[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Nov 12 08:49:49 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
133f8843 by Salvatore Bonaccorso at 2024-11-12T09:49:28+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2024-9836 (The RSS Feed Widget WordPress plugin before 3.0.0 does not validate an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9835 (The RSS Feed Widget WordPress plugin before 3.0.1 does not escape the  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9357 (The xili-tidy-tags plugin for WordPress is vulnerable to Reflected Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8882 (A buffer overflow vulnerability in the CGI program in the Zyxel GS1900 ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2024-8881 (A post-authentication command injection vulnerability in the CGI progr ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2024-52533 (gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one erro ...)
 	TODO: check
 CVE-2024-52532 (GNOME libsoup before 3.6.1 has an infinite loop, and memory consumptio ...)
@@ -19,7 +19,7 @@ CVE-2024-52530 (GNOME libsoup before 3.6.0 allows HTTP request smuggling in some
 CVE-2024-52288 (libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised D ...)
 	TODO: check
 CVE-2024-52286 (Stirling-PDF is a locally hosted web application that allows you to pe ...)
-	TODO: check
+	NOT-FOR-US: Stirling-PDF
 CVE-2024-51992 (Orchid is a @laravel package that allows for rapid application develop ...)
 	TODO: check
 CVE-2024-51748 (Kanboard is project management software that focuses on the Kanban met ...)
@@ -41,29 +41,29 @@ CVE-2024-51485 (Ampache is a web based audio/video streaming application and fil
 CVE-2024-51484 (Ampache is a web based audio/video streaming application and file mana ...)
 	TODO: check
 CVE-2024-51213 (Cross Site Scripting vulnerability in Online Shop Store v.1.0 allows a ...)
-	TODO: check
+	NOT-FOR-US: Online Shop Store
 CVE-2024-51190 (TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12  ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet
 CVE-2024-51189 (TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12  ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet
 CVE-2024-51188 (TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12  ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet
 CVE-2024-51187 (TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12  ...)
-	TODO: check
+	NOT-FOR-US: TRENDnet
 CVE-2024-51186 (D-Link DIR-820L 1.05b03 was discovered to contain a remote code execut ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-51135 (An XML External Entity (XXE) vulnerability in the component DocumentBu ...)
 	TODO: check
 CVE-2024-51054 (A Cross Site Scriptng (XSS) vulnerability was found in /omrs/admin/sea ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Online Marriage Registration System
 CVE-2024-51026 (The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting ...)
-	TODO: check
+	NOT-FOR-US: NetAdmin IAM system
 CVE-2024-50991 (A Cross Site Scripting (XSS) vulnerability was found in /ums-sp/admin/ ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul User Management System
 CVE-2024-50990 (A Reflected Cross Site Scriptng (XSS) vulnerability was found in /omrs ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Online Marriage Registration System
 CVE-2024-50989 (A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Online Marriage Registration System
 CVE-2024-50667 (The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vuln ...)
 	TODO: check
 CVE-2024-50636 (PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, whi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/133f88436193741d7401b847885a856e97dec60a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/133f88436193741d7401b847885a856e97dec60a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241112/c7645726/attachment.htm>

More information about the debian-security-tracker-commits mailing list