allows local, privileged actors to 
display ...)
        NOT-FOR-US: Zowe CLI
 CVE-2024-6908 (Improper privilege management in Yugabyte Platform allows 
authenticate ...)
@@ -291,11 +291,11 @@ CVE-2024-41281 (Linksys WRT54G v4.21.5 has a stack 
overflow vulnerability in get
 CVE-2024-41172 (In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and 
lower vers ...)
        NOT-FOR-US: Apache CXF
 CVE-2024-41124 (Puncia is the Official CLI utility for Subdomain Center & 
Exploit Obse ...)
-       TODO: check
+       NOT-FOR-US: Puncia
 CVE-2024-41122 (Woodpecker is a simple yet powerful CI/CD engine with great 
extensibil ...)
-       TODO: check
+       NOT-FOR-US: Woodpecker
 CVE-2024-41121 (Woodpecker is a simple yet powerful CI/CD engine with great 
extensibil ...)
-       TODO: check
+       NOT-FOR-US: Woodpecker
 CVE-2024-41107 (The CloudStack SAML authentication (disabled by default) does 
not enfo ...)
        TODO: check
 CVE-2024-40400 (An arbitrary file upload vulnerability in the image upload 
function of ...)
@@ -313,15 +313,15 @@ CVE-2024-39123 (In janeczku Calibre-Web 0.6.0 to 0.6.21, 
the edit_book_comments
 CVE-2024-37066 (A command injection vulnerability exists in Wyze V4 Pro 
firmware versi ...)
        NOT-FOR-US: Wyze
 CVE-2024-32007 (An improper input validation of thep2c parameter in the Apache 
CXF JOS ...)
-       TODO: check
+       NOT-FOR-US: Apache CXF
 CVE-2024-29736 (A SSRF vulnerability in WADL service description in versions 
of Apache ...)
-       TODO: check
+       NOT-FOR-US: Apache CXF
 CVE-2024-29080 (Potential vulnerabilities have been identified in the HP 
Display Contr ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2024-27489 (An issue in the DelFile() function of WMCMS v4.4 allows 
attackers to d ...)
-       TODO: check
+       NOT-FOR-US: WMCMS
 CVE-2024-24970 (Potential vulnerabilities have been identified in the HP 
Display Contr ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2024-0006 (Information exposure in the logging system in Yugabyte Platform 
allows ...)
        TODO: check
 CVE-2024-6903 (A vulnerability, which was classified as critical, has been 
found in S ...)
@@ -358,9 +358,9 @@ CVE-2024-40642 (The netty incubator codec.bhttp is a java 
language binary http p
 CVE-2024-38156 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
        NOT-FOR-US: Microsoft
 CVE-2024-35199 (TorchServe is a flexible and easy-to-use tool for serving and 
scaling  ...)
-       TODO: check
+       NOT-FOR-US: TorchServe
 CVE-2024-35198 (TorchServe is a flexible and easy-to-use tool for serving and 
scaling  ...)
-       TODO: check
+       NOT-FOR-US: TorchServe
 CVE-2024-30130 (HCL Nomad server on Domino is vulnerable to the cache 
containing sensi ...)
        NOT-FOR-US: HCL
 CVE-2024-21583 (Versions of the package 
github.com/gitpod-io/gitpod/components/server/ ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59336dc724cf261df75f6b1ccf785ac0a1d86d6d

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59336dc724cf261df75f6b1ccf785ac0a1d86d6d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to