[Git][security-tracker-team/security-tracker][master] Process more NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
34696412 by Salvatore Bonaccorso at 2024-08-19T12:28:57+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,13 +15,13 @@ CVE-2024-7913 (A vulnerability was found in itsourcecode Billing System 1.0. It
 CVE-2024-7912 (A vulnerability was found in CodeAstro Online Railway Reservation Syst ...)
 	NOT-FOR-US: CodeAstro Online Railway Reservation System
 CVE-2024-6843 (The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not saniti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6451 (AI Engine < 2.4.3 is susceptible to remote-code-execution (RCE) via Lo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6330 (The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthe ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-44083 (ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a sect ...)
-	TODO: check
+	NOT-FOR-US: Hex-Rays IDA Pro
 CVE-2024-44076 (In Microcks before 1.10.0, the POST /api/import and POST /api/export e ...)
 	TODO: check
 CVE-2024-44073 (The Miniscript (aka rust-miniscript) library before 12.2.0 for Rust al ...)
@@ -29,59 +29,59 @@ CVE-2024-44073 (The Miniscript (aka rust-miniscript) library before 12.2.0 for R
 CVE-2024-44070 (An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_enca ...)
 	TODO: check
 CVE-2024-44069 (Pi-hole before 6 allows unauthenticated admin/api.php?setTempUnit= cal ...)
-	TODO: check
+	NOT-FOR-US: Pi-hole
 CVE-2024-44067 (The T-Head XuanTie C910 CPU in the TH1520 SoC and the T-Head XuanTie C ...)
 	TODO: check
 CVE-2024-43350 (Authorization Bypass Through User-Controlled Key vulnerability in Prop ...)
-	TODO: check
+	NOT-FOR-US: Propovoice Propovoice CRM
 CVE-2024-43322 (Authorization Bypass Through User-Controlled Key vulnerability in Dyla ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43315 (Authorization Bypass Through User-Controlled Key vulnerability in Chec ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43304 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43303 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43294 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43292 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43291 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43288 (Authorization Bypass Through User-Controlled Key vulnerability in gVec ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43286 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43284 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43282 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43279 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43278 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43267 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43266 (Authorization Bypass Through User-Controlled Key vulnerability in WP J ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43263 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43262 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43246 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43244 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43241 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43239 (Authorization Bypass Through User-Controlled Key vulnerability in Mast ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43207 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43145 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-35686 (Missing Authorization vulnerability in Automattic Sensei LMS, Automatt ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-25582 (Module savepoints could be abused to inject references to malicious co ...)
 	TODO: check
 CVE-2024-7911 (A vulnerability was found in SourceCodester Simple Online Bidding Syst ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34696412fbe4f1a2f482904fe5722259393ccd1d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34696412fbe4f1a2f482904fe5722259393ccd1d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240819/148a8a75/attachment.htm>