[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Sep 29 10:48:41 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f57681c by Moritz Muehlenhoff at 2024-09-29T11:48:21+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2024-9326 (A vulnerability classified as critical was found in PHPGurukul Online  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2024-9325 (A vulnerability classified as critical has been found in Intelbras InC ...)
-	TODO: check
+	NOT-FOR-US: Intelbras InControl
 CVE-2024-9324 (A vulnerability was found in Intelbras InControl up to 2.21.57. It has ...)
-	TODO: check
+	NOT-FOR-US: Intelbras InControl
 CVE-2024-9323 (A vulnerability was found in SourceCodester Inventory Management Syste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-9322 (A vulnerability was found in code-projects Supply Chain Management 1.0 ...)
-	TODO: check
+	NOT-FOR-US: code-projects Supply Chain Management
 CVE-2024-9321 (A vulnerability was found in SourceCodester Online Railway Reservation ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-9320 (A vulnerability has been found in SourceCodester Online Timesheet App  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-9319 (A vulnerability, which was classified as critical, was found in Source ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-9318 (A vulnerability, which was classified as critical, has been found in S ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-9317 (A vulnerability classified as critical was found in SourceCodester Onl ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-9316 (A vulnerability classified as critical has been found in code-projects ...)
 	NOT-FOR-US: code-projects Blood Bank Management System
 CVE-2024-9315 (A vulnerability was found in SourceCodester Employee and Visitor Gate  ...)
@@ -57,7 +57,7 @@ CVE-2024-8353 (The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin
 CVE-2024-8189 (The WP MultiTasking \u2013 WP Utilities plugin for WordPress is vulner ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-47186 (Filament is a collection of full-stack components for Laravel developm ...)
-	TODO: check
+	NOT-FOR-US: Filament
 CVE-2024-46453 (A cross-site scripting (XSS) vulnerability in the component /test/ of  ...)
 	NOT-FOR-US: iq3xcite
 CVE-2024-38796 (EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An A ...)
@@ -86,13 +86,13 @@ CVE-2024-23924 (Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote
 CVE-2024-23923 (Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution  ...)
 	NOT-FOR-US: Alpine Halo9
 CVE-2024-23586 (HCL Nomad is susceptible to an insufficient session expiration vulnera ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-9301 (A path traversal issue in E2Nest prior to commit 8a41948e553c89c56b144 ...)
 	NOT-FOR-US: E2Nest
 CVE-2024-9284 (A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has ...)
 	NOT-FOR-US: TP-LINK
 CVE-2024-9283 (A vulnerability classified as problematic has been found in RelaxedJS  ...)
-	TODO: check
+	NOT-FOR-US: RelaxedJS ReLaXed
 CVE-2024-9282 (A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classifi ...)
 	NOT-FOR-US: bg5sbk MiniCMS
 CVE-2024-9281 (A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified  ...)
@@ -114,7 +114,7 @@ CVE-2024-9273
 CVE-2024-9268
 	REJECTED
 CVE-2024-9202 (In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector ...)
-	TODO: check
+	NOT-FOR-US: Eclipse Dataspace Components
 CVE-2024-9171
 	REJECTED
 CVE-2024-9160 (In versions of the PEADM Forge Module prior to 3.24.0 a security misco ...)
@@ -182,9 +182,9 @@ CVE-2024-46333 (An authenticated cross-site scripting (XSS) vulnerability in Piw
 CVE-2024-46331 (ModStartCMS v8.8.0 was discovered to contain an open redirect vulnerab ...)
 	NOT-FOR-US: ModStartCMS
 CVE-2024-46257 (A Command injection vulnerability in requestLetsEncryptSslWithDnsChall ...)
-	TODO: check
+	NOT-FOR-US: NginxProxyManager
 CVE-2024-46256 (A Command injection vulnerability in requestLetsEncryptSsl in NginxPro ...)
-	TODO: check
+	NOT-FOR-US: NginxProxyManager
 CVE-2024-46097 (TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestP ...)
 	NOT-FOR-US: TestLink
 CVE-2024-45863 (A null-dereference vulnerability involving parsing requests specifying ...)
@@ -196,11 +196,11 @@ CVE-2024-45745 (TopQuadrant TopBraid EDG before version 8.0.1 allows an authenti
 CVE-2024-45744 (TopQuadrant TopBraid EDG stores external credentials insecurely. An au ...)
 	NOT-FOR-US: TopQuadrant
 CVE-2024-44912 (NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read  ...)
-	TODO: check
+	NOT-FOR-US: NASA CryptoLib
 CVE-2024-44911 (NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read  ...)
-	TODO: check
+	NOT-FOR-US: NASA CryptoLib
 CVE-2024-44910 (NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read  ...)
-	TODO: check
+	NOT-FOR-US: NASA CryptoLib
 CVE-2024-41930 (Cross-site scripting vulnerability exists in MF Teacher Performance Ma ...)
 	NOT-FOR-US: MF Teacher Performance Management System
 CVE-2024-40512 (Cross Site Scripting vulnerability in openPetra v.2023.02 allows a rem ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f57681cf6535420ff5a53584204df762d872e5c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f57681cf6535420ff5a53584204df762d872e5c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240929/7b76d697/attachment.htm>

More information about the debian-security-tracker-commits mailing list