[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fc9ab8ed by Salvatore Bonaccorso at 2024-10-31T21:25:51+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2024-8934 (A local user with administrative access rights can enter specialy craf ...)
-	TODO: check
+	NOT-FOR-US: TwinCAT Package Manager
 CVE-2024-8553 (A vulnerability was found in Foreman's loader macros introduced with r ...)
 	TODO: check
 CVE-2024-8185 (Vault Community and Vault Enterprise (\u201cVault\u201d) clusters usin ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Vault
 CVE-2024-7883 (When using Arm Cortex-M Security Extensions (CMSE), Secure stack  cont ...)
 	TODO: check
 CVE-2024-51482 (ZoneMinder is a free, open source closed-circuit television software a ...)
@@ -11,31 +11,31 @@ CVE-2024-51482 (ZoneMinder is a free, open source closed-circuit television soft
 CVE-2024-51481 (Nix is a package manager for Linux and other Unix systems. On macOS, b ...)
 	TODO: check
 CVE-2024-51478 (YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a  ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2024-51430 (Cross Site Scripting vulnerability in online diagnostic lab management ...)
-	TODO: check
+	NOT-FOR-US: online diagnostic lab management system using php
 CVE-2024-51260 (DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious command ...)
-	TODO: check
+	NOT-FOR-US: DrayTek Vigor3900
 CVE-2024-51259 (DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious command ...)
-	TODO: check
+	NOT-FOR-US: DrayTek Vigor3900
 CVE-2024-51255 (DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious command ...)
-	TODO: check
+	NOT-FOR-US: DrayTek Vigor3900
 CVE-2024-51254 (DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious command ...)
-	TODO: check
+	NOT-FOR-US: DrayTek Vigor3900
 CVE-2024-51066 (An Insecure Direct Object Reference (IDOR) vulnerability in appointmen ...)
-	TODO: check
+	NOT-FOR-US: Phpgurukul's Beauty Parlour Management System
 CVE-2024-51065 (Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL  ...)
-	TODO: check
+	NOT-FOR-US: Phpgurukul Beauty Parlour Management System
 CVE-2024-51064 (Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL ...)
-	TODO: check
+	NOT-FOR-US: Phpgurukul Teachers Record Management System
 CVE-2024-51063 (Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL ...)
-	TODO: check
+	NOT-FOR-US: Phpgurukul Teachers Record Management System
 CVE-2024-51060 (Projectworlds Online Admission System v1 is vulnerable to SQL Injectio ...)
-	TODO: check
+	NOT-FOR-US: Projectworlds Online Admission System
 CVE-2024-50802 (A SQL Injection vulnerability was discovered in AbanteCart 1.4.0 in th ...)
-	TODO: check
+	NOT-FOR-US: AbanteCart
 CVE-2024-50801 (A SQL Injection vulnerability was discovered in AbanteCart 1.4.0 in th ...)
-	TODO: check
+	NOT-FOR-US: AbanteCart
 CVE-2024-50356 (Press, a Frappe custom app that runs Frappe Cloud, manages infrastruct ...)
 	TODO: check
 CVE-2024-50354 (gnark is a fast zk-SNARK library that offers a high-level API to desig ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc9ab8ed6cfbe940b0c07dad43fb6cb002721016

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc9ab8ed6cfbe940b0c07dad43fb6cb002721016
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241031/e2e161f8/attachment.htm>