[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 7 20:31:47 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1bc54873 by Salvatore Bonaccorso at 2024-11-07T21:31:25+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
 CVE-2024-9926 (The Jetpack WordPress plugin does not have proper authorisation in one ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8442 (The Prime Slider \u2013 Addons For Elementor (Revolution of a slider,  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8378 (The Safe SVG WordPress plugin before 2.2.6 has its sanitisation code i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-51995 (Combodo iTop is a web based IT Service Management tool. An attacker ca ...)
-	TODO: check
+	NOT-FOR-US: Combodo iTop
 CVE-2024-51994 (Combodo iTop is a web based IT Service Management tool. In affected ve ...)
-	TODO: check
+	NOT-FOR-US: Combodo iTop
 CVE-2024-51993 (Combodo iTop is a web based IT Service Management tool. An attacker ac ...)
-	TODO: check
+	NOT-FOR-US: Combodo iTop
 CVE-2024-51989 (Password Pusher is an open source application to communicate sensitive ...)
 	TODO: check
 CVE-2024-51758 (Filament is a collection of full-stack components for accelerated Lara ...)
-	TODO: check
+	NOT-FOR-US: Filament
 CVE-2024-51504 (When using IPAuthenticationProvider in ZooKeeper Admin Server there is ...)
 	TODO: check
 CVE-2024-51428 (An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denia ...)
 	TODO: check
 CVE-2024-48954 (An issue was discovered in Logpoint before 7.5.0. Unvalidated input du ...)
-	TODO: check
+	NOT-FOR-US: Logpoint
 CVE-2024-48953 (An issue was discovered in Logpoint before 7.5.0. Endpoints for creati ...)
-	TODO: check
+	NOT-FOR-US: Logpoint
 CVE-2024-48952 (An issue was discovered in Logpoint before 7.5.0. SOAR uses a static J ...)
-	TODO: check
+	NOT-FOR-US: Logpoint
 CVE-2024-48951 (An issue was discovered in Logpoint before 7.5.0. Server-Side Request  ...)
-	TODO: check
+	NOT-FOR-US: Logpoint
 CVE-2024-48950 (An issue was discovered in Logpoint before 7.5.0. An endpoint used by  ...)
-	TODO: check
+	NOT-FOR-US: Logpoint
 CVE-2024-48290 (An issue in the Bluetooth Low Energy implementation of Realtek RTL8762 ...)
-	TODO: check
+	NOT-FOR-US: Realtek
 CVE-2024-47073 (DataEase is an open source data visualization analysis tool that helps ...)
-	TODO: check
+	NOT-FOR-US: DataEase
 CVE-2024-45794 (devtron is an open source tool integration platform for Kubernetes. In ...)
-	TODO: check
+	NOT-FOR-US: devtron
 CVE-2024-43438 (A flaw was found in Feedback. Bulk messaging in the activity's non-res ...)
 	TODO: check
 CVE-2024-43436 (A SQL injection risk flaw was found in the XMLDB editor tool available ...)
@@ -49,35 +49,35 @@ CVE-2024-43426 (A flaw was found in pdfTeX. Insufficient sanitizing in the TeX n
 CVE-2024-43425 (A flaw was found in Moodle. Additional restrictions are required to av ...)
 	TODO: check
 CVE-2024-40715 (A vulnerability in Veeam Backup & Replication Enterprise Manager has b ...)
-	TODO: check
+	NOT-FOR-US: Veeam
 CVE-2024-30142 (HCL BigFix Compliance is affected by a missing secure flag on a cookie ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-30141 (HCL BigFix Compliance is vulnerable to the generation of error message ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-30140 (HCL BigFix Compliance is affected by unvalidated redirects and forward ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-24914 (Authenticated Gaia users can inject code or commands by global variabl ...)
 	TODO: check
 CVE-2024-10969 (A vulnerability was found in 1000 Projects Bookstore Management System ...)
-	TODO: check
+	NOT-FOR-US: 1000 Projects Bookstore Management System
 CVE-2024-10968 (A vulnerability was found in 1000 Projects Bookstore Management System ...)
-	TODO: check
+	NOT-FOR-US: 1000 Projects Bookstore Management System
 CVE-2024-10967 (A vulnerability was found in code-projects E-Health Care System 1.0. I ...)
-	TODO: check
+	NOT-FOR-US: code-projects E-Health Care System
 CVE-2024-10966 (A vulnerability, which was classified as critical, has been found in T ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-10965 (A vulnerability classified as problematic was found in emqx neuron up  ...)
-	TODO: check
+	NOT-FOR-US: emqx neuron
 CVE-2024-10964 (A vulnerability classified as critical has been found in emqx neuron u ...)
-	TODO: check
+	NOT-FOR-US: emqx neuron
 CVE-2024-10963 (A vulnerability was found in pam_access due to the improper handling o ...)
 	TODO: check
 CVE-2024-10668 (There exists an auth bypass in Google Quickshare where an attacker can ...)
 	TODO: check
 CVE-2024-10526 (Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a  ...)
-	TODO: check
+	NOT-FOR-US: Rapid7 Velociraptor MSI Installer
 CVE-2024-10203 (Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2024-50172 (In the Linux kernel, the following vulnerability has been resolved:  R ...)
 	- linux 6.11.6-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -352265,7 +352265,7 @@ CVE-2020-11928 (In the media-library-assistant plugin before 2.82 for WordPress,
 CVE-2020-11927
 	RESERVED
 CVE-2020-11926 (An issue was discovered in Luvion Grand Elite 3 Connect through 2020-0 ...)
-	TODO: check
+	NOT-FOR-US: Luvion Grand Elite 3 Connect
 CVE-2020-11925 (An issue was discovered in Luvion Grand Elite 3 Connect through 2020-0 ...)
 	NOT-FOR-US: Luvion Grand Elite 3 Connect
 CVE-2020-11924 (An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials ar ...)
@@ -352279,13 +352279,13 @@ CVE-2020-11921 (An issue was discovered in Lush 2 through 2020-02-25. Due to the
 CVE-2020-11920 (An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3. ...)
 	NOT-FOR-US: Svakom Siime Eye
 CVE-2020-11919 (An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The ...)
-	TODO: check
+	NOT-FOR-US: Siime Eye
 CVE-2020-11918 (An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. Whe ...)
-	TODO: check
+	NOT-FOR-US: Siime Eye
 CVE-2020-11917 (An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It  ...)
-	TODO: check
+	NOT-FOR-US: Siime Eye
 CVE-2020-11916 (An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The ...)
-	TODO: check
+	NOT-FOR-US: Siime Eye
 CVE-2020-11915 (An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3. ...)
 	NOT-FOR-US: Svakom Siime Eye
 CVE-2019-20786 (handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a chec ...)
@@ -360559,11 +360559,11 @@ CVE-2019-20461
 CVE-2019-20460
 	RESERVED
 CVE-2019-20459 (An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 de ...)
-	TODO: check
+	NOT-FOR-US: Epson Expression Home XP255
 CVE-2019-20458 (An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 de ...)
-	TODO: check
+	NOT-FOR-US: Epson Expression Home XP255
 CVE-2019-20457 (An issue was discovered on Brother MFC-J491DW C1806180757 devices. The ...)
-	TODO: check
+	NOT-FOR-US: Brother
 CVE-2020-9007 (Codoforum 4.8.8 allows self-XSS via the title of a new topic.)
 	NOT-FOR-US: Codoforum
 CVE-2020-9006 (The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulner ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bc54873c13e0c700a7ce116e01a1f5904d23123

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bc54873c13e0c700a7ce116e01a1f5904d23123
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241107/b3a5e343/attachment.htm>

More information about the debian-security-tracker-commits mailing list