[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 26 21:30:23 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
de3a0804 by Salvatore Bonaccorso at 2024-08-26T22:28:10+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,69 +1,69 @@
CVE-2024-8188
REJECTED
CVE-2024-8174 (A vulnerability has been found in code-projects Blood Bank System 1.0 ...)
- TODO: check
+ NOT-FOR-US: code-projects Blood Bank System
CVE-2024-8173 (A vulnerability, which was classified as critical, was found in code-p ...)
- TODO: check
+ NOT-FOR-US: code-projects Blood Bank System
CVE-2024-8172 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: SourceCodester QR Code Attendance System
CVE-2024-8171 (A vulnerability classified as critical was found in itsourcecode Tailo ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Tailoring Management System
CVE-2024-8170 (A vulnerability classified as problematic has been found in SourceCode ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Zipped Folder Manager App
CVE-2024-8169 (A vulnerability was found in code-projects Online Quiz Site 1.0. It ha ...)
- TODO: check
+ NOT-FOR-US: code-projects Online Quiz Site
CVE-2024-8168 (A vulnerability was found in code-projects Online Bus Reservation Site ...)
- TODO: check
+ NOT-FOR-US: code-projects Online Bus Reservation Site
CVE-2024-8167 (A vulnerability was found in code-projects Job Portal 1.0. It has been ...)
- TODO: check
+ NOT-FOR-US: code-projects Job Portal
CVE-2024-8166 (A vulnerability has been found in Ruijie EG2000K 11.1(6)B2 and classif ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2024-8165 (A vulnerability, which was classified as problematic, was found in Che ...)
- TODO: check
+ NOT-FOR-US: Chengdu Everbrite Network Technology BeikeShop
CVE-2024-8164 (A vulnerability, which was classified as critical, has been found in C ...)
- TODO: check
+ NOT-FOR-US: Chengdu Everbrite Network Technology BeikeShop
CVE-2024-8163 (A vulnerability classified as critical was found in Chengdu Everbrite ...)
- TODO: check
+ NOT-FOR-US: Chengdu Everbrite Network Technology BeikeShop
CVE-2024-8162 (A vulnerability classified as critical has been found in TOTOLINK T10 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2024-8161 (SQL injection vulnerability in ATISolutions CIGES affecting versions l ...)
- TODO: check
+ NOT-FOR-US: ATISolutions CIGES
CVE-2024-8158 (A bug in the 9p authentication implementation within lib9p allows an a ...)
TODO: check
CVE-2024-8155 (A vulnerability classified as critical was found in ContiNew Admin 3.2 ...)
- TODO: check
+ NOT-FOR-US: ContiNew Admin
CVE-2024-8154 (A vulnerability classified as problematic has been found in SourceCode ...)
- TODO: check
+ NOT-FOR-US: SourceCodester QR Code Bookmark System
CVE-2024-8153 (A vulnerability was found in SourceCodester QR Code Bookmark System 1. ...)
- TODO: check
+ NOT-FOR-US: SourceCodester QR Code Bookmark System
CVE-2024-8152 (A vulnerability was found in SourceCodester QR Code Bookmark System 1. ...)
- TODO: check
+ NOT-FOR-US: SourceCodester QR Code Bookmark System
CVE-2024-8151 (A vulnerability was found in SourceCodester Interactive Map with Marke ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Interactive Map with Marker
CVE-2024-8150 (A vulnerability was found in ContiNew Admin 3.2.0 and classified as cr ...)
- TODO: check
+ NOT-FOR-US: ContiNew Admin
CVE-2024-8105 (A vulnerability related to the use an insecure Platform Key (PK) has b ...)
TODO: check
CVE-2024-8073 (Improper Input Validation vulnerability in Hillstone Networks Hillston ...)
- TODO: check
+ NOT-FOR-US: Hillstone
CVE-2024-7988 (A remote code execution vulnerability exists in the Rockwell Automatio ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-7987 (A remote code execution vulnerability exists in the Rockwell Automatio ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2024-7401 (Netskope was notified about a security gap in Netskope Client enrollme ...)
TODO: check
CVE-2024-7313 (The Shield Security WordPress plugin before 20.0.6 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-6879 (The Quiz and Survey Master (QSM) WordPress plugin before 9.1.1 fails ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-45265 (A SQL injection vulnerability in the poll component in SkySystem Arfa- ...)
- TODO: check
+ NOT-FOR-US: SkySystem Arfa-CMS
CVE-2024-45258 (The req package before 3.43.4 for Go may send an unintended request wh ...)
TODO: check
CVE-2024-45256 (An arbitrary file write issue in the exfiltration endpoint in BYOB (Bu ...)
TODO: check
CVE-2024-45241 (A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf ...)
- TODO: check
+ NOT-FOR-US: CentralSquare CryWolf (False Alarm Management)
CVE-2024-44797 (A cross-site scripting (XSS) vulnerability in the component /managers/ ...)
TODO: check
CVE-2024-44796 (A cross-site scripting (XSS) vulnerability in the component /auth/Azur ...)
@@ -75,31 +75,31 @@ CVE-2024-44794 (A cross-site scripting (XSS) vulnerability in the component /mas
CVE-2024-44793 (A cross-site scripting (XSS) vulnerability in the component /managers/ ...)
TODO: check
CVE-2024-44565 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName par ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44563 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44558 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpv ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44557 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44556 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbal ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44555 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44553 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44552 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbal ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44551 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44550 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpv ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-44549 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-43967 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43966 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43806 (Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using `r ...)
TODO: check
CVE-2024-43802 (Vim is an improved version of the unix vi text editor. When flushing t ...)
@@ -111,13 +111,13 @@ CVE-2024-43443 (Improper Neutralization of Input done by an attacker with admin
CVE-2024-43442 (Improper Neutralization of Input done by an attacker with admin privil ...)
TODO: check
CVE-2024-43319 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43289 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-43283 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-42913 (RuoYi CMS v4.7.9 was discovered to contain a SQL injection vulnerabili ...)
- TODO: check
+ NOT-FOR-US: RuoYi CMS
CVE-2024-42906 (TestLink before v.1.9.20 is vulnerable to Cross Site Scripting (XSS) v ...)
TODO: check
CVE-2024-42818 (A cross-site scripting (XSS) vulnerability in the Config-Create functi ...)
@@ -125,25 +125,25 @@ CVE-2024-42818 (A cross-site scripting (XSS) vulnerability in the Config-Create
CVE-2024-42816 (A cross-site scripting (XSS) vulnerability in the Create Product funct ...)
TODO: check
CVE-2024-42792 (A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipa ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42791 (A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipa ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42790 (A Reflected Cross Site Scripting (XSS) vulnerability was found in "/mu ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42789 (A Reflected Cross Site Scripting (XSS) vulnerability was found in "/mu ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42788 (A Stored Cross Site Scripting (XSS) vulnerability was found in "/music ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-42787 (A Stored Cross Site Scripting (XSS) vulnerability was found in "/music ...)
- TODO: check
+ NOT-FOR-US: Kashipara Music Management System
CVE-2024-41996 (Validating the order of the public keys in the Diffie-Hellman Key Agre ...)
TODO: check
CVE-2024-41879 (Acrobat Reader versions 127.0.2651.105 and earlier are affected by an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2024-41444 (SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2024-41285 (A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows ...)
- TODO: check
+ NOT-FOR-US: FAST FW300R
CVE-2024-39097 (There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below v ...)
TODO: check
CVE-2024-38859 (XSS in the view page with the SLA column configured in Checkmk version ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de3a08049a0dbe7fb7bb16b9de5841b388cc1fbf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de3a08049a0dbe7fb7bb16b9de5841b388cc1fbf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240826/8ea5bd09/attachment.htm>
More information about the debian-security-tracker-commits
mailing list