[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 16 21:46:25 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b154eccf by Salvatore Bonaccorso at 2024-08-16T22:42:28+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,55 +1,55 @@
 CVE-2024-7646 (A security issue was discovered in ingress-nginx where an actor with p ...)
 	TODO: check
 CVE-2024-7147 (The JetBlocks for Elementor plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7146 (The JetTabs for Elementor plugin for WordPress is vulnerable to Local  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7145 (The JetElements plugin for WordPress is vulnerable to Local File Inclu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7144 (The JetElements plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7136 (The JetSearch plugin for WordPress is vulnerable to Stored Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6098 (When performing an online tag generation to devices which communicate  ...)
-	TODO: check
+	NOT-FOR-US: Kepware
 CVE-2024-6004 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-5210 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-5209 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-4782 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-4781 (A denial-of-service vulnerability was reported in some Lenovo printers ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-4763 (An insecure driver vulnerability was reported inLenovo Display Control ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-43810 (In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in t ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2024-43809 (In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on t ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2024-43808 (In JetBrains TeamCity before 2024.07.1 self XSS was possible in the Ha ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2024-43807 (In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possibl ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2024-43472 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-43381 (reNgine is an automated reconnaissance framework for web applications. ...)
 	TODO: check
 CVE-2024-43042 (Pluck CMS 4.7.18 does not restrict failed login attempts, allowing att ...)
 	TODO: check
 CVE-2024-43011 (An arbitrary file deletion vulnerability exists in the admin/del.php f ...)
-	TODO: check
+	NOT-FOR-US: ZZCMS
 CVE-2024-43009 (A reflected cross-site scripting (XSS) vulnerability exists in user/lo ...)
-	TODO: check
+	NOT-FOR-US: ZZCMS
 CVE-2024-43006 (A stored cross-site scripting (XSS) vulnerability exists in ZZCMS2023  ...)
-	TODO: check
+	NOT-FOR-US: ZZCMS
 CVE-2024-43005 (A reflected cross-site scripting (XSS) vulnerability in the component  ...)
-	TODO: check
+	NOT-FOR-US: ZZCMS
 CVE-2024-42995 (VTiger CRM <= 8.1.0 does not correctly check user privileges. A low-pr ...)
-	TODO: check
+	NOT-FOR-US: VTiger CRM
 CVE-2024-42994 (VTiger CRM <= 8.1.0 does not properly sanitize user input before using ...)
-	TODO: check
+	NOT-FOR-US: VTiger CRM
 CVE-2024-42850 (An issue in the password change function of Silverpeas v6.4.2 and lowe ...)
 	TODO: check
 CVE-2024-42849 (An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to c ...)
@@ -129,7 +129,7 @@ CVE-2024-43378 (calamares-nixos-extensions provides Calamares branding and modul
 CVE-2024-43370 (gettext.js is a GNU gettext port for node and the browser. There is a  ...)
 	TODO: check
 CVE-2024-43369 (Ibexa RichText Field Type is a Field Type for supporting rich formatte ...)
-	TODO: check
+	NOT-FOR-US: Ibexa RichText Field Type
 CVE-2024-43367 (Boa is an embeddable and experimental Javascript engine written in Rus ...)
 	TODO: check
 CVE-2024-43366 (zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b154eccf8d6fcd8f26b579083a2d002efab3610e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b154eccf8d6fcd8f26b579083a2d002efab3610e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240816/c2c1f3c7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list