[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8639e85f by Salvatore Bonaccorso at 2024-05-21T06:39:19+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
 CVE-2024-5137 (A vulnerability classified as problematic was found in PHPGurukul Dire ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Directory Management System
 CVE-2024-5136 (A vulnerability classified as problematic has been found in PHPGurukul ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Directory Management System
 CVE-2024-5135 (A vulnerability was found in PHPGurukul Directory Management System 1. ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Directory Management System
 CVE-2024-4323 (A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3. ...)
-	TODO: check
+	NOT-FOR-US: Fluent Bit
 CVE-2024-4287 (In mintplex-labs/anything-llm, a vulnerability exists due to improper  ...)
-	TODO: check
+	NOT-FOR-US: mintplex-labs/anything-llm
 CVE-2024-4151 (An Improper Access Control vulnerability exists in lunary-ai/lunary ve ...)
-	TODO: check
+	NOT-FOR-US: lunary-ai/lunary
 CVE-2024-3761 (In lunary-ai/lunary version 1.2.2, the DELETE endpoint located at `pac ...)
-	TODO: check
+	NOT-FOR-US: lunary-ai/lunary
 CVE-2024-3482 (A Stored Cross-Site Scripting (XSS) vulnerability has been identified  ...)
 	TODO: check
 CVE-2024-35580 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpv ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-35579 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-35578 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbal ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-35576 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-35571 (Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-34953 (An issue in taurusxin ncmdump v1.3.2 allows attackers to cause a Denia ...)
 	TODO: check
 CVE-2024-34952 (taurusxin ncmdump v1.3.2 was discovered to contain a segmentation viol ...)
 	TODO: check
 CVE-2024-34949 (likeshop 2.5.7 is vulnerable to SQL Injection via the getOrderList fun ...)
-	TODO: check
+	NOT-FOR-US: likeshop
 CVE-2024-34948 (An issue in Quanxun Huiju Network Technology(Beijing) Co.,Ltd IK-Q3000 ...)
-	TODO: check
+	NOT-FOR-US: Quanxun Huiju Network Technology(Beijing) Co.
 CVE-2024-34947 (Quanxun Huiju Network Technology (Beijing) Co.,Ltd IK-Q3000 3.7.10 x64 ...)
-	TODO: check
+	NOT-FOR-US: Quanxun Huiju Network Technology(Beijing) Co.
 CVE-2024-34193 (smanga 3.2.7 does not filter the file parameter at the PHP/get file fl ...)
 	TODO: check
 CVE-2024-31714 (Buffer Overflow vulnerability in Waxlab wax v.0.9-3 and before allows  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8639e85f7cee3a8171c39ba5ca9888dbffb52ff9

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8639e85f7cee3a8171c39ba5ca9888dbffb52ff9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240521/420e2894/attachment.htm>