[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 07 Feb 2024 13:07:49 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e592f27b by Salvatore Bonaccorso at 2024-02-07T21:46:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2024-24811 (SQLAlchemyDA is a generic database adapter 
for ZSQL methods. A v
 CVE-2024-24771 (Open Forms allows users create and publish smart forms. 
Versions prior ...)
        TODO: check
 CVE-2024-24706 (Cross-Site Request Forgery (CSRF) vulnerability in Forum One 
WP-CFM wp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-24563 (Vyper is a Pythonic Smart Contract Language for the Ethereum 
Virtual M ...)
        NOT-FOR-US: Vyper
 CVE-2024-24488 (An issue in Shenzen Tenda Technology CP3V2.0 
V11.10.00.2311090948 allo ...)
@@ -47,35 +47,35 @@ CVE-2024-24131 (SuperWebMailer v9.31.0.01799 was discovered 
to contain a reflect
 CVE-2024-24130 (Mail2World v12 Business Control Center was discovered to 
contain a ref ...)
        NOT-FOR-US: Mail2World v12 Business Control Center
 CVE-2024-23806 (Sensitive data can be extracted from HID iCLASS SE reader 
configuratio ...)
-       TODO: check
+       NOT-FOR-US: HID iCLASS SE reader configuration cards
 CVE-2024-23769 (Improper privilege control for the named pipe in Samsung 
Magician PC S ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-22984
        REJECTED
 CVE-2024-22012 (In TBD of TBD, there is a possible out of bounds write due to 
a missin ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-20290 (A vulnerability in the OLE2 file format parser of ClamAV could 
allow a ...)
        TODO: check
 CVE-2024-20255 (A vulnerability in the SOAP API of Cisco Expressway Series and 
Cisco T ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2024-20254 (Multiple vulnerabilities in Cisco Expressway Series and Cisco 
TelePres ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2024-20252 (Multiple vulnerabilities in Cisco Expressway Series and Cisco 
TelePres ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2024-1118 (The Podlove Subscribe button plugin for WordPress is vulnerable 
to UNI ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1110 (The Podlove Podcast Publisher plugin for WordPress is 
vulnerable to un ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1109 (The Podlove Podcast Publisher plugin for WordPress is 
vulnerable to un ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-47700 (IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and 
IBM Stora ...)
        NOT-FOR-US: IBM
 CVE-2023-46914 (SQL Injection vulnerability in RM bookingcalendar module for 
PrestaSho ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop module
 CVE-2023-43017 (IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could 
allow a pri ...)
        NOT-FOR-US: IBM
 CVE-2023-38995 (An issue in SCHUHFRIED v.8.22.00 allows remote attacker to 
obtain the  ...)
-       TODO: check
+       NOT-FOR-US: SCHUHFRIED
 CVE-2023-38369 (IBM Security Access Manager Container 10.0.0.0 through 
10.0.6.1 does n ...)
        NOT-FOR-US: IBM
 CVE-2023-32330 (IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses 
insecure cal ...)
@@ -395,7 +395,7 @@ CVE-2024-1046 (The Paid Membership Plugin, Ecommerce, User 
Registration Form, Lo
 CVE-2024-0969 (The ARMember plugin for WordPress is vulnerable to Sensitive 
Informati ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-0964 (A local file include could be remotely triggered in Gradio due 
to a vu ...)
-       TODO: check
+       NOT-FOR-US: Gradio
 CVE-2024-0961 (The SiteOrigin Widgets Bundle plugin for WordPress is 
vulnerable to St ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-0954 (The Essential Addons for Elementor \u2013 Best Elementor 
Templates, Wi ...)
@@ -547,7 +547,7 @@ CVE-2023-4637 (The WPvivid plugin for WordPress is 
vulnerable to unauthorized ac
 CVE-2023-47889 (The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, 
exposes  ...)
        NOT-FOR-US: Android application BINHDRM26 com.bdrm.superreboot
 CVE-2023-47354 (An issue in the PowerOffWidgetReceiver function of Super 
Reboot (Root) ...)
-       TODO: check
+       NOT-FOR-US: Super Reboot (Root) Recovery
 CVE-2023-47353 (An issue in the com.oneed.dvr.service.DownloadFirmwareService 
componen ...)
        TODO: check
 CVE-2023-47022 (An issue in NCR Terminal Handler v.1.5.1 allows a remote 
attacker to e ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e592f27bd89b2141808f3c01fa50e308c567ca96

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e592f27bd89b2141808f3c01fa50e308c567ca96
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to