[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jan 29 20:25:16 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
718f25d2 by Salvatore Bonaccorso at 2024-01-29T21:24:46+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,25 +1,25 @@
 CVE-2024-24141 (Sourcecodester School Task Manager App 1.0 allows SQL Injection via th ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester School Task Manager App
 CVE-2024-24140 (Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via th ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Daily Habit Tracker App
 CVE-2024-24139 (Sourcecodester Login System with Email Verification 1.0 allows SQL Inj ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Login System with Email Verification
 CVE-2024-24136 (The 'Your Name' field in the Submit Score section of Sourcecodester Ma ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Math Game with Leaderboard
 CVE-2024-24135 (Product Name and Product Code in the 'Add Product' section of Sourceco ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Product Inventory with Export to Excel
 CVE-2024-24134 (Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Script ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Online Food Menu
 CVE-2024-23940 (Trend Micro uiAirSupport, included in the Trend Micro Security 2023 fa ...)
-	TODO: check
+	NOT-FOR-US: Trend Micro
 CVE-2024-23828 (Nginx-UI is a web interface to manage Nginx configurations. It is vuln ...)
-	TODO: check
+	NOT-FOR-US: Nginx-UI
 CVE-2024-23827 (Nginx-UI is a web interface to manage Nginx configurations. The Import ...)
-	TODO: check
+	NOT-FOR-US: Nginx-UI
 CVE-2024-23826 (spbu_se_site is the website of the Department of System Programming of ...)
-	TODO: check
+	NOT-FOR-US: spbu_se_site (website of the Department of System Programming of St. Petersburg State University)
 CVE-2024-23822 (Thruk is a multibackend monitoring webinterface.  Prior to 3.12, the T ...)
-	TODO: check
+	NOT-FOR-US: Thruk
 CVE-2024-23792 (When adding attachments to ticket comments,  another user can add atta ...)
 	TODO: check
 CVE-2024-23791 (Insertion of debug information into log file during building the elast ...)
@@ -27,99 +27,99 @@ CVE-2024-23791 (Insertion of debug information into log file during building the
 CVE-2024-23790 (Improper Input Validation vulnerability in the upload functionality fo ...)
 	TODO: check
 CVE-2024-23747 (The Moderna Sistemas ModernaNet Hospital Management System 2024 is sus ...)
-	TODO: check
+	NOT-FOR-US: Moderna Sistemas ModernaNet Hospital Management System
 CVE-2024-23441 (Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Vba32 Antivirus
 CVE-2024-22570 (A stored cross-site scripting (XSS) vulnerability in /install.php?m=in ...)
-	TODO: check
+	NOT-FOR-US: GreenCMS
 CVE-2024-22559 (LightCMS v2.0 is vulnerable to Cross Site Scripting (XSS) in the Conte ...)
-	TODO: check
+	NOT-FOR-US: LightCMS
 CVE-2024-1018 (A vulnerability classified as problematic has been found in PbootCMS 3 ...)
-	TODO: check
+	NOT-FOR-US: PbootCMS
 CVE-2024-1017 (A vulnerability was found in Gabriels FTP Server 1.2. It has been rate ...)
-	TODO: check
+	NOT-FOR-US: Gabriels FTP Server
 CVE-2024-1016 (A vulnerability was found in Solar FTP Server 2.1.1/2.1.2. It has been ...)
-	TODO: check
+	NOT-FOR-US: Solar FTP Server
 CVE-2024-1015 (Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3  ...)
-	TODO: check
+	NOT-FOR-US: SE-elektronic GmbH E-DDC3.3
 CVE-2024-1014 (Uncontrolled resource consumption vulnerability in SE-elektronic GmbH  ...)
-	TODO: check
+	NOT-FOR-US: SE-elektronic GmbH E-DDC3.3
 CVE-2024-1011 (A vulnerability classified as problematic was found in SourceCodester  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Employee Management System
 CVE-2024-1010 (A vulnerability classified as problematic has been found in SourceCode ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Employee Management System
 CVE-2024-1009 (A vulnerability was found in SourceCodester Employee Management System ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Employee Management System
 CVE-2024-1008 (A vulnerability was found in SourceCodester Employee Management System ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Employee Management System
 CVE-2024-1007 (A vulnerability was found in SourceCodester Employee Management System ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Employee Management System
 CVE-2024-1006 (A vulnerability was found in Shanxi Diankeyun Technology NODERP up to  ...)
-	TODO: check
+	NOT-FOR-US: Shanxi Diankeyun Technology NODERP
 CVE-2024-1005 (A vulnerability has been found in Shanxi Diankeyun Technology NODERP u ...)
-	TODO: check
+	NOT-FOR-US: Shanxi Diankeyun Technology NODERP
 CVE-2024-1004 (A vulnerability, which was classified as critical, was found in Totoli ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2024-1003 (A vulnerability, which was classified as critical, has been found in T ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2024-1002 (A vulnerability classified as critical was found in Totolink N200RE 9. ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2024-1001 (A vulnerability classified as critical has been found in Totolink N200 ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2024-1000 (A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2024-0999 (A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2024-0998 (A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2024-0997 (A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and ...)
-	TODO: check
+	NOT-FOR-US: Totolink
 CVE-2024-0788 (SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API pa ...)
-	TODO: check
+	NOT-FOR-US: SUPERAntiSpyware Pro X
 CVE-2024-0212 (The Cloudflare Wordpress plugin was found to be vulnerable to improper ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-7204 (The WP STAGING WordPress Backup plugin before 3.2.0 allows access to c ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-7200 (The EventON WordPress plugin before 4.4.1 does not sanitise and escape ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-7199 (The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium Word ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-7089 (The Easy SVG Allow WordPress plugin through 1.0 does not sanitize uplo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-7074 (The WP SOCIAL BOOKMARK MENU WordPress plugin through 1.2 does not have ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6946 (The Autotitle for WordPress plugin through 1.0.3 does not have CSRF ch ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6633 (The Site Notes WordPress plugin through 2.0.0 does not have CSRF check ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6530 (The TJ Shortcodes WordPress plugin through 0.1.3 does not validate and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6503 (The WP Plugin Lister WordPress plugin through 2.1.0 does not have CSRF ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6391 (The Custom User CSS WordPress plugin through 0.2 does not have CSRF ch ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6390 (The WordPress Users WordPress plugin through 1.4 does not have CSRF ch ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6389 (The WordPress Toolbar WordPress plugin through 2.2.6 redirects to any  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6279 (The Woostify Sites Library WordPress plugin before 1.4.8 does not have ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6278 (The Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo WordPr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6165 (The Restrict Usernames Emails Characters WordPress plugin before 3.1.4 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5956 (The Wp-Adv-Quiz WordPress plugin through 1.0.2 does not sanitise and e ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5943 (The Wp-Adv-Quiz WordPress plugin before 1.0.3 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-5378 (Improper Input Validation vulnerability in  MegaBIP and already unsupp ...)
 	TODO: check
 CVE-2023-5124 (The Page Builder: Pagelayer WordPress plugin before 1.8.0 doesn't prev ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-51842 (An algorithm-downgrade issue was discovered in Ylianst MeshCentral 1.1 ...)
-	TODO: check
+	NOT-FOR-US: Ylianst MeshCentral
 CVE-2023-51840 (DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key.)
-	TODO: check
+	NOT-FOR-US: DoraCMS
 CVE-2023-51839 (DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptogr ...)
 	TODO: check
 CVE-2023-46050



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/718f25d2268948b2ba56e4d5356ff6bdd49bda2e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/718f25d2268948b2ba56e4d5356ff6bdd49bda2e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240129/310ef5d3/attachment.htm>

More information about the debian-security-tracker-commits mailing list