[Git][security-tracker-team/security-tracker][master] Process new NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
592986da by Salvatore Bonaccorso at 2024-11-29T09:17:22+01:00
Process new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2024-9852 (Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 al ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi Electric
 CVE-2024-9044 (A XML External Entity (XXE) vulnerability has been identified in Easy  ...)
-	TODO: check
+	NOT-FOR-US: Easy Tax Client Software
 CVE-2024-8300 (Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2, 10.97.2  ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi Electric
 CVE-2024-8299 (Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 al ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi Electric
 CVE-2024-54124 (In Click Studios Passwordstate before build 9920, there is a potential ...)
-	TODO: check
+	NOT-FOR-US: Click Studios Passwordstate
 CVE-2024-54123 (Backdrop CMS before 1.28.4 and 1.29.x before 1.29.2 allows XSS via an  ...)
 	TODO: check
 CVE-2024-53701 (Multiple FCNT Android devices provide the original security features s ...)
-	TODO: check
+	NOT-FOR-US: FCNT Android devices
 CVE-2024-45495 (MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSoc ...)
 	TODO: check
 CVE-2024-39162 (pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability o ...)
@@ -69,25 +69,25 @@ CVE-2024-53732 (Cross-Site Request Forgery (CSRF) vulnerability in WP WOX Footer
 CVE-2024-53731 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-52501 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52499 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52498 (Path Traversal: '.../...//' vulnerability in Softpulse Infotech SP Blo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52497 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52496 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52495 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52490 (Unrestricted Upload of File with Dangerous Type vulnerability in Patho ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52481 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52475 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52474 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-52338 (Deserialization of untrusted data in IPC and Parquet readers in the Ap ...)
 	TODO: check
 CVE-2024-52283 (Missing sanitation of inputs allowed arbitrary users to conduct a stor ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592986da3213ee473e2cdb602895addb6694e87a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/592986da3213ee473e2cdb602895addb6694e87a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241129/78a19e73/attachment-0001.htm>