[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Mar 26 08:27:14 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0586dfef by Salvatore Bonaccorso at 2024-03-26T09:26:44+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,61 +1,61 @@
 CVE-2024-2889 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2888 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2873 (A vulnerability was found in wolfSSH's server-side state machine befor ...)
 	TODO: check
 CVE-2024-2732 (The Themify Shortcodes plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2427 (A denial-of-service vulnerability exists in the Rockwell Automation Po ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation
 CVE-2024-2426 (A denial-of-service vulnerability exists in the Rockwell Automation Po ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation
 CVE-2024-2425 (A denial-of-service vulnerability exists in the Rockwell Automation Po ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation
 CVE-2024-2303 (The Easy Textillate plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2170 (The VK All in One Expansion Unit plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-29442 (An unauthorized access vulnerability has been discovered in ROS2 Humbl ...)
 	TODO: check
 CVE-2024-29440 (An unauthorized access vulnerability has been discovered in ROS2 Humbl ...)
 	TODO: check
 CVE-2024-29303 (The delete admin users function of SourceCodester PHP Task Management  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester PHP Task Management System
 CVE-2024-29302 (SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Inj ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester PHP Task Management System
 CVE-2024-29301 (SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Inj ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester PHP Task Management System
 CVE-2024-29199 (Nautobot is a Network Source of Truth and Network Automation Platform. ...)
-	TODO: check
+	NOT-FOR-US: Nautobot
 CVE-2024-29196 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2024-29195 (The azure-c-shared-utility is a C library for AMQP/MQTT communication  ...)
 	TODO: check
 CVE-2024-29189 (PyAnsys Geometry is a Python client library for the Ansys Geometry ser ...)
-	TODO: check
+	NOT-FOR-US: Ansys
 CVE-2024-29179 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2024-29041 (Express.js minimalist web framework for node. Versions of Express.js p ...)
 	TODO: check
 CVE-2024-28421 (SQL Injection vulnerability in Razor 0.8.0 allows a remote attacker to ...)
 	TODO: check
 CVE-2024-21914 (A vulnerability exists in the affected product that allows a malicious ...)
-	TODO: check
+	NOT-FOR-US: Rockwell Automation
 CVE-2024-1973 (By leveraging the vulnerability, lower-privileged users of Content Man ...)
-	TODO: check
+	NOT-FOR-US: Microfocus
 CVE-2024-1745 (The Testimonial Slider WordPress plugin before 2.3.7 does not properly ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0901 (Remotely executed SEGV and out of bounds read allows malicious packet  ...)
 	TODO: check
 CVE-2024-0866 (The Check & Log Email plugin for WordPress is vulnerable to Unauthenti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-7232 (The Backup and Restore WordPress  WordPress plugin through 1.45 does n ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-51416 (Cross-Site Request Forgery (CSRF) vulnerability in EnvialoSimple Env\x ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49839 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47430 (Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 al ...)
 	TODO: check
 CVE-2024-30205 (In Emacs before 29.3, Org mode considers contents of remote files to b ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0586dfef6db5ad6a5eb4aa3b0bb18f04041dfd0b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0586dfef6db5ad6a5eb4aa3b0bb18f04041dfd0b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240326/1f2f1b0a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list