[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 13 21:17:28 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2ac2cc4e by Salvatore Bonaccorso at 2024-11-13T22:17:05+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2024-9682 (The Royal Elementor Addons and Templates plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9668 (The Royal Elementor Addons and Templates plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9477 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: AirTies Air4443 Firmware
 CVE-2024-9476 (A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Priv ...)
 	TODO: check
 CVE-2024-9413 (The transport_message_handler function in SCP-Firmware release version ...)
 	TODO: check
 CVE-2024-9059 (The Royal Elementor Addons and Templates plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8049 (In Progress Telerik Document Processing Libraries, versions prior to 2 ...)
-	TODO: check
+	NOT-FOR-US: Progress Telerik
 CVE-2024-8001 (A vulnerability was found in VIWIS LMS 9.11. It has been classified as ...)
-	TODO: check
+	NOT-FOR-US: VIWIS LMS
 CVE-2024-7295 (In Progress\xae Telerik\xae Report Server versions prior to 2024 Q4 (1 ...)
-	TODO: check
+	NOT-FOR-US: Progress Telerik
 CVE-2024-52306 (FileManager provides a Backpack admin interface for files and folder.  ...)
 	TODO: check
 CVE-2024-52305 (UnoPim is an open-source Product Information Management (PIM) system b ...)
@@ -27,33 +27,33 @@ CVE-2024-52299 (macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pd
 CVE-2024-52298 (macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js.  ...)
 	TODO: check
 CVE-2024-52295 (DataEase is an open source data visualization analysis tool. Prior to  ...)
-	TODO: check
+	NOT-FOR-US: DataEase
 CVE-2024-52293 (Craft is a content management system (CMS). Prior to 4.12.2 and 5.4.3, ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2024-52292 (Craft is a content management system (CMS). The dataUrl function can b ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2024-52291 (Craft is a content management system (CMS). A vulnerability in CraftCM ...)
-	TODO: check
+	NOT-FOR-US: Craft CMS
 CVE-2024-51996 (Symphony process is a module for the Symphony PHP framework which exec ...)
 	TODO: check
 CVE-2024-50972 (A SQL injection vulnerability in printtool.php of Itsourcecode Constru ...)
-	TODO: check
+	NOT-FOR-US: Itsourcecode Construction Management System
 CVE-2024-50971 (A SQL injection vulnerability in print.php of Itsourcecode Constructio ...)
-	TODO: check
+	NOT-FOR-US: Itsourcecode Construction Management System
 CVE-2024-50970 (A SQL injection vulnerability in orderview1.php of Itsourcecode Online ...)
-	TODO: check
+	NOT-FOR-US: Itsourcecode Online Furniture Shopping Project
 CVE-2024-50969 (A Reflected cross-site scripting (XSS) vulnerability in browse.php of  ...)
-	TODO: check
+	NOT-FOR-US: Code-projects Jonnys Liquor
 CVE-2024-50854 (Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow v ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-50853 (Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injectio ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-50852 (Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injectio ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-49506 (Insecure creation of temporary files allows local users on systems wit ...)
 	TODO: check
 CVE-2024-49505 (A Improper Neutralization of Input During Web Page Generation ('Cross- ...)
-	TODO: check
+	NOT-FOR-US: openSUSE Tumbleweed MirrorCache
 CVE-2024-49504 (grub2 allowed attackers with access to the grub shell to access files  ...)
 	TODO: check
 CVE-2024-49379 (Umbrel is a home server OS for self-hosting. The login functionality o ...)
@@ -65,7 +65,7 @@ CVE-2024-48900 (A vulnerability was found in Moodle. Additional checks are requi
 CVE-2024-48510 (Directory Traversal vulnerability in DotNetZip v.1.16.0 and before all ...)
 	TODO: check
 CVE-2024-47574 (A authentication bypass using an alternate path or channel in Fortinet ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2024-45594 (Decidim is a participatory democracy framework. The meeting embeds fea ...)
 	TODO: check
 CVE-2024-43093 (In shouldHideDocument of ExternalStorageProvider.java, there is a poss ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ac2cc4e5425444e12a05c33be42f5e6a1c0dae5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ac2cc4e5425444e12a05c33be42f5e6a1c0dae5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241113/53b51d10/attachment.htm>

More information about the debian-security-tracker-commits mailing list