[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 16 Jan 2024 13:21:12 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e915d062 by Salvatore Bonaccorso at 2024-01-16T22:20:28+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2024-22626 (Complete Supplier Management System v1.0 is 
vulnerable to SQL In
 CVE-2024-22625 (Complete Supplier Management System v1.0 is vulnerable to SQL 
Injectio ...)
        NOT-FOR-US: Complete Supplier Management System
 CVE-2024-22491 (A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 
2.0 all ...)
-       TODO: check
+       NOT-FOR-US: beetl-bbs
 CVE-2024-0599 (A vulnerability was found in Jspxcms 10.2.0. It has been 
declared as p ...)
        NOT-FOR-US: Jspxcms
 CVE-2024-0584 (A use-after-free issue was found in igmp_start_timer in 
net/ipv4/igmp. ...)
@@ -69,7 +69,7 @@ CVE-2024-0553 (A vulnerability was found in GnuTLS. The 
response times to malfor
        NOTE: 
https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html
        NOTE: Issue exists because of incomplete fix for CVE-2023-5981
 CVE-2024-0507 (An attacker with access to a Management Console user account 
with the  ...)
-       TODO: check
+       NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-0239 (The Contact Form 7 Connector WordPress plugin before 1.2.3 does 
not sa ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-0238 (The EventON WordPress plugin before 4.5.5, EventON WordPress 
plugin be ...)
@@ -83,7 +83,7 @@ CVE-2024-0235 (The EventON WordPress plugin before 4.5.5, 
EventON WordPress plug
 CVE-2024-0233 (The EventON WordPress plugin before 4.5.5, EventON WordPress 
plugin be ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-0200 (An unsafe reflection vulnerability was identified in GitHub 
Enterprise ...)
-       TODO: check
+       NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-0187 (The Community by PeepSo WordPress plugin before 6.3.1.2 does 
not sanit ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-7234 (OPCUAServerToolkit will write a log message once an OPC UA 
client has  ...)
@@ -109,7 +109,7 @@ CVE-2023-6592 (The FastDup WordPress plugin before 2.2 does 
not prevent director
 CVE-2023-6373 (The ArtPlacer Widget WordPress plugin before 2.20.7 does not 
sanitize  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-6336 (Improper Link Resolution Before File Access ('Link Following') 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: HYPR
 CVE-2023-6335 (Improper Link Resolution Before File Access ('Link Following') 
vulnera ...)
        NOT-FOR-US: HYPR
 CVE-2023-6334 (Improper Restriction of Operations within the Bounds of a 
Memory Buffe ...)
@@ -157,7 +157,7 @@ CVE-2023-52098 (Denial of Service (DoS) vulnerability in 
the DMS module. Success
 CVE-2023-52041 (An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 
allows a ...)
        NOT-FOR-US: Totolink
 CVE-2023-51381 (Cross-site Scripting in thetag name pattern field in the tag 
protectio ...)
-       TODO: check
+       NOT-FOR-US: GitHub Enterprise Server
 CVE-2023-4969 (A GPU kernel can read sensitive data from another GPU kernel 
(even fro ...)
        TODO: check
 CVE-2023-4797 (The Newsletters WordPress plugin before 4.9.3 does not properly 
escape ...)
@@ -283,7 +283,7 @@ CVE-2024-21673 (This High severity Remote Code Execution 
(RCE) vulnerability was
 CVE-2024-21672 (This High severity Remote Code Execution (RCE) vulnerability 
was intro ...)
        NOT-FOR-US: Atlassian Confluence Data Center and Server
 CVE-2023-7206 (In Horner Automation Cscape versions 9.90 SP10 and prior, local 
attack ...)
-       TODO: check
+       NOT-FOR-US: Horner Automation
 CVE-2023-6457 (Incorrect Default Permissions vulnerability in Hitachi Tuning 
Manager  ...)
        NOT-FOR-US: Hitachi
 CVE-2023-52113 (launchAnyWhere vulnerability in the ActivityManagerService 
module. Suc ...)
@@ -482,7 +482,7 @@ CVE-2024-0522 (A vulnerability was found in Allegro 
RomPager 4.01. It has been c
 CVE-2023-48383 (NetVision  Information    airPASS has a path traversal 
vulnerability w ...)
        NOT-FOR-US: NetVision
 CVE-2020-36770 (pkg_postinst in the Gentoo ebuild for Slurm through 22.05.3 
unnecessar ...)
-       TODO: check
+       NOT-FOR-US: Gentoo (ebuild for Slurm)
 CVE-2024-0510 (A vulnerability, which was classified as critical, has been 
found in H ...)
        NOT-FOR-US: HaoKeKeJi YiQiNiu
 CVE-2024-0505 (A vulnerability was found in ZhongFuCheng3y Austin 1.0 and 
classified  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e915d062b5028a47be8c29aae1a6be46d48b0201

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e915d062b5028a47be8c29aae1a6be46d48b0201
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to