[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 22 08:21:38 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2689fdb6 by Salvatore Bonaccorso at 2024-11-22T09:21:03+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2024-9542 (The Sky Addons for Elementor plugin for WordPress is vulnerable to Sen ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9422 (The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8735 (The MailMunch \u2013 Grow your Email List plugin for WordPress is vuln ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8526 (A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker ...)
-	TODO: check
+	NOT-FOR-US: Automated Logic WebCTRL
 CVE-2024-8525 (An unrestricted upload of file with dangerous type in Automated Logic  ...)
-	TODO: check
+	NOT-FOR-US: Automated Logic WebCTRL
 CVE-2024-7130 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: Kion Computer KION Exchange Programs Software
 CVE-2024-7026 (SQL Injection: Hibernate vulnerability in Teknogis Informatics Closed  ...)
-	TODO: check
+	NOT-FOR-US: Teknogis Informatics Closed Circuit Vehicle Tracking Software
 CVE-2024-7016 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: Smarttek Informatics Smart Doctor
 CVE-2024-53432 (While parsing certain malformed PLY files, PCL version 1.14.1 crashes  ...)
 	TODO: check
 CVE-2024-53429 (Open62541 v1.4.6 is has an assertion failure in fuzz_binary_decode, wh ...)
@@ -23,11 +23,11 @@ CVE-2024-53426 (A heap-buffer-overflow vulnerability has been identified in ntop
 CVE-2024-53425 (A heap-buffer-overflow vulnerability was discovered in the SkipSpacesA ...)
 	TODO: check
 CVE-2024-53335 (TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflo ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-53334 (TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflo ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-53333 (TOTOLINK EX200 v4.0.3c.7646_B20201211 was found to contain a command i ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-52803 (LLama Factory enables fine-tuning of large language models. A critical ...)
 	TODO: check
 CVE-2024-52799 (Argo Workflows Chart is used to set up argo and its needed dependencie ...)
@@ -35,21 +35,21 @@ CVE-2024-52799 (Argo Workflows Chart is used to set up argo and its needed depen
 CVE-2024-52309 (SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S  ...)
 	TODO: check
 CVE-2024-52307 (authentik is an open-source identity provider. Due to the usage of a n ...)
-	TODO: check
+	NOT-FOR-US: authentik
 CVE-2024-52289 (authentik is an open-source identity provider. Redirect URIs in the OA ...)
-	TODO: check
+	NOT-FOR-US: authentik
 CVE-2024-52287 (authentik is an open-source identity provider. When using the client_c ...)
-	TODO: check
+	NOT-FOR-US: authentik
 CVE-2024-52056 (Path Traversal in the Manager component of Wowza Streaming Engine belo ...)
-	TODO: check
+	NOT-FOR-US: Wowza
 CVE-2024-52055 (Path Traversal in the Manager component of Wowza Streaming Engine belo ...)
-	TODO: check
+	NOT-FOR-US: Wowza
 CVE-2024-52054 (Path Traversal in the Manager component of Wowza Streaming Engine belo ...)
-	TODO: check
+	NOT-FOR-US: Wowza
 CVE-2024-52053 (Stored Cross-Site Scripting in the Manager component of Wowza Streamin ...)
-	TODO: check
+	NOT-FOR-US: Wowza
 CVE-2024-52052 (Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming  ...)
-	TODO: check
+	NOT-FOR-US: Wowza
 CVE-2024-51367 (An arbitrary file upload vulnerability in the component \Users\usernam ...)
 	TODO: check
 CVE-2024-51366 (An arbitrary file upload vulnerability in the component \Roaming\Omega ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2689fdb62795e7de6c882a404043f8e6711e6fb4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2689fdb62795e7de6c882a404043f8e6711e6fb4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241122/7744ea1e/attachment.htm>

More information about the debian-security-tracker-commits mailing list