[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 17 Apr 2024 13:35:54 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
99a6a8dd by Salvatore Bonaccorso at 2024-04-17T22:35:15+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -170,39 +170,39 @@ CVE-2024-31040 (Buffer Overflow vulnerability in the 
get_var_integer function in
 CVE-2024-31031 (An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to 
cause un ...)
        TODO: check
 CVE-2024-30990 (SQL Injection vulnerability in the "Invoices" page in 
phpgurukul Clien ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Client Management System
 CVE-2024-30989 (Cross Site Scripting vulnerability in /edit-client-details.php 
of phpg ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Client Management System
 CVE-2024-30988 (Cross Site Scripting vulnerability in /search-invoices.php of 
phpguruk ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Client Management System
 CVE-2024-30987 (Cross Site Scripting vulnerability in /bwdates-reports-ds.php 
of phpgu ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Client Management System
 CVE-2024-30986 (Cross Site Scripting vulnerability in 
/edit-services-details.php of ph ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Client Management System
 CVE-2024-30985 (SQL Injection vulnerability in "B/W Dates Reports" page in 
phpgurukul  ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Client Management System
 CVE-2024-30983 (SQL Injection vulnerability in phpgurukul Cyber Cafe 
Management System ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Cyber Cafe Management System
 CVE-2024-30982 (SQL Injection vulnerability in phpgurukul Cyber Cafe 
Management System ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Cyber Cafe Management System
 CVE-2024-30981 (SQL Injection vulnerability in /edit-computer-detail.php in 
phpgurukul ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Cyber Cafe Management System
 CVE-2024-30980 (SQL Injection vulnerability in phpgurukul Cyber Cafe 
Management System ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Cyber Cafe Management System
 CVE-2024-30979 (Cross Site Scripting vulnerability in Cyber Cafe Management 
System 1.0 ...)
-       TODO: check
+       NOT-FOR-US: phpgurukul Cyber Cafe Management System
 CVE-2024-30953 (A stored cross-site scripting (XSS) vulnerability in Htmly 
v2.9.5 allo ...)
-       TODO: check
+       NOT-FOR-US: Htmly
 CVE-2024-30952 (A stored cross-site scripting (XSS) vulnerability in 
PESCMS-TEAM v2.3. ...)
-       TODO: check
+       NOT-FOR-US: PESCMS-TEAM
 CVE-2024-30951 (FUDforum v3.1.3 was discovered to contain a reflected 
cross-site scrip ...)
-       TODO: check
+       NOT-FOR-US: FUDforum
 CVE-2024-30950 (A stored cross-site scripting (XSS) vulnerability in FUDforum 
v3.1.3 a ...)
-       TODO: check
+       NOT-FOR-US: FUDforum
 CVE-2024-30253 (@solana/web3.js is the Solana JavaScript SDK. Using particular 
inputs  ...)
        TODO: check
 CVE-2024-2419 (A flaw was found in Keycloak's redirect_uri validation logic. 
This iss ...)
-       TODO: check
+       NOT-FOR-US: Keycloak
 CVE-2024-29951 (Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash 
in intern ...)
        TODO: check
 CVE-2024-29950 (The class FileTransfer implemented in Brocade SANnav before 
v2.3.1, v2 ...)
@@ -210,13 +210,13 @@ CVE-2024-29950 (The class FileTransfer implemented in 
Brocade SANnav before v2.3
 CVE-2024-29035 (Umbraco is an ASP.NET CMS. Failing webhooks logs are available 
when so ...)
        TODO: check
 CVE-2024-28073 (SolarWinds Serv-U was found to be susceptible to a Directory 
Traversal ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2024-24856 (The memory allocation function ACPI_ALLOCATE_ZEROED does not 
guarantee ...)
        TODO: check
 CVE-2024-21990 (ONTAP Select Deploy administration utility versions 9.12.1.x,  
9.13.1. ...)
-       TODO: check
+       NOT-FOR-US: ONTAP / NetAPP
 CVE-2024-21989 (ONTAP Select Deploy administration utility versions 9.12.1.x,  
9.13.1. ...)
-       TODO: check
+       NOT-FOR-US: ONTAP / NetAPP
 CVE-2024-1350 (Missing Authorization vulnerability in Prasidhda Malla Honeypot 
for WP ...)
        TODO: check
 CVE-2024-1249 (A flaw was found in Keycloak's OIDC component in the 
"checkLoginIframe ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99a6a8dd2eaf98b75e8a31741847c7e020543144

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99a6a8dd2eaf98b75e8a31741847c7e020543144
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to