[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Oct 25 09:35:30 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1264dbb6 by Moritz Muehlenhoff at 2024-10-25T10:33:50+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,43 +1,43 @@
 CVE-2024-9686 (The Order Notification for Telegram plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9630 (The WPS Telegram Chat plugin for WordPress is vulnerable to authorizat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9628 (The WPS Telegram Chat plugin for WordPress is vulnerable to unauthoriz ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9607 (The 10Web Social Post Feed plugin for WordPress is vulnerable to Refle ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9598 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for WordPress is ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9488 (The Comments \u2013 wpDiscuz plugin for WordPress is vulnerable to aut ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9302 (The App Builder \u2013 Create Native Android & iOS Apps On The Flight  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9235 (The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9109 (The WooCommerce UPS Shipping \u2013 Live Rates and Access Points plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7763 (In WhatsUp Gold versions released before 2024.0.0,  an Authentication  ...)
-	TODO: check
+	NOT-FOR-US: WhatsUp Gold
 CVE-2024-50583 (Whale browser Installer before 3.1.0.0 allows an attacker to execute a ...)
-	TODO: check
+	NOT-FOR-US: Whale browser
 CVE-2024-49762 (Pterodactyl is a free, open-source game server management panel. When  ...)
-	TODO: check
+	NOT-FOR-US: Pterodactyl
 CVE-2024-49760 (OpenRefine is a free, open source tool for working with messy data. Th ...)
 	TODO: check
 CVE-2024-49750 (The Snowflake Connector for Python provides an interface for developin ...)
 	TODO: check
 CVE-2024-49359 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
-	TODO: check
+	NOT-FOR-US: ZimaOS
 CVE-2024-49358 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
-	TODO: check
+	NOT-FOR-US: ZimaOS
 CVE-2024-49357 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
-	TODO: check
+	NOT-FOR-US: ZimaOS
 CVE-2024-48932 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
-	TODO: check
+	NOT-FOR-US: ZimaOS
 CVE-2024-48931 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
-	TODO: check
+	NOT-FOR-US: ZimaOS
 CVE-2024-48870 (Sharp and Toshiba Tec MFPs improperly validate input data in URI data  ...)
-	TODO: check
+	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-48208 (pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an  ...)
 	TODO: check
 CVE-2024-47883 (The OpenRefine fork of the MIT Simile Butterfly server is a modular we ...)
@@ -53,73 +53,73 @@ CVE-2024-47879 (OpenRefine is a free, open source tool for working with messy da
 CVE-2024-47878 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
 	TODO: check
 CVE-2024-47801 (Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP ...)
-	TODO: check
+	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-47549 (Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP ...)
-	TODO: check
+	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-47406 (Sharp and Toshiba Tec MFPs improperly process HTTP authentication requ ...)
-	TODO: check
+	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-47158 (N-LINE 2.0.6 and prior versions contain a code injection vulnerability ...)
 	TODO: check
 CVE-2024-47005 (Sharp and Toshiba Tec MFPs provide configuration related APIs. They ar ...)
-	TODO: check
+	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-45842 (Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT req ...)
-	TODO: check
+	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-45829 (Sharp and Toshiba Tec MFPs provide the web page to download data, wher ...)
-	TODO: check
+	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-45785 (MUSASI version 3 contains an issue with use of client-side authenticat ...)
 	TODO: check
 CVE-2024-45263 (An issue was discovered on certain GL-iNet devices, including MT6000,  ...)
-	TODO: check
+	NOT-FOR-US: GL-iNet
 CVE-2024-45262 (An issue was discovered on certain GL-iNet devices, including MT6000,  ...)
-	TODO: check
+	NOT-FOR-US: GL-iNet
 CVE-2024-45261 (An issue was discovered on certain GL-iNet devices, including MT6000,  ...)
-	TODO: check
+	NOT-FOR-US: GL-iNet
 CVE-2024-45260 (An issue was discovered on certain GL-iNet devices, including MT6000,  ...)
-	TODO: check
+	NOT-FOR-US: GL-iNet
 CVE-2024-43424 (Sharp and Toshiba Tec MFPs improperly process HTTP request headers, re ...)
-	TODO: check
+	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-42420 (Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnera ...)
-	TODO: check
+	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-41618 (Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: web-money-manager-ex
 CVE-2024-41617 (Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: web-money-manager-ex
 CVE-2024-10372 (A vulnerability classified as problematic was found in chidiwilliams b ...)
 	TODO: check
 CVE-2024-10371 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-10370 (A vulnerability was found in Codezips Sales Management System 1.0. It  ...)
-	TODO: check
+	NOT-FOR-US: Codezips Sales Management System
 CVE-2024-10369 (A vulnerability was found in Codezips Sales Management System 1.0. It  ...)
-	TODO: check
+	NOT-FOR-US: Codezips Sales Management System
 CVE-2024-10368 (A vulnerability was found in Codezips Sales Management System 1.0. It  ...)
-	TODO: check
+	NOT-FOR-US: Codezips Sales Management System
 CVE-2024-10355 (A vulnerability, which was classified as critical, has been found in S ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-10354 (A vulnerability classified as critical was found in SourceCodester Pet ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-10353 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-10351 (A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been ra ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-10350 (A vulnerability was found in code-projects Hospital Management System  ...)
-	TODO: check
+	NOT-FOR-US: code-projects Hospital Management System
 CVE-2024-10349 (A vulnerability was found in SourceCodester Best House Rental Manageme ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-10348 (A vulnerability was found in SourceCodester Best House Rental Manageme ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-10342 (The League of Legends Shortcodes plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10341 (The League of Legends Shortcodes plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10327 (A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27 ...)
-	TODO: check
+	NOT-FOR-US: Okta Verify for iOS
 CVE-2024-10150 (The Bamazoo \u2013 Button Generator plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10148 (The Awesome buttons plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10011 (The BuddyPress plugin for WordPress is vulnerable to Directory Travers ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-48426 (A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Ex ...)
 	- assimp <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2321614



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1264dbb6491acb448bdb8ec0999535c4eafd3c91

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1264dbb6491acb448bdb8ec0999535c4eafd3c91
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241025/3cfe9310/attachment.htm>

More information about the debian-security-tracker-commits mailing list