[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 25 07:54:29 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f5515d4d by Salvatore Bonaccorso at 2024-05-25T08:53:53+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,45 +5,45 @@ CVE-2024-5315 (Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 a
 CVE-2024-5314 (Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and al ...)
 	- dolibarr <removed>
 CVE-2024-5312 (PHP Server Monitor, version 3.2.0, is vulnerable to an XSS via the /ph ...)
-	TODO: check
+	NOT-FOR-US: PHP Server Monitor
 CVE-2024-5310 (A vulnerability classified as problematic has been found in JFinalCMS  ...)
-	TODO: check
+	NOT-FOR-US: JFinalCMS
 CVE-2024-4455 (The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4037 (The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-36049 (Aptos Wisal payroll accounting before 7.1.6 uses hardcoded credentials ...)
-	TODO: check
+	NOT-FOR-US: Aptos Wisal payroll accounting
 CVE-2024-35618 (PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereferen ...)
-	TODO: check
+	NOT-FOR-US: PingCAP TiDB
 CVE-2024-35595 (An arbitrary file upload vulnerability in the File Preview function of ...)
-	TODO: check
+	NOT-FOR-US: Xintongda OA
 CVE-2024-35593 (An arbitrary file upload vulnerability in the File preview function of ...)
-	TODO: check
+	NOT-FOR-US: Raingad IM
 CVE-2024-35592 (An arbitrary file upload vulnerability in the Upload function of Box-I ...)
-	TODO: check
+	NOT-FOR-US: Box-IM
 CVE-2024-35591 (An arbitrary file upload vulnerability in O2OA v8.3.8 allows attackers ...)
-	TODO: check
+	NOT-FOR-US: O2OA
 CVE-2024-35396 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a har ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35395 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a har ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35388 (TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a st ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35387 (TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stac ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35340 (Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command inject ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-35339 (Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command inject ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-34995 (svnWebUI v1.8.3 was discovered to contain an arbitrary file deletion v ...)
-	TODO: check
+	NOT-FOR-US: svnWebUI
 CVE-2024-33809 (PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulner ...)
-	TODO: check
+	NOT-FOR-US: PingCAP TiDB
 CVE-2024-33471 (An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0 allows  ...)
-	TODO: check
+	NOT-FOR-US: AVTECH Room Alert
 CVE-2024-33470 (An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 all ...)
-	TODO: check
+	NOT-FOR-US: AVTECH Room Alert
 CVE-2024-33427 (Buffer Overflow vulnerability in Squid version before v.6.10 allows a  ...)
 	TODO: check
 CVE-2024-31510 (An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker t ...)
@@ -51,13 +51,13 @@ CVE-2024-31510 (An issue in Open Quantum Safe liboqs v.10.0 allows a remote atta
 CVE-2024-22588 (Kwik commit 745fd4e2 does not discard unused encryption keys.)
 	TODO: check
 CVE-2023-49575 (A vulnerability has been discovered in VX Search Enterprise affecting  ...)
-	TODO: check
+	NOT-FOR-US: VX Search Enterprise
 CVE-2023-49574 (A vulnerability has been discovered in VX Search Enterprise affecting  ...)
-	TODO: check
+	NOT-FOR-US: VX Search Enterprise
 CVE-2023-49573 (A vulnerability has been discovered in VX Search Enterprise affecting  ...)
-	TODO: check
+	NOT-FOR-US: VX Search Enterprise
 CVE-2023-49572 (A vulnerability has been discovered in VX Search Enterprise affecting  ...)
-	TODO: check
+	NOT-FOR-US: VX Search Enterprise
 CVE-2023-47710 (IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site ...)
 	NOT-FOR-US: IBM
 CVE-2023-46442 (An infinite loop in the retrieveActiveBody function of Soot before v4. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5515d4d1e24a730967061403378de2b411bd97a

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5515d4d1e24a730967061403378de2b411bd97a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240525/2069a16b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list