[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Dec 3 13:51:39 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9acd1d42 by Moritz Muehlenhoff at 2024-12-03T14:51:19+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24,73 +24,73 @@ CVE-2024-53986 (rails-html-sanitizer is responsible for sanitizing HTML fragment
 CVE-2024-53985 (rails-html-sanitizer is responsible for sanitizing HTML fragments in R ...)
 	NOT-FOR-US: rails-html-sanitizer
 CVE-2024-53941 (An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V ...)
-	TODO: check
+	NOT-FOR-US: Victure RX1800 WiFi 6 Route
 CVE-2024-53940 (An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V ...)
-	TODO: check
+	NOT-FOR-US: Victure RX1800 WiFi 6 Route
 CVE-2024-53939 (An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V ...)
-	TODO: check
+	NOT-FOR-US: Victure RX1800 WiFi 6 Route
 CVE-2024-53938 (An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V ...)
-	TODO: check
+	NOT-FOR-US: Victure RX1800 WiFi 6 Route
 CVE-2024-53937 (An issue was discovered on Victure RX1800 WiFi 6 Router (software EN_V ...)
-	TODO: check
+	NOT-FOR-US: Victure RX1800 WiFi 6 Route
 CVE-2024-53477 (JFinal CMS 5.1.0 is vulnerable to Command Execution via unauthorized e ...)
-	TODO: check
+	NOT-FOR-US: JFinal CMS
 CVE-2024-53375 (Authenticated remote code execution (RCE) vulnerabilities affect TP-Li ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2024-49581 (Restricted Views backed objects (OSV1) could be bypassed under specifi ...)
-	TODO: check
+	NOT-FOR-US: Palantir
 CVE-2024-49421 (Path traversal in Quick Share Agent prior to version 3.5.14.47 in Andr ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-49420 (Improper handling of responses in GamingHub prior to version 6.1.04.6  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-49419 (Insufficient verification of url authenticity in GamingHub prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-49418 (Insufficient verification of url authenticity in GamingHub prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-49417 (Use of implicit intent for sensitive communication in Smart Touch Call ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-49416 (Use of implicit intent for sensitive communication in SmartThings prio ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-49415 (Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allo ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-49414 (Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR ...)
 	TODO: check
 CVE-2024-49413 (Improper Verification of Cryptographic Signature in SmartSwitch prior  ...)
 	TODO: check
 CVE-2024-49412 (Improper input validation in Settings prior to SMR Dec-2024 Release 1  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-49411 (Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows p ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-49410 (Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Relea ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-45068 (Authentication credentials leakage vulnerability in Hitachi Ops Center ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2024-39890 (An issue was discovered in Samsung Mobile Processor, Wearable Processo ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-11898 (The Scratch & Win \u2013 Giveaways and Contests. Boost subscribers, tr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11853 (The jAlbum Bridge plugin for WordPress is vulnerable to Stored Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11805 (The Quick License Manager \u2013 WooCommerce Plugin plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11732 (The BP Profile Shortcodes Extra plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11707 (The My auctions allegro plugin for WordPress is vulnerable to Reflecte ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11461 (The Form Data Collector plugin for WordPress is vulnerable to Reflecte ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11453 (The WordPress Pinterest Plugin \u2013 Make a Popup, User Profile, Maso ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10893 (The WP Booking Calendar WordPress plugin before 10.6.5 does not saniti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10484 (The Spectra \u2013 WordPress Gutenberg Blocks plugin for WordPress is  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8785 (In WhatsUp Gold versions released before 2024.0.1, aremote unauthentic ...)
 	NOT-FOR-US: WhatsUp
 CVE-2024-5890 (ServiceNow has addressed an HTML injection vulnerability that was iden ...)
 	NOT-FOR-US: ServiceNow
 CVE-2024-53992 (unzip-bot is a Telegram bot to extract various types of archives. User ...)
-	TODO: check
+	NOT-FOR-US: unzip-bot
 CVE-2024-53990 (The AsyncHttpClient (AHC) library allows Java applications to easily e ...)
 	TODO: check
 CVE-2024-53984 (Nanopb is a small code-size Protocol Buffers implementation.  When the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9acd1d42c4fdd555ba96b8fe78005b6057fc13a9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9acd1d42c4fdd555ba96b8fe78005b6057fc13a9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241203/aee04c5b/attachment.htm>

More information about the debian-security-tracker-commits mailing list