[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 8 09:46:33 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1b43b921 by Salvatore Bonaccorso at 2024-04-08T10:46:03+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2024-3437 (A vulnerability was found in SourceCodester Prison Management System 1 ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Prison Management System
 CVE-2024-3436 (A vulnerability was found in SourceCodester Prison Management System 1 ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Prison Management System
 CVE-2024-3434 (A vulnerability classified as critical was found in CP Plus Wi-Fi Came ...)
 	TODO: check
 CVE-2024-3433 (A vulnerability classified as problematic has been found in PuneethRed ...)
-	TODO: check
+	NOT-FOR-US: PuneethReddyHC Event Management
 CVE-2024-3432 (A vulnerability was found in PuneethReddyHC Event Management 1.0. It h ...)
-	TODO: check
+	NOT-FOR-US: PuneethReddyHC Event Management
 CVE-2024-3431 (A vulnerability was found in EyouCMS 1.6.5. It has been declared as cr ...)
-	TODO: check
+	NOT-FOR-US: EyouCMS
 CVE-2024-3430 (A vulnerability was found in QKSMS up to 3.9.4 on Android. It has been ...)
-	TODO: check
+	NOT-FOR-US: QKSMS
 CVE-2024-31951 (In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, ...)
 	TODO: check
 CVE-2024-31950 (In FRRouting (FRR) through 9.1, there can be a buffer overflow and dae ...)
@@ -21,7 +21,7 @@ CVE-2024-31949 (In FRRouting (FRR) through 9.1, an infinite loop can occur when
 CVE-2024-31948 (In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix S ...)
 	TODO: check
 CVE-2024-31022 (An issue was discovered in CandyCMS version 1.0.0, allows remote attac ...)
-	TODO: check
+	NOT-FOR-US: CandyCMS
 CVE-2024-30675 (Unauthorized node injection vulnerability in ROS2 Iron Irwini in ROS_V ...)
 	TODO: check
 CVE-2024-30674 (Unauthorized access vulnerability in ROS2 Iron Irwini in ROS_VERSION i ...)
@@ -45,53 +45,53 @@ CVE-2024-30659 (Shell Injection vulnerability in ROS (Robot Operating System) Me
 CVE-2024-28744 (The password is empty in the initial configuration of ACERA 9010-08 fi ...)
 	TODO: check
 CVE-2024-27488 (Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 thro ...)
-	TODO: check
+	NOT-FOR-US: ZLMediaKit
 CVE-2024-23658 (In camera driver, there is a possible use after free due to a logic er ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2024-1958 (The wpb-show-core WordPress plugin before 2.7 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1956 (The wpb-show-core WordPress plugin before 2.7 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1752 (The Font Farsi WordPress plugin through 1.6.6 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1589 (The SendPress Newsletters WordPress plugin through 1.23.11.6 does not  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1588 (The SendPress Newsletters WordPress plugin through 1.23.11.6 does not  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1292 (The wpb-show-core WordPress plugin before 2.6 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-52536 (In faceid service, there is a possible out of bounds read due to a mis ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52535 (In vsp driver, there is a possible missing verification incorrect inpu ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52534 (In ngmm, there is a possible undefined behavior due to incorrect error ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52533 (In modem-ps-nas-ngmm, there is a possible undefined behavior due to in ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52352 (In Network Adapter Service, there is a possible missing permission che ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52351 (In ril service, there is a possible out of bounds write due to a missi ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52350 (In ril service, there is a possible out of bounds write due to a missi ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52349 (In ril service, there is a possible out of bounds write due to a missi ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52348 (In ril service, there is a possible out of bounds write due to a missi ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52347 (In ril service, there is a possible out of bounds write due to a missi ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52346 (In modem driver, there is a possible system crash due to improper inpu ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52345 (In modem driver, there is a possible system crash due to improper inpu ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52344 (In modem-ps-nas-ngmm, there is a possible undefined behavior due to in ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52343 (In SecurityCommand message after as security has been actived., there  ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52342 (In modem-ps-nas-ngmm, there is a possible undefined behavior due to in ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-52341 (In Plaintext COUNTER CHECK message accepted before AS security activat ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2021-47208 (The Mojolicious module before 9.11 for Perl has a bug in format detect ...)
 	TODO: check
 CVE-2020-36829 (The Mojolicious module before 8.65 for Perl is vulnerable to secure_co ...)
@@ -173,7 +173,7 @@ CVE-2024-30416 (Use After Free (UAF) vulnerability in the underlying driver modu
 CVE-2024-22155 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooComme ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-52717 (Permission verification vulnerability in the lock screen module. Impac ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-52716 (Vulnerability of starting activities in the background in the Activity ...)
 	NOT-FOR-US: Huawei
 CVE-2023-52715 (The SystemUI module has a vulnerability in permission management. Impa ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b43b92195850657538a2025ab3214700c29ae0c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b43b92195850657538a2025ab3214700c29ae0c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240408/b4693a70/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list