[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Sep 29 06:10:30 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4f7275f1 by Salvatore Bonaccorso at 2024-09-29T07:10:08+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,67 +1,67 @@
 CVE-2024-9316 (A vulnerability classified as critical has been found in code-projects ...)
-	TODO: check
+	NOT-FOR-US: code-projects Blood Bank Management System
 CVE-2024-9315 (A vulnerability was found in SourceCodester Employee and Visitor Gate  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Employee and Visitor Gate Pass Logging System
 CVE-2024-9300 (A vulnerability classified as problematic was found in SourceCodester  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Railway Reservation System
 CVE-2024-9299 (A vulnerability classified as problematic has been found in SourceCode ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Railway Reservation System
 CVE-2024-9298 (A vulnerability was found in SourceCodester Online Railway Reservation ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Railway Reservation System
 CVE-2024-9297 (A vulnerability was found in SourceCodester Online Railway Reservation ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Railway Reservation System
 CVE-2024-9296 (A vulnerability was found in SourceCodester Advocate Office Management ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Advocate Office Management System
 CVE-2024-9295 (A vulnerability was found in SourceCodester Advocate Office Management ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Advocate Office Management System
 CVE-2024-9294 (A vulnerability, which was classified as critical, has been found in d ...)
-	TODO: check
+	NOT-FOR-US: dingfanzu CMS
 CVE-2024-9293 (A vulnerability classified as critical was found in skyselang yylAdmin ...)
-	TODO: check
+	NOT-FOR-US: skyselang yylAdmin
 CVE-2024-9291 (A vulnerability classified as problematic has been found in kalvinGit  ...)
-	TODO: check
+	NOT-FOR-US: kalvinGit kvf-admin
 CVE-2024-9189 (The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9023 (The WP-WebAuthn plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8788 (The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8715 (The Simple LDAP Login plugin for WordPress is vulnerable to Reflected  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8712 (The GTM Server Side plugin for WordPress is vulnerable to Reflected Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8547 (The Simple Popup Plugin plugin for WordPress is vulnerable to Stored C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8353 (The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin for  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-8189 (The WP MultiTasking \u2013 WP Utilities plugin for WordPress is vulner ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-47186 (Filament is a collection of full-stack components for Laravel developm ...)
 	TODO: check
 CVE-2024-46453 (A cross-site scripting (XSS) vulnerability in the component /test/ of  ...)
-	TODO: check
+	NOT-FOR-US: iq3xcite
 CVE-2024-38796 (EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An A ...)
 	TODO: check
 CVE-2024-23967 (Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stac ...)
-	TODO: check
+	NOT-FOR-US: Autel
 CVE-2024-23961 (Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Ex ...)
-	TODO: check
+	NOT-FOR-US: Alpine Halo9
 CVE-2024-23960 (Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Alpine Halo9
 CVE-2024-23959 (Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-b ...)
-	TODO: check
+	NOT-FOR-US: Autel
 CVE-2024-23958 (Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Auth ...)
-	TODO: check
+	NOT-FOR-US: Autel
 CVE-2024-23957 (Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat Stack-based  ...)
-	TODO: check
+	NOT-FOR-US: Autel
 CVE-2024-23938 (Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remo ...)
-	TODO: check
+	NOT-FOR-US: Silicon Labs
 CVE-2024-23935 (Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execut ...)
-	TODO: check
+	NOT-FOR-US: Alpine Halo9
 CVE-2024-23924 (Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code  ...)
-	TODO: check
+	NOT-FOR-US: Alpine Halo9
 CVE-2024-23923 (Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution  ...)
-	TODO: check
+	NOT-FOR-US: Alpine Halo9
 CVE-2024-23586 (HCL Nomad is susceptible to an insufficient session expiration vulnera ...)
 	TODO: check
 CVE-2024-9301 (A path traversal issue in E2Nest prior to commit 8a41948e553c89c56b144 ...)
@@ -75,7 +75,7 @@ CVE-2024-9282 (A vulnerability was found in bg5sbk MiniCMS 1.11. It has been cla
 CVE-2024-9281 (A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified  ...)
 	NOT-FOR-US: bg5sbk MiniCMS
 CVE-2024-9280 (A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1e ...)
-	TODO: check
+	NOT-FOR-US: kalvinGit kvf-admin
 CVE-2024-9279 (A vulnerability, which was classified as problematic, was found in fun ...)
 	NOT-FOR-US: funnyzpc Mee-Admin
 CVE-2024-9278 (A vulnerability, which was classified as critical, has been found in H ...)
@@ -195,7 +195,7 @@ CVE-2024-39364 (Advantech ADAM-5630  has built-in commands that can be executed
 CVE-2024-39275 (Cookies of authenticated Advantech ADAM-5630 users remain as active va ...)
 	NOT-FOR-US: Advantech
 CVE-2024-38861 (Improper Certificate Validation in Checkmk Exchange plugin MikroTik al ...)
-	TODO: check
+	NOT-FOR-US: Checkmk Exchange plugin MikroTik
 CVE-2024-38308 (Advantech ADAM 5550's web application includes a "logs" page where all ...)
 	NOT-FOR-US: Advantech
 CVE-2024-37187 (Advantech ADAM-5550 share user credentials with a low level of encrypt ...)
@@ -209,11 +209,11 @@ CVE-2024-33368 (An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote
 CVE-2024-28948 (Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulne ...)
 	NOT-FOR-US: Advantech
 CVE-2024-25412 (A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows at ...)
-	TODO: check
+	NOT-FOR-US: Flatpress
 CVE-2024-25411 (A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows at ...)
-	TODO: check
+	NOT-FOR-US: Flatpress
 CVE-2024-22170 (Improper Restriction of Operations within the Bounds of a Memory Buffe ...)
-	TODO: check
+	NOT-FOR-US: Western Digital My Cloud ddns-start on Linux
 CVE-2024-46868 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
 	- linux 6.10.11-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f7275f1176ecc43f0046d81c7e962143be1fb97

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f7275f1176ecc43f0046d81c7e962143be1fb97
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240929/796b355b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list