[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Nov 26 08:31:41 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
32dc9cbe by Moritz Muehlenhoff at 2024-11-26T09:31:24+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
 CVE-2024-9504 (The Booking calendar, Appointment Booking System plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8772 (51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the  ...)
-	TODO: check
+	NOT-FOR-US: AXIS
 CVE-2024-8160 (Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that ...)
-	TODO: check
+	NOT-FOR-US: AXIS
 CVE-2024-6831 (Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has f ...)
-	TODO: check
+	NOT-FOR-US: AXIS
 CVE-2024-6749 (Seth Fogie, member of the AXIS Camera Station Pro Bug Bounty Program,  ...)
-	TODO: check
+	NOT-FOR-US: AXIS
 CVE-2024-6476 (Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program h ...)
-	TODO: check
+	NOT-FOR-US: AXIS
 CVE-2024-53843 (@dapperduckling/keycloak-connector-server is an opinionated series of  ...)
-	TODO: check
+	NOT-FOR-US: keycloak-connector-server
 CVE-2024-53597 (masterstack_imgcap v0.0.1 was discovered to contain a SQL injection vu ...)
-	TODO: check
+	NOT-FOR-US: masterstack_imgcap
 CVE-2024-53556 (An Open Redirect vulnerability in Taiga v6.8.1 allows attackers to red ...)
-	TODO: check
+	NOT-FOR-US: Taiga
 CVE-2024-53554 (A Client-Side Template Injection (CSTI) vulnerability in the component ...)
 	TODO: check
 CVE-2024-53278 (Cross-site scripting vulnerability exists in WP Admin UI Customize ver ...)
 	TODO: check
 CVE-2024-52899 (IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an au ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-50672 (A NoSQL injection vulnerability in Adapt Learning Adapt Authoring Tool ...)
 	TODO: check
 CVE-2024-50671 (Incorrect access control in Adapt Learning Adapt Authoring Tool <= 0.1 ...)
 	TODO: check
 CVE-2024-49597 (Dell Wyse Management Suite, versions WMS 4.4 and prior, contain an Imp ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-49596 (Dell Wyse Management Suite, version WMS 4.4 and prior, contain a Missi ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-49595 (Dell Wyse Management Suite, version WMS 4.4 and before, contain an Aut ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-49353 (IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.0  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49351 (IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-47257 (Florent Thi\xe9ry has found that selected Axis devices were vulnerable ...)
 	TODO: check
 CVE-2024-36254 (Out-of-bounds read vulnerability exists in Sharp Corporation and Toshi ...)
@@ -43,7 +43,7 @@ CVE-2024-36254 (Out-of-bounds read vulnerability exists in Sharp Corporation and
 CVE-2024-36251 (The web interface of the affected devices process some crafted HTTP re ...)
 	TODO: check
 CVE-2024-36249 (Cross-site scripting vulnerability exists in Sharp Corporation and Tos ...)
-	TODO: check
+	NOT-FOR-US: Sharp
 CVE-2024-36248 (API keys for some cloud services are hardcoded in the "main" binary. A ...)
 	TODO: check
 CVE-2024-35244 (There are several hidden accounts. Some of them are intended for maint ...)
@@ -67,37 +67,37 @@ CVE-2024-28955 (Affected devices create coredump files when crashed, storing the
 CVE-2024-28038 (The web interface of the affected devices processes a cookie value imp ...)
 	TODO: check
 CVE-2024-11678 (A vulnerability was found in CodeAstro Hospital Management System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Hospital Management System
 CVE-2024-11677 (A vulnerability was found in CodeAstro Hospital Management System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Hospital Management System
 CVE-2024-11676 (A vulnerability was found in CodeAstro Hospital Management System 1.0  ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Hospital Management System
 CVE-2024-11675 (A vulnerability has been found in CodeAstro Hospital Management System ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Hospital Management System
 CVE-2024-11674 (A vulnerability, which was classified as critical, was found in CodeAs ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Hospital Management System
 CVE-2024-11673 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: 1000 Projects Bookstore Management System
 CVE-2024-11418 (The Additional Order Filters for WooCommerce plugin for WordPress is v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11342 (The Skt NURCaptcha plugin for WordPress is vulnerable to Cross-Site Re ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11202 (Multiple plugins for WordPress are vulnerable to Reflected Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11002 (The The InPost Gallery plugin for WordPress is vulnerable to arbitrary ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10857 (The Product Input Fields for WooCommerce plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10781 (The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordP ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10729 (The Booking & Appointment Plugin for WooCommerce plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10570 (The Security & Malware scan by CleanTalk plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10542 (The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordP ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10471 (The Everest Forms  WordPress plugin before 3.0.4.2 does not sanitise a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-53102 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.11.9-1
 	[bookworm] - linux 6.1.119-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32dc9cbe17c7668b3322e4d866f1611d06bbe5a7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32dc9cbe17c7668b3322e4d866f1611d06bbe5a7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241126/47208b84/attachment.htm>

More information about the debian-security-tracker-commits mailing list