[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 8 08:01:52 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af977439 by Salvatore Bonaccorso at 2024-06-08T09:01:13+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54,29 +54,29 @@ CVE-2024-0090
 CVE-2024-5761
 	REJECTED
 CVE-2024-5745 (A vulnerability was found in itsourcecode Bakery Online Ordering Syste ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Bakery Online Ordering System
 CVE-2024-5734 (A vulnerability classified as critical has been found in itsourcecode  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Bakery Online Discussion Forum
 CVE-2024-5733 (A vulnerability was found in itsourcecode Online Discussion Forum 1.0. ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Online Discussion Forum
 CVE-2024-5732 (A vulnerability was found in Clash up to 0.20.1 on Windows. It has bee ...)
-	TODO: check
+	NOT-FOR-US: Clash
 CVE-2024-5645 (The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5637 (The Market Exporter plugin for WordPress is vulnerable to unauthorized ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5599 (The FileOrganizer \u2013 Manage WordPress and Website Files plugin for ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5542 (The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditio ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5481 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5438 (The Tutor LMS \u2013 eLearning and online course solution plugin for W ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5426 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5382 (The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditio ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4610 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm ...)
 	TODO: check
 CVE-2024-4152
@@ -88,49 +88,49 @@ CVE-2024-3133
 CVE-2024-37388 (An XML External Entity (XXE) vulnerability in the ebookmeta.get_metada ...)
 	TODO: check
 CVE-2024-37163 (SkyScrape is a GUI Dashboard for AWS Infrastructure and Managing Resou ...)
-	TODO: check
+	NOT-FOR-US: SkyScrape
 CVE-2024-37162 (zsa is a library for building typesafe server actions in Next.js. All  ...)
 	TODO: check
 CVE-2024-37160 (Formwork is a flat file-based Content Management System (CMS). An atta ...)
-	TODO: check
+	NOT-FOR-US: Formwork CMS
 CVE-2024-36827 (An XML External Entity (XXE) vulnerability in the ebookmeta.get_metada ...)
 	TODO: check
 CVE-2024-36811 (An arbitrary file upload vulnerability in the image upload function of ...)
 	TODO: check
 CVE-2024-36792 (An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/ ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2024-36790 (Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store  ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2024-36789 (An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attac ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2024-36788 (Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set th ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2024-36787 (An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attac ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2024-36773 (A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allow ...)
-	TODO: check
+	NOT-FOR-US: Monstra CMS
 CVE-2024-36673 (Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vuln ...)
-	TODO: check
+	NOT-FOR-US: Sourcecodester Pharmacy/Medical Store Point of Sale System
 CVE-2024-32503 (An issue was discovered in Samsung Mobile Processor and Wearable Proce ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-32502 (An issue was discovered in Samsung Mobile Processor and Wearable Proce ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-31959 (An issue was discovered in Samsung Mobile Processor Exynos 2200, Exyno ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-31958 (An issue was discovered in Samsung Mobile Processor EExynos 2200, Exyn ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-31878 (IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: IBM X-Force ID:
 CVE-2024-30163 (Invision Community before 4.7.16 allow SQL injection via the applicati ...)
-	TODO: check
+	NOT-FOR-US: Invision Community
 CVE-2024-30162 (Invision Community through 4.7.16 allows remote code execution via the ...)
-	TODO: check
+	NOT-FOR-US: Invision Community
 CVE-2024-23595
 	REJECTED
 CVE-2023-6997
 	REJECTED
 CVE-2023-5424 (The WS Form LITE plugin for WordPress is vulnerable to CSV Injection i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49222 (Precor touchscreen console P82 contains a private SSH key that corresp ...)
 	TODO: check
 CVE-2023-49221 (Precor touchscreen console P62, P80, and P82 could allow a remote atta ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af9774393ee27bd958cbf55ac36768c217c09456

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af9774393ee27bd958cbf55ac36768c217c09456
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240608/94437eef/attachment.htm>


More information about the debian-security-tracker-commits mailing list