[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 15 21:41:10 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
00feda56 by Salvatore Bonaccorso at 2024-08-15T22:40:27+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,113 +3,113 @@ CVE-2024-7867 (In Xpdf 4.05 (and earlier), very large coordinates in a page box
 CVE-2024-7866 (In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource le ...)
 	TODO: check
 CVE-2024-7838 (A vulnerability was found in itsourcecode Online Food Ordering System  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Online Food Ordering System
 CVE-2024-7833 (A vulnerability was found in D-Link DI-8100 16.07. It has been classif ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-7832 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DN ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-7831 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Li ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-7830 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-7829 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-7828 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-7263 (Improper path validation in promecefpluginhost.exe in Kingsoft WPS Off ...)
-	TODO: check
+	NOT-FOR-US: Kingsoft WPS Office
 CVE-2024-7262 (Improper path validation in promecefpluginhost.exe in Kingsoft WPS Off ...)
-	TODO: check
+	NOT-FOR-US: Kingsoft WPS Office
 CVE-2024-6347 (*  Unprotected privileged mode access through UDS session in the Blind ...)
 	TODO: check
 CVE-2024-43373 (webcrack is a tool for reverse engineering javascript. An arbitrary fi ...)
-	TODO: check
+	NOT-FOR-US: webcrack
 CVE-2024-43357 (ECMA-262 is the language specification for the scripting language ECMA ...)
 	TODO: check
 CVE-2024-42987 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42986 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42985 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42984 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42983 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42982 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42981 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42980 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42979 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42978 (An issue in the handler function in /goform/telnet of Tenda FH1206 v02 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42977 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42976 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42974 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42973 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42969 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42968 (Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42967 (Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allo ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-42966 (Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 all ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-42955 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42954 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42953 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42952 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42951 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42950 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42949 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42948 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42947 (An issue in the handler function in /goform/telnet of Tenda FH1201 v1. ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42946 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42945 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42944 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42943 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42942 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42941 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42940 (Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42843 (Projectworlds Online Examination System v1.0 is vulnerable to SQL Inje ...)
-	TODO: check
+	NOT-FOR-US: Projectworlds Online Examination System
 CVE-2024-42757 (Command injection vulnerability in Asus RT-N15U 3.0.0.4.376_3754 allow ...)
-	TODO: check
+	NOT-FOR-US: Asus
 CVE-2024-42681 (Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote  ...)
-	TODO: check
+	NOT-FOR-US: XXL-Job
 CVE-2024-42680 (An issue in Super easy enterprise management system v.1.0.0 and before ...)
-	TODO: check
+	NOT-FOR-US: Super easy enterprise management system
 CVE-2024-42679 (SQL Injection vulnerability in Super easy enterprise management system ...)
-	TODO: check
+	NOT-FOR-US: Super easy enterprise management system
 CVE-2024-42678 (Cross Site Scripting vulnerability in Super easy enterprise management ...)
-	TODO: check
+	NOT-FOR-US: Super easy enterprise management system
 CVE-2024-42677 (An issue in Huizhi enterprise resource management system v.1.0 and bef ...)
-	TODO: check
+	NOT-FOR-US: Huizhi enterprise resource management system
 CVE-2024-42676 (File Upload vulnerability in Huizhi enterprise resource management sys ...)
-	TODO: check
+	NOT-FOR-US: Huizhi enterprise resource management system
 CVE-2024-42476 (In the OAuth library for nim prior to version 0.11, the Authorization  ...)
 	TODO: check
 CVE-2024-42475 (In the OAuth library for nim prior to version 0.11, the `state` values ...)
@@ -195,9 +195,9 @@ CVE-2024-6534 (Directus v10.13.0 allows an authenticated external attacker to mo
 CVE-2024-6533 (Directus v10.13.0 allows an authenticated external attacker to execute ...)
 	NOT-FOR-US: Directus
 CVE-2024-43368 (The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pa ...)
-	TODO: check
+	NOT-FOR-US: Trix editor
 CVE-2024-43275 (Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert P ...)
-	TODO: check
+	NOT-FOR-US: Xyzscripts Insert PHP Code Snippet
 CVE-2024-42353 (WebOb provides objects for HTTP requests and responses. When WebOb nor ...)
 	TODO: check
 CVE-2024-25024 (IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pa ...)
@@ -664,7 +664,7 @@ CVE-2024-7567 (A denial-of-service vulnerability exists via the CIP/Modbus port
 CVE-2024-7113 (If exploited, this vulnerability could cause a SuiteLink server to con ...)
 	NOT-FOR-US: SuiteLink server
 CVE-2024-6788 (A remote unauthenticated attacker can use the firmware update feature  ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX CONTACT
 CVE-2024-6619 (In Ocean Data Systems Dream Report, an incorrect permission vulnerabil ...)
 	NOT-FOR-US: Ocean Data Systems Dream Report
 CVE-2024-6618 (In Ocean Data Systems Dream Report, a path traversal vulnerability cou ...)
@@ -674,7 +674,7 @@ CVE-2024-6384 ("Hot" backup files may be downloaded by underprivileged users, if
 CVE-2024-6079 (A vulnerability exists in the Rockwell Automation Emulate3D\u2122,whic ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2024-5849 (An unauthenticated remote attacker may use a reflected XSS vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Pepperl+Fuchs SE
 CVE-2024-43165 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-43160 (Unrestricted Upload of File with Dangerous Type vulnerability in BerqW ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00feda5649eca3d36ad0e8f7b6275ea6778d5dc8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00feda5649eca3d36ad0e8f7b6275ea6778d5dc8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240815/d3c3d50d/attachment.htm>

More information about the debian-security-tracker-commits mailing list