[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Apr 6 09:30:02 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc86cacd by Salvatore Bonaccorso at 2024-04-06T10:27:03+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,63 +1,63 @@
 CVE-2024-3362 (A vulnerability was found in SourceCodester Online Library System 1.0  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Library System
 CVE-2024-3361 (A vulnerability has been found in SourceCodester Online Library System ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Library System
 CVE-2024-3360 (A vulnerability, which was classified as critical, was found in Source ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Library System
 CVE-2024-3359 (A vulnerability, which was classified as critical, has been found in S ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Library System
 CVE-2024-3358 (A vulnerability classified as problematic was found in SourceCodester  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3357 (A vulnerability classified as problematic has been found in SourceCode ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3356 (A vulnerability was found in SourceCodester Aplaya Beach Resort Online ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3355 (A vulnerability was found in SourceCodester Aplaya Beach Resort Online ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3245 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3216 (The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shippi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-30977 (An issue in Secnet Security Network Intelligent AC Management System v ...)
-	TODO: check
+	NOT-FOR-US: Secnet Security Network Intelligent AC Management System
 CVE-2024-2950 (The BoldGrid Easy SEO \u2013 Simple and Effective SEO plugin for WordP ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2949 (The Carousel, Slider, Gallery by WP Carousel \u2013 Image Carousel & P ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2656 (The Email Subscribers by Icegram Express \u2013 Email Marketing, Newsl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2471 (The FooGallery plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2458 (The Powerkit \u2013 Supercharge your WordPress Site plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2444 (The Inline Related Posts WordPress plugin before 3.5.0 does not saniti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-27912 (A denial of service vulnerability was reported in some Lenovo Printers ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-27911 (A vulnerability was reported in some Lenovo Printers that could allow  ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-27910 (A vulnerability was reported in some Lenovo Printers that could allow  ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-27909 (A denial of service vulnerability was reported in the HTTPS service of ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-27908 (A buffer overflow vulnerability was reported in the HTTPS service of s ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-23592 (An authentication bypass vulnerability was reported in Lenovo devices  ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-21506 (Versions of the package pymongo before 4.6.3 are vulnerable to Out-of- ...)
 	TODO: check
 CVE-2024-1994 (The Image Watermark plugin for WordPress is vulnerable to unauthorized ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1428 (The Element Pack Elementor Addons (Header Footer, Free Template Librar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1385 (The WP-Stateless \u2013 Google Cloud Storage plugin for WordPress is v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0837 (The Element Pack Elementor Addons (Header Footer, Free Template Librar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5912 (A potential memory leakage vulnerability was reported in some Lenovo N ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2023-4605 (A valid authenticated Lenovo XClarity Administrator (LXCA) user can po ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-3354 (A vulnerability was found in SourceCodester Aplaya Beach Resort Online ...)
 	NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3353 (A vulnerability was found in SourceCodester Aplaya Beach Resort Online ...)
@@ -79,13 +79,13 @@ CVE-2024-3346 (A vulnerability was found in Byzro Smart S80 up to 20240328. It h
 CVE-2024-31852 (LLVM before 18.1.3 generates code in which the LR register can be over ...)
 	TODO: check
 CVE-2024-31851 (A path traversal vulnerability exists in the Java version of CData Syn ...)
-	TODO: check
+	NOT-FOR-US: CData
 CVE-2024-31850 (A path traversal vulnerability exists in the Java version of CData Arc ...)
-	TODO: check
+	NOT-FOR-US: CData
 CVE-2024-31849 (A path traversal vulnerability exists in the Java version of CData Con ...)
-	TODO: check
+	NOT-FOR-US: CData
 CVE-2024-31848 (A path traversal vulnerability exists in the Java version of CData API ...)
-	TODO: check
+	NOT-FOR-US: CData
 CVE-2024-31220 (Sunshine is a self-hosted game stream host for Moonlight. Starting in  ...)
 	NOT-FOR-US: Sunshine
 CVE-2024-31218 (Webhood is a self-hosted URL scanner used analyzing phishing and malic ...)
@@ -76589,9 +76589,9 @@ CVE-2023-25496 (A privilege escalation vulnerability was reported in Lenovo Driv
 CVE-2023-25495 (A valid, authenticated administrative user can query a web interface A ...)
 	NOT-FOR-US: Lenovo
 CVE-2023-25494 (A potential vulnerability were reported in the BIOS of some Desktop, S ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2023-25493 (A potential vulnerability was reported in the BIOS update tool driver  ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2023-25492 (A valid, authenticated user may be able to trigger a denial of service ...)
 	NOT-FOR-US: Lenovo
 CVE-2023-25491 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilityin Samue ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc86cacdc9bd1296f2f132abf0745b47d2404c90

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc86cacdc9bd1296f2f132abf0745b47d2404c90
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240406/5e9aba99/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list