[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a1b77104 by Salvatore Bonaccorso at 2024-11-15T21:35:21+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2024-8979 (The Essential Addons for Elementor \u2013 Best Elementor Addon, Templa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8978 (The Essential Addons for Elementor \u2013 Best Elementor Addon, Templa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7865
 	REJECTED
 CVE-2024-6413
 	REJECTED
 CVE-2024-52555 (In JetBrains WebStorm before 2024.3 code execution in Untrusted Projec ...)
-	TODO: check
+	NOT-FOR-US: JetBrains WebStorm
 CVE-2024-52528 (Budget Control Gateway acts as an entry point for incoming requests an ...)
-	TODO: check
+	NOT-FOR-US: Budget Control Gateway
 CVE-2024-52526 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-52525 (Nextcloud Server is a self hosted personal cloud system. Under certain ...)
 	TODO: check
 CVE-2024-52523 (Nextcloud Server is a self hosted personal cloud system. After setting ...)
@@ -49,63 +49,63 @@ CVE-2024-52508 (Nextcloud Mail is the mail app for Nextcloud, a self-hosted prod
 CVE-2024-52507 (Nextcloud Tables allows users to to create tables with individual colu ...)
 	TODO: check
 CVE-2024-51497 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-51496 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-51495 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-51494 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-51330 (An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local  ...)
-	TODO: check
+	NOT-FOR-US: UltiMaker Cura
 CVE-2024-51164 (Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 v ...)
-	TODO: check
+	NOT-FOR-US: JEPaaS
 CVE-2024-51142 (Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows an  ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2024-51141 (An issue in TOTOLINK Bluetooth Wireless Adapter A600UB allows a local  ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-51037 (An issue in kodbox v.1.52.04 and before allows a remote attacker to ob ...)
 	TODO: check
 CVE-2024-50986 (An issue in Clementine v.1.3.1 allows a local attacker to execute arbi ...)
 	TODO: check
 CVE-2024-50800 (Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.02024 ...)
-	TODO: check
+	NOT-FOR-US: M2000 Smart4Web
 CVE-2024-50724 (KASO v9.0 was discovered to contain a SQL injection vulnerability via  ...)
-	TODO: check
+	NOT-FOR-US: KASO
 CVE-2024-50655 (emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which  ...)
-	TODO: check
+	NOT-FOR-US: emlog
 CVE-2024-50654 (lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can  ...)
-	TODO: check
+	NOT-FOR-US: lilishop
 CVE-2024-50653 (CRMEB <=5.4.0 is vulnerable to Incorrect Access Control. Users can byp ...)
-	TODO: check
+	NOT-FOR-US: CRMEB
 CVE-2024-50652 (A file upload vulnerability in java_shop 1.0 allows attackers to uploa ...)
-	TODO: check
+	NOT-FOR-US: java_shop
 CVE-2024-50651 (java_shop 1.0 is vulnerable to Incorrect Access Control, which allows  ...)
-	TODO: check
+	NOT-FOR-US: java_shop
 CVE-2024-50650 (python_book V1.0 is vulnerable to Incorrect Access Control, which allo ...)
-	TODO: check
+	NOT-FOR-US: python_book
 CVE-2024-50649 (The user avatar upload function in python_book V1.0 has an arbitrary f ...)
-	TODO: check
+	NOT-FOR-US: python_book
 CVE-2024-50648 (yshopmall V1.0 has an arbitrary file upload vulnerability, which can e ...)
-	TODO: check
+	NOT-FOR-US: yshopmall
 CVE-2024-50647 (The python_food ordering system V1.0 has an unauthorized vulnerability ...)
-	TODO: check
+	NOT-FOR-US: python_food ordering system
 CVE-2024-50355 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-50352 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-50351 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-50350 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-49764 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-49759 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-49758 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-49754 (LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring sy ...)
-	TODO: check
+	NOT-FOR-US: LibreNMS
 CVE-2024-49536 (Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of ...)
 	TODO: check
 CVE-2024-48068 (A cross-site scripting (XSS) vulnerability in Shenzhen Landray Softwar ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1b771042f7934a41f4586ac5b8c71afe73d4f9c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1b771042f7934a41f4586ac5b8c71afe73d4f9c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241115/6dab2436/attachment.htm>