[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 14 20:07:35 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
61fafc37 by Salvatore Bonaccorso at 2024-06-14T21:06:59+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -281,7 +281,7 @@ CVE-2024-0095 (NVIDIA Triton Inference Server for Linux and Windows contains a v
 CVE-2024-0094 (NVIDIA vGPU software for Linux contains a vulnerability in the Virtual ...)
 	NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
 CVE-2024-0093 (NVIDIA GPU software for Linux contains a vulnerability where it can ex ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2024-0089 (NVIDIA GPU Display Driver for Windows contains a vulnerability where t ...)
 	NOT-FOR-US: NVIDIA
 CVE-2024-0086 (NVIDIA vGPU software for Linux contains a vulnerability where the soft ...)
@@ -925,7 +925,7 @@ CVE-2024-37036 (CWE-787: Out-of-bounds Write vulnerability exists that could res
 CVE-2024-36840 (SQL Injection vulnerability in Boelter Blue System Management v.1.3 al ...)
 	NOT-FOR-US: Boelter Blue System Management
 CVE-2024-36761 (naga v0.14.0 was discovered to contain a stack overflow via the compon ...)
-	TODO: check
+	NOT-FOR-US: naga
 CVE-2024-36699 (GNU Debugger v8.2 to v14.2 was discovered to contain a buffer overflow ...)
 	TODO: check
 CVE-2024-36691 (Insecure permissions in the AdminController.AjaxSave() method of PPGo_ ...)
@@ -1057,7 +1057,7 @@ CVE-2024-3925 (The Element Pack Elementor Addons (Header Footer, Template Librar
 CVE-2024-3559 (The Custom Field Suite plugin for WordPress is vulnerable to Stored Cr ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-36856 (RMQTT Broker 0.4.0 allows remote attackers to cause a Denial of Servic ...)
-	TODO: check
+	NOT-FOR-US: RMQTT Broker
 CVE-2024-36454 (Use of uninitialized resource issue exists in IPCOM EX2 Series (V01L0x ...)
 	NOT-FOR-US: IPCOM
 CVE-2024-36103 (OS command injection vulnerability in WRC-X5400GS-B v1.0.10 and earlie ...)
@@ -89986,7 +89986,7 @@ CVE-2023-29176
 CVE-2023-29175 (An improper certificate validation vulnerability [CWE-295] in FortiOS  ...)
 	NOT-FOR-US: FortiGuard
 CVE-2023-29174 (Missing Authorization vulnerability in NervyThemes SKU Label Changer F ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-29173
 	RESERVED
 CVE-2023-29172 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Property ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61fafc3708c6537072c375604e64f286a9857dad

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61fafc3708c6537072c375604e64f286a9857dad
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240614/57cb773c/attachment.htm>

More information about the debian-security-tracker-commits mailing list