[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cd9e49b5 by Salvatore Bonaccorso at 2024-06-12T11:04:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39,25 +39,25 @@ CVE-2024-4315 (parisneo/lollms version 9.5 is vulnerable to Local File Inclusion
 CVE-2024-3925 (The Element Pack Elementor Addons (Header Footer, Template Library, Dy ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-3559 (The Custom Field Suite plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-36856 (RMQTT Broker 0.4.0 allows remote attackers to cause a Denial of Servic ...)
 	TODO: check
 CVE-2024-36454 (Use of uninitialized resource issue exists in IPCOM EX2 Series (V01L0x ...)
-	TODO: check
+	NOT-FOR-US: IPCOM
 CVE-2024-36103 (OS command injection vulnerability in WRC-X5400GS-B v1.0.10 and earlie ...)
-	TODO: check
+	NOT-FOR-US: WRC-X5400GS-B
 CVE-2024-35225 (Jupyter Server Proxy allows users to run arbitrary external processes  ...)
 	TODO: check
 CVE-2024-33606 (An attacker could retrieve sensitive files (medical images) as well as ...)
-	TODO: check
+	NOT-FOR-US: MicroDicom DICOM Viewer system
 CVE-2024-28970 (Dell Client BIOS contains an Out-of-bounds Write vulnerability. A loca ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-28877 (MicroDicom DICOM Viewer is vulnerable to a stack-based buffer overflow ...)
-	TODO: check
+	NOT-FOR-US: MicroDicom DICOM Viewer
 CVE-2024-0427 (The ARForms - Premium WordPress Form Builder Plugin WordPress plugin b ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0160 (Dell Client Platform contains an incorrect authorization vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-25131
 	NOT-FOR-US: MustGather.managed.openshift.io Custom Defined Resource (CRD)
 CVE-2024-5847 (Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allow ...)
@@ -175,7 +175,7 @@ CVE-2024-37161 (MeterSphere is an open source continuous testing platform. Prior
 CVE-2024-36821 (Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 a ...)
 	NOT-FOR-US: Linksys
 CVE-2024-36702 (libiec61850 v1.5 was discovered to contain a heap overflow via the Ber ...)
-	TODO: check
+	NOT-FOR-US: libIEC61850
 CVE-2024-36650 (TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1 ...)
 	NOT-FOR-US: TOTOLINK
 CVE-2024-36266 (A vulnerability has been identified in PowerSys (All versions < V3.11) ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd9e49b578850a53832cb135780819f74610c714

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd9e49b578850a53832cb135780819f74610c714
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240612/cda5d070/attachment.htm>