[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Mon, 15 Apr 2024 01:46:16 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6dfa6504 by Salvatore Bonaccorso at 2024-04-15T10:45:36+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
 CVE-2024-3778 (The file upload functionality of Ai3 QbiBot does not properly 
restrict ...)
-       TODO: check
+       NOT-FOR-US: Ai3 QbiBot
 CVE-2024-3777 (The password reset feature of Ai3 QbiBot lacks proper access 
control,  ...)
-       TODO: check
+       NOT-FOR-US: Ai3 QbiBot
 CVE-2024-3776 (The parameter used in the login page of Netvision airPASS is 
not prope ...)
-       TODO: check
+       NOT-FOR-US: Netvision airPASS
 CVE-2024-3775 (aEnrich Technology a+HRD's functionality for downloading files 
using y ...)
-       TODO: check
+       NOT-FOR-US: aEnrich Technology
 CVE-2024-3774 (aEnrich Technology a+HRD's functionality for front-end 
retrieval of sy ...)
-       TODO: check
+       NOT-FOR-US: aEnrich Technology
 CVE-2024-3772 (Regular expression denial of service in Pydanic < 2.4.0, < 
1.10.13 all ...)
        TODO: check
 CVE-2024-3771 (A vulnerability was found in PHPGurukul Student Record System 
3.20 and ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul Student Record System
 CVE-2024-3770 (A vulnerability has been found in PHPGurukul Student Record 
System 3.2 ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul Student Record System
 CVE-2024-3769 (A vulnerability, which was classified as critical, was found in 
PHPGur ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul Student Record System
 CVE-2024-3768 (A vulnerability, which was classified as critical, has been 
found in P ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul News Portal
 CVE-2024-3767 (A vulnerability classified as critical was found in PHPGurukul 
News Po ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul News Portal
 CVE-2024-3766 (A vulnerability, which was classified as problematic, has been 
found i ...)
        TODO: check
 CVE-2024-3765 (A vulnerability classified as critical was found in Xiongmai 
AHB7804R- ...)
-       TODO: check
+       NOT-FOR-US: Xiongmai
 CVE-2024-3764 (A vulnerability classified as problematic has been found in 
Tuya Camer ...)
        TODO: check
 CVE-2024-3763 (A vulnerability was found in Emlog Pro 2.2.10. It has been 
rated as pr ...)
@@ -33,85 +33,85 @@ CVE-2024-3762 (A vulnerability was found in Emlog Pro 
2.2.10. It has been declar
 CVE-2024-3701 (The system application (com.transsion.kolun.aiservice) 
component does  ...)
        TODO: check
 CVE-2024-3505 (JFrog Artifactory Self-Hosted versions below 7.77.3, are 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: JFrog Artifactory Self-Hosted
 CVE-2024-32489 (TCPDF before 6.7.4 mishandles calls that use HTML syntax.)
        TODO: check
 CVE-2024-32488 (In Foxit PDF Reader and Editor before 2024.1, Local Privilege 
Escalati ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2024-32454 (Server-Side Request Forgery (SSRF) vulnerability in 
Wappointment Appoi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32453 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32452 (Cross-Site Request Forgery (CSRF) vulnerability in WP 
EasyCart.This is ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32451 (Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal 
Pages.T ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32450 (Cross-Site Request Forgery (CSRF) vulnerability in MagePeople 
Team WpT ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32449 (Cross-Site Request Forgery (CSRF) vulnerability in MagniGenie 
RestroPr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32448 (Cross-Site Request Forgery (CSRF) vulnerability in 
VideoYield.Com Ads. ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32447 (Cross-Site Request Forgery (CSRF) vulnerability in AWP 
Classifieds Tea ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32446 (Cross-Site Request Forgery (CSRF) vulnerability in WP Swings 
Wallet Sy ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32445 (Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder 
Team We ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32443 (Cross-Site Request Forgery (CSRF) vulnerability in IP2Location 
Downloa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32442 (Cross-Site Request Forgery (CSRF) vulnerability in Zoho 
Campaigns.This ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32441 (Cross-Site Request Forgery (CSRF) vulnerability in Zoho 
Campaigns.This ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32440 (Cross-Site Request Forgery (CSRF) vulnerability in Thomas 
Belser Asgar ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32439 (Cross-Site Request Forgery (CSRF) vulnerability in SwitchWP WP 
Client  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32438 (Cross-Site Request Forgery (CSRF) vulnerability in 
cleverplugins.Com S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32431 (Deserialization of Untrusted Data vulnerability in WP All 
Import Impor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32430 (Server-Side Request Forgery (SSRF) vulnerability in 
ActiveCampaign.Thi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32429 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32428 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32149 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32147 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32145 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32140 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32139 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32138 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32137 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32136 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32135 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32134 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32133 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32132 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32128 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32127 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32125 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32098 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32087 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32082 (Cross-Site Request Forgery (CSRF) vulnerability in kp4coder 
Sync Post  ...)
        TODO: check
 CVE-2024-32079 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6dfa65048f178ab96604cc7131d19f6d2ebb6aa5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6dfa65048f178ab96604cc7131d19f6d2ebb6aa5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to