[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Sep 19 09:44:10 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8db1746e by Salvatore Bonaccorso at 2024-09-19T10:43:45+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2024-8850 (The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8364 (The WP Custom Fields Search plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-7254 (Any project that parses untrusted Protocol Buffers datacontaining an a ...)
 	TODO: check
 CVE-2024-47089 (This vulnerability exists in the Apex Softcell LD Geo due to improper  ...)
-	TODO: check
+	NOT-FOR-US: Apex Softcell LD Geo
 CVE-2024-47088 (This vulnerability exists in Apex Softcell LD Geo due to missing restr ...)
-	TODO: check
+	NOT-FOR-US: Apex Softcell LD Geo
 CVE-2024-47087 (This vulnerability exists in Apex Softcell LD Geo due to improper vali ...)
-	TODO: check
+	NOT-FOR-US: Apex Softcell LD Geo
 CVE-2024-47086 (This vulnerability exists in Apex Softcell LD DP Back Office due to im ...)
-	TODO: check
+	NOT-FOR-US: Apex Softcell LD Geo
 CVE-2024-47085 (This vulnerability exists in Apex Softcell LD DP Back Office due to im ...)
-	TODO: check
+	NOT-FOR-US: Apex Softcell LD Geo
 CVE-2024-47059 (When logging in with the correct username and incorrect weak password, ...)
 	TODO: check
 CVE-2024-47058 (With access to edit a Mautic form, the attacker can add Cross-Site Scr ...)
@@ -21,19 +21,19 @@ CVE-2024-47058 (With access to edit a Mautic form, the attacker can add Cross-Si
 CVE-2024-47050 (Prior to this patch being applied, Mautic's tracking was vulnerable to ...)
 	TODO: check
 CVE-2024-46946 (langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3 ...)
-	TODO: check
+	NOT-FOR-US: LangChain Experimental
 CVE-2024-46377 (Best House Rental Management System 1.0 contains an arbitrary file upl ...)
-	TODO: check
+	NOT-FOR-US: Best House Rental Management System
 CVE-2024-46376 (Best House Rental Management System 1.0 contains an arbitrary file upl ...)
-	TODO: check
+	NOT-FOR-US: Best House Rental Management System
 CVE-2024-46375 (Best House Rental Management System 1.0 contains an arbitrary file upl ...)
-	TODO: check
+	NOT-FOR-US: Best House Rental Management System
 CVE-2024-46374 (Best House Rental Management System 1.0 contains a SQL injection vulne ...)
-	TODO: check
+	NOT-FOR-US: Best House Rental Management System
 CVE-2024-46373 (Dedecms V5.7.115 contains an arbitrary code execution via file upload  ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2024-46372 (DedeCMS 5.7.115 is vulnerable to Cross Site Scripting (XSS) via the ad ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2024-40568 (Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b ...)
 	TODO: check
 CVE-2024-37406 (In Brave Android prior to v1.67.116, domains in the Brave Shields popu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8db1746e3e38fa40a57192fd9550a5aa76933ff5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8db1746e3e38fa40a57192fd9550a5aa76933ff5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240919/4bb51839/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list