[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Oct 28 20:34:27 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ad386b4d by Salvatore Bonaccorso at 2024-10-28T21:34:04+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -133,51 +133,51 @@ CVE-2024-50416 (Deserialization of Untrusted Data vulnerability in WPClever WPC
 CVE-2024-50408 (Deserialization of Untrusted Data vulnerability in Kiboko Labs Namaste ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-49771 (MPXJ is an open source library to read and write project plans from a  ...)
-	TODO: check
+	NOT-FOR-US: Packwood MPXJ
 CVE-2024-49761 (REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReD ...)
 	TODO: check
 CVE-2024-49755 (Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ...)
-	TODO: check
+	NOT-FOR-US: Duende IdentityServer
 CVE-2024-48826 (Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-48825 (Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication comman ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-48465 (The MRBS version 1.5.0 has an SQL injection vulnerability in the edit_ ...)
-	TODO: check
+	NOT-FOR-US: MRBS
 CVE-2024-48291 (dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forge ...)
-	TODO: check
+	NOT-FOR-US: dingfanzu CMS
 CVE-2024-48196 (An issue in eyouCMS v.1.6.7 allows a remote attacker to obtain sensiti ...)
-	TODO: check
+	NOT-FOR-US: eyouCMS
 CVE-2024-48195 (Cross Site Scripting vulnerability in eyouCMS v.1.6.7 allows a remote  ...)
-	TODO: check
+	NOT-FOR-US: eyouCMS
 CVE-2024-48191 (dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forge ...)
-	TODO: check
+	NOT-FOR-US: dingfanzu CMS
 CVE-2024-48074 (An authorized RCE vulnerability exists in the DrayTek Vigor2960 router ...)
-	TODO: check
+	NOT-FOR-US: DrayTek Vigor2960 router
 CVE-2024-47827 (Argo Workflows is an open source container-native workflow engine for  ...)
-	TODO: check
+	NOT-FOR-US: Argo Workflows
 CVE-2024-42930 (PbootCMS 3.2.8 is vulnerable to URL Redirect.)
-	TODO: check
+	NOT-FOR-US: PbootCMS
 CVE-2024-42028 (A Local privilege escalation vulnerability found in a Self-Hosted UniF ...)
-	TODO: check
+	NOT-FOR-US: UniFi
 CVE-2024-39205 (An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below ...)
 	TODO: check
 CVE-2024-34537 (TYPO3 before 13.3.1 allows denial of service (interface error) in the  ...)
-	TODO: check
+	NOT-FOR-US: TYPO3
 CVE-2024-10469 (VINCE versions before 3.0.9 is vulnerable to exposure of User informat ...)
-	TODO: check
+	NOT-FOR-US: CERT VINCE software
 CVE-2024-10455 (Reachable Assertion in BPv7 parser in \xb5D3TN v0.14.0 allows attacker ...)
-	TODO: check
+	NOT-FOR-US: ud3tn
 CVE-2024-10450 (A vulnerability has been found in SourceCodester Kortex Lite Advocate  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Kortex Lite Advocate Office Management System
 CVE-2024-10449 (A vulnerability, which was classified as critical, was found in Codezi ...)
-	TODO: check
+	NOT-FOR-US: Codezips Hospital Appointment System
 CVE-2024-10448 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: code-projects Blood Bank Management System
 CVE-2024-10447 (A vulnerability classified as critical was found in Project Worlds Onl ...)
-	TODO: check
+	NOT-FOR-US: Project Worlds Online Time Table Generator
 CVE-2024-10446 (A vulnerability classified as critical has been found in Project World ...)
-	TODO: check
+	NOT-FOR-US: Project Worlds Online Time Table Generator
 CVE-2024-10214 (Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues ...)
 	TODO: check
 CVE-2024-45802 (Squid is an open source caching proxy for the Web supporting HTTP, HTT ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad386b4dc4d460a2b9a408e337c61c43a7fb1060

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad386b4dc4d460a2b9a408e337c61c43a7fb1060
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241028/b3c5962a/attachment.htm>

More information about the debian-security-tracker-commits mailing list