[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
826e51fc by Salvatore Bonaccorso at 2024-11-15T09:18:44+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
 CVE-2024-9834 (Improper data protection on the ventilator's serial interface could al ...)
-	TODO: check
+	NOT-FOR-US: Life2000 Ventilation System
 CVE-2024-9832 (There is no limit on the number of failed login attempts permitted wit ...)
-	TODO: check
+	NOT-FOR-US: Life2000 Ventilation System
 CVE-2024-9609 (The LearnPress Export Import \u2013 WordPress extension for LearnPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9529 (The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9356 (The Yotpo: Product & Photo Reviews for WooCommerce plugin for WordPres ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8961 (The Essential Addons for Elementor \u2013 Best Elementor Addon, Templa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52613 (A heap-based buffer under-read in tsMuxer version nightly-2024-05-12-0 ...)
 	TODO: check
 CVE-2024-52308 (The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code ...)
 	TODO: check
 CVE-2024-51687 (Cross-Site Request Forgery (CSRF) vulnerability in Platform.Ly Platfor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-51684 (Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu W3P ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-51679 (Cross-Site Request Forgery (CSRF) vulnerability in GentleSource Appoin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-51659 (Cross-Site Request Forgery (CSRF) vulnerability in GeekRMX Twitter @An ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-51658 (Cross-Site Request Forgery (CSRF) vulnerability in Henrik Hoff WP Cour ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-51156 (07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery ...)
-	TODO: check
+	NOT-FOR-US: 07FLYCMS
 CVE-2024-50968 (A business logic vulnerability exists in the Add to Cart function of i ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Agri-Trading Online Shopping System
 CVE-2024-49778 (A heap-based buffer overflow in tsMuxer version nightly-2024-05-12-02- ...)
 	TODO: check
 CVE-2024-49777 (A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01- ...)
@@ -37,15 +37,15 @@ CVE-2024-49776 (A negative-size-param in tsMuxer version nightly-2024-04-05-01-5
 CVE-2024-48974 (The ventilator does not perform proper file integrity checks when adop ...)
 	TODO: check
 CVE-2024-48973 (The debug port on the ventilator's serial interface is enabled by defa ...)
-	TODO: check
+	NOT-FOR-US: Life2000 Ventilation System
 CVE-2024-48971 (The Clinician Password and Serial Number Clinician Password are hard-c ...)
-	TODO: check
+	NOT-FOR-US: Life2000 Ventilation System
 CVE-2024-48970 (The ventilator's microcontroller lacks memory protection. An attacker  ...)
-	TODO: check
+	NOT-FOR-US: Life2000 Ventilation System
 CVE-2024-48967 (The ventilator and the Service PC lack sufficient audit logging capabi ...)
-	TODO: check
+	NOT-FOR-US: Life2000 Ventilation System
 CVE-2024-48966 (The software tools used by service personnel to test & calibrate the v ...)
-	TODO: check
+	NOT-FOR-US: Life2000 Ventilation System
 CVE-2024-42499 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
 	TODO: check
 CVE-2024-41217 (A heap-based buffer overflow in tsMuxer version nightly-2024-05-10-02- ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/826e51fc76721f877a9abdc49c704a540846b83f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/826e51fc76721f877a9abdc49c704a540846b83f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241115/57c3e07d/attachment.htm>