Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 59336dc7 by Salvatore Bonaccorso at 2024-07-21T22:31:53+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -37,61 +37,61 @@ CVE-2024-38435 (Unitronics Vision PLC \u2013CWE-703: Improper Check or Handling CVE-2024-38434 (Unitronics Vision PLC \u2013 CWE-676: Use of Potentially Dangerous ...) NOT-FOR-US: Unitronics Vision PLC CVE-2024-37559 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37558 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37557 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37556 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37552 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37551 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37550 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37549 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37548 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37545 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37538 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37537 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37536 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37523 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37522 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37521 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress theme CVE-2024-37519 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37515 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37514 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37512 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37509 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37507 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37500 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37495 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37492 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37489 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37488 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37487 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-6848 (The Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Edit ...) NOT-FOR-US: WordPress plugin CVE-2024-6497 (The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to S ...) @@ -113,37 +113,37 @@ CVE-2024-37953 (Improper Neutralization of Input During Web Page Generation (XSS CVE-2024-37951 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) NOT-FOR-US: WordPress plugin CVE-2024-37950 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37949 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37948 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37947 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37946 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37944 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37943 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37936 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37922 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37920 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37919 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37918 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37565 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37563 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37562 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-37561 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-6694 (The WP Mail SMTP plugin for WordPress is vulnerable to information exp ...) NOT-FOR-US: WordPress plugin CVE-2024-6637 (The WooCommerce - Social Login plugin for WordPress is vulnerable to u ...) @@ -255,7 +255,7 @@ CVE-2024-37961 (Improper Neutralization of Input During Web Page Generation (XSS CVE-2024-37960 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...) NOT-FOR-US: WordPress plugin CVE-2024-2337 (The Easy Testimonials plugin for WordPress is vulnerable to Stored Cro ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-6916 (A vulnerability in Zowe CLI allows local, privileged actors to display ...) NOT-FOR-US: Zowe CLI CVE-2024-6908 (Improper privilege management in Yugabyte Platform allows authenticate ...) @@ -291,11 +291,11 @@ CVE-2024-41281 (Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get CVE-2024-41172 (In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower vers ...) NOT-FOR-US: Apache CXF CVE-2024-41124 (Puncia is the Official CLI utility for Subdomain Center & Exploit Obse ...) - TODO: check + NOT-FOR-US: Puncia CVE-2024-41122 (Woodpecker is a simple yet powerful CI/CD engine with great extensibil ...) - TODO: check + NOT-FOR-US: Woodpecker CVE-2024-41121 (Woodpecker is a simple yet powerful CI/CD engine with great extensibil ...) - TODO: check + NOT-FOR-US: Woodpecker CVE-2024-41107 (The CloudStack SAML authentication (disabled by default) does not enfo ...) TODO: check CVE-2024-40400 (An arbitrary file upload vulnerability in the image upload function of ...) @@ -313,15 +313,15 @@ CVE-2024-39123 (In janeczku Calibre-Web 0.6.0 to 0.6.21, the edit_book_comments CVE-2024-37066 (A command injection vulnerability exists in Wyze V4 Pro firmware versi ...) NOT-FOR-US: Wyze CVE-2024-32007 (An improper input validation of thep2c parameter in the Apache CXF JOS ...) - TODO: check + NOT-FOR-US: Apache CXF CVE-2024-29736 (A SSRF vulnerability in WADL service description in versions of Apache ...) - TODO: check + NOT-FOR-US: Apache CXF CVE-2024-29080 (Potential vulnerabilities have been identified in the HP Display Contr ...) - TODO: check + NOT-FOR-US: HP CVE-2024-27489 (An issue in the DelFile() function of WMCMS v4.4 allows attackers to d ...) - TODO: check + NOT-FOR-US: WMCMS CVE-2024-24970 (Potential vulnerabilities have been identified in the HP Display Contr ...) - TODO: check + NOT-FOR-US: HP CVE-2024-0006 (Information exposure in the logging system in Yugabyte Platform allows ...) TODO: check CVE-2024-6903 (A vulnerability, which was classified as critical, has been found in S ...) @@ -358,9 +358,9 @@ CVE-2024-40642 (The netty incubator codec.bhttp is a java language binary http p CVE-2024-38156 (Microsoft Edge (Chromium-based) Spoofing Vulnerability) NOT-FOR-US: Microsoft CVE-2024-35199 (TorchServe is a flexible and easy-to-use tool for serving and scaling ...) - TODO: check + NOT-FOR-US: TorchServe CVE-2024-35198 (TorchServe is a flexible and easy-to-use tool for serving and scaling ...) - TODO: check + NOT-FOR-US: TorchServe CVE-2024-30130 (HCL Nomad server on Domino is vulnerable to the cache containing sensi ...) NOT-FOR-US: HCL CVE-2024-21583 (Versions of the package github.com/gitpod-io/gitpod/components/server/ ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59336dc724cf261df75f6b1ccf785ac0a1d86d6d -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59336dc724cf261df75f6b1ccf785ac0a1d86d6d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits