[Git][security-tracker-team/security-tracker][master] NFUs

Fri, 07 Jun 2024 02:38:34 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
28a7a016 by Moritz Muehlenhoff at 2024-06-07T11:37:51+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,45 +5,45 @@ CVE-2024-37279
 CVE-2024-5154
        - cri-o <itp> (bug #979702)
 CVE-2024-5640 (The Prime Slider \u2013 Addons For Elementor (Revolution of a 
slider,  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5612 (The Essential Addons for Elementor Pro plugin for WordPress is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5607 (The GDPR CCPA Compliance & Cookie Consent Banner plugin for 
WordPress  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5425 (The WP jQuery Lightbox plugin for WordPress is vulnerable to 
Stored Cr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5003 (The WP Stacker WordPress plugin through 1.8.5 does not have 
CSRF check ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4902 (The Tutor LMS \u2013 eLearning and online course solution 
plugin for W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4887 (The Qi Addons For Elementor plugin for WordPress is vulnerable 
to Remo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4756 (The WP Backpack WordPress plugin through 2.1 does not sanitise 
and esc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4703 (The One Page Express Companion plugin for WordPress is 
vulnerable to S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4621 (The ARForms - Premium WordPress Form Builder Plugin WordPress 
plugin b ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4620 (The ARForms - Premium WordPress Form Builder Plugin WordPress 
plugin b ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4489 (The Royal Elementor Addons and Templates plugin for WordPress 
is vulne ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4488 (The Royal Elementor Addons and Templates for WordPress is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4451 (The Colibri Page Builder plugin for WordPress is vulnerable to 
Stored  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4354 (The TablePress \u2013 Tables in WordPress made easy plugin for 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4042 (The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, 
Post Block ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4013 (A bug exists in the API, mesh_node_power_off(), which fails to 
copy th ...)
-       TODO: check
+       NOT-FOR-US: Silabs Gecko SDK
 CVE-2024-3987 (The WP Mobile Menu \u2013 The Mobile-Friendly Responsive Menu 
plugin f ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3592 (The Quiz And Survey Master \u2013 Best Quiz, Exam and Survey 
Plugin fo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3288 (The Logo Slider  WordPress plugin before 4.0.0 does not 
validate and e ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-37385 (Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on 
Windows allow ...)
        TODO: check
 CVE-2024-37384 (Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows 
XSS via l ...)
@@ -51,51 +51,51 @@ CVE-2024-37384 (Roundcube Webmail before 1.5.7 and 1.6.x 
before 1.6.7 allows XSS
 CVE-2024-37383 (Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows 
XSS via S ...)
        TODO: check
 CVE-2024-36823 (The encrypt() function of Ninja Core v7.0.0 was discovered to 
use a we ...)
-       TODO: check
+       NOT-FOR-US: Ninja framework
 CVE-2024-36795 (Insecure permissions in Netgear WNR614 
JNR1010V2/N300-V1.1.0.54_1.0.1  ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2024-36775 (A cross-site scripting (XSS) vulnerability in Monstra CMS 
v3.0.4 allow ...)
-       TODO: check
+       NOT-FOR-US: Monstra CMS
 CVE-2024-36774 (An arbitrary file upload vulnerability in Monstra CMS v3.0.4 
allows at ...)
-       TODO: check
+       NOT-FOR-US: Monstra CMS
 CVE-2024-36082 (SQL injection vulnerability in Music Store - WordPress 
eCommerce versi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32752 (Under certain circumstances communications between the ICU 
tool and an ...)
-       TODO: check
+       NOT-FOR-US: Johnsin Controls Software House iSTAR
 CVE-2024-24199 (smartdns commit 54b4dc was discovered to contain a misaligned 
address  ...)
-       TODO: check
+       NOT-FOR-US: smartdns
 CVE-2024-24198 (smartdns commit 54b4dc was discovered to contain a misaligned 
address  ...)
-       TODO: check
+       NOT-FOR-US: smartdns
 CVE-2024-24195 (robdns commit d76d2e6 was discovered to contain a misaligned 
address a ...)
-       TODO: check
+       NOT-FOR-US: robdns
 CVE-2024-24194 (robdns commit d76d2e6 was discovered to contain a NULL pointer 
derefer ...)
-       TODO: check
+       NOT-FOR-US: robdns
 CVE-2024-24192 (robdns commit d76d2e6 was discovered to contain a heap 
overflow via th ...)
-       TODO: check
+       NOT-FOR-US: robdns
 CVE-2024-22525 (dnspod-sr 0dfbd37 contains a SEGV.)
-       TODO: check
+       NOT-FOR-US: dnspod-sr
 CVE-2024-22524 (dnspod-sr 0dfbd37 is vulnerable to buffer overflow.)
-       TODO: check
+       NOT-FOR-US: dnspod-sr
 CVE-2024-22074 (Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 
1.7.2531 ...)
-       TODO: check
+       NOT-FOR-US: Dynamsoft Service
 CVE-2024-1988 (The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, 
Post Block ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1768 (The Clever Fox plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1689 (The WooCommerce Tools plugin for WordPress is vulnerable to 
unauthoriz ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-6876 (The Clever Fox \u2013 One Click Website Importer by Nayra 
Themes plugi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-6491 (The Strong Testimonials plugin for WordPress is vulnerable to 
unauthor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-51847 (An issue in obgm and Libcoap v.a3ed466 allows a remote 
attacker to cau ...)
-       TODO: check
+       NOT-FOR-US: libcoap
 CVE-2023-49441 (dnsmasq 2.9 is vulnerable to Integer Overflow via 
forward_query.)
        TODO: check
 CVE-2023-37539 (The Domino Catalog template is susceptible to a Stored 
Cross-Site Scri ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2023-32475 (Dell BIOS contains a missing support for integrity check 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2022-4968 (netplan leaks the private key of wireguard to local users. A 
security  ...)
        TODO: check
 CVE-2024-5684 (An attacker with access to the private network (the charger is 
connect ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28a7a016fffa63ce8d58271495bb399ebfa3b45d

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28a7a016fffa63ce8d58271495bb399ebfa3b45d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to