[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Oct 22 08:22:25 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
55bcd05c by Moritz Muehlenhoff at 2024-10-22T09:22:06+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,59 +1,59 @@
 CVE-2024-8305 (prepareUnique index may cause secondaries to crash due to incorrect en ...)
-	TODO: check
+	- mongodb <removed>
 CVE-2024-49368 (Nginx UI is a web user interface for the Nginx web server. Prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Nginx UI
 CVE-2024-49367 (Nginx UI is a web user interface for the Nginx web server. Prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Nginx UI
 CVE-2024-49366 (Nginx UI is a web user interface for the Nginx web server. Nginx UI v2 ...)
-	TODO: check
+	NOT-FOR-US: Nginx UI
 CVE-2024-49321 (Missing Authorization vulnerability in Colorlib Simple Custom Post Ord ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-49293 (Missing Authorization vulnerability in Rextheme WP VR allows Exploitin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-49273 (Missing Authorization vulnerability in ProfileGrid User Profiles Profi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-48930 (secp256k1-node is a Node.js binding for an Optimized C library for EC  ...)
-	TODO: check
+	NOT-FOR-US: secp256k1-node
 CVE-2024-48709 (CodeAstro Membership Management System v1.0 is vulnerable to Cross Sit ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2024-48659 (An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute ...)
-	TODO: check
+	NOT-FOR-US: DCME-320-L
 CVE-2024-48645 (In Minecraft mod "Command Block IDE" up to and including version 0.4.9 ...)
-	TODO: check
+	NOT-FOR-US: Minecraft mod Command Block IDE
 CVE-2024-48597 (Online Clinic Management System v1.0 was discovered to contain a SQL i ...)
-	TODO: check
+	NOT-FOR-US: Online Clinic Management System
 CVE-2024-48509 (Learning with Texts (LWT) 2.0.3 is vulnerable to SQL Injection. This o ...)
-	TODO: check
+	NOT-FOR-US: Learning with Texts (LWT)
 CVE-2024-48231 (Funadmin 5.0.2 is vulnerable to SQL Injection via the selectFields par ...)
-	TODO: check
+	NOT-FOR-US: Funadmin
 CVE-2024-47912 (A vulnerability in the AWV (Audio, Web, and Video) Conferencing compon ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2024-47825 (Cilium is a networking, observability, and security solution with an e ...)
-	TODO: check
+	- cilium <itp> (bug #858303)
 CVE-2024-47722
 	REJECTED
 CVE-2024-47328 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-47223 (A vulnerability in the AWV (Audio, Web and Video Conferencing) compone ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2024-47189 (The API Interface of the AWV (Audio, Web and Video Conferencing) compo ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2024-46326 (Public Knowledge Project pkp-lib 3.4.0-7 and earlier is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: Public Knowledge Project pkp-lib
 CVE-2024-46239 (Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hosp ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2024-46238 (Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGuruku ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2024-46236 (CodeAstro Membership Management System v1.0 is vulnerable to Cross Sit ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2024-45309 (OneDev is a Git server with CI/CD, kanban, and packages. A vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: OneDev
 CVE-2024-43945 (Cross-Site Request Forgery (CSRF) vulnerability in Latepoint LatePoint ...)
-	TODO: check
+	NOT-FOR-US: Latepoint
 CVE-2024-40746 (A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla C ...)
-	TODO: check
+	NOT-FOR-US: Joomla plugin
 CVE-2024-31007 (Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local ...)
-	TODO: check
+	NOT-FOR-US: IrfanView
 CVE-2022-49033 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
 	- linux 6.0.12-1
 	[bullseye] - linux 5.10.158-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55bcd05c29f68b87c2616216d98212ecff255c76

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55bcd05c29f68b87c2616216d98212ecff255c76
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241022/84dfe3d4/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list