[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Feb 7 21:06:56 GMT 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e592f27b by Salvatore Bonaccorso at 2024-02-07T21:46:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2024-24811 (SQLAlchemyDA is a generic database adapter for ZSQL methods. A v
 CVE-2024-24771 (Open Forms allows users create and publish smart forms. Versions prior ...)
 	TODO: check
 CVE-2024-24706 (Cross-Site Request Forgery (CSRF) vulnerability in Forum One WP-CFM wp ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-24563 (Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual M ...)
 	NOT-FOR-US: Vyper
 CVE-2024-24488 (An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allo ...)
@@ -47,35 +47,35 @@ CVE-2024-24131 (SuperWebMailer v9.31.0.01799 was discovered to contain a reflect
 CVE-2024-24130 (Mail2World v12 Business Control Center was discovered to contain a ref ...)
 	NOT-FOR-US: Mail2World v12 Business Control Center
 CVE-2024-23806 (Sensitive data can be extracted from HID iCLASS SE reader configuratio ...)
-	TODO: check
+	NOT-FOR-US: HID iCLASS SE reader configuration cards
 CVE-2024-23769 (Improper privilege control for the named pipe in Samsung Magician PC S ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-22984
 	REJECTED
 CVE-2024-22012 (In TBD of TBD, there is a possible out of bounds write due to a missin ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-20290 (A vulnerability in the OLE2 file format parser of ClamAV could allow a ...)
 	TODO: check
 CVE-2024-20255 (A vulnerability in the SOAP API of Cisco Expressway Series and Cisco T ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20254 (Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePres ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20252 (Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePres ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-1118 (The Podlove Subscribe button plugin for WordPress is vulnerable to UNI ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1110 (The Podlove Podcast Publisher plugin for WordPress is vulnerable to un ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-1109 (The Podlove Podcast Publisher plugin for WordPress is vulnerable to un ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47700 (IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Stora ...)
 	NOT-FOR-US: IBM
 CVE-2023-46914 (SQL Injection vulnerability in RM bookingcalendar module for PrestaSho ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop module
 CVE-2023-43017 (IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a pri ...)
 	NOT-FOR-US: IBM
 CVE-2023-38995 (An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the  ...)
-	TODO: check
+	NOT-FOR-US: SCHUHFRIED
 CVE-2023-38369 (IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 does n ...)
 	NOT-FOR-US: IBM
 CVE-2023-32330 (IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure cal ...)
@@ -395,7 +395,7 @@ CVE-2024-1046 (The Paid Membership Plugin, Ecommerce, User Registration Form, Lo
 CVE-2024-0969 (The ARMember plugin for WordPress is vulnerable to Sensitive Informati ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-0964 (A local file include could be remotely triggered in Gradio due to a vu ...)
-	TODO: check
+	NOT-FOR-US: Gradio
 CVE-2024-0961 (The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to St ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-0954 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
@@ -547,7 +547,7 @@ CVE-2023-4637 (The WPvivid plugin for WordPress is vulnerable to unauthorized ac
 CVE-2023-47889 (The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes  ...)
 	NOT-FOR-US: Android application BINHDRM26 com.bdrm.superreboot
 CVE-2023-47354 (An issue in the PowerOffWidgetReceiver function of Super Reboot (Root) ...)
-	TODO: check
+	NOT-FOR-US: Super Reboot (Root) Recovery
 CVE-2023-47353 (An issue in the com.oneed.dvr.service.DownloadFirmwareService componen ...)
 	TODO: check
 CVE-2023-47022 (An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to e ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e592f27bd89b2141808f3c01fa50e308c567ca96

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e592f27bd89b2141808f3c01fa50e308c567ca96
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240207/0b85b9ba/attachment.htm>


More information about the debian-security-tracker-commits mailing list