[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 04 May 2024 01:33:21 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d1651411 by Salvatore Bonaccorso at 2024-05-04T10:29:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2024-3868 (The Folders Pro plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3240 (The ConvertPlug plugin for WordPress is vulnerable to PHP 
Object Injec ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3237 (The ConvertPlug plugin for WordPress is vulnerable to 
unauthorized mod ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-34461 (Zenario before 9.5.60437 uses Twig filters insecurely in the 
Twig Snip ...)
-       TODO: check
+       NOT-FOR-US: Zenario
 CVE-2024-34460 (The Tree Explorer tool from Organizer in Zenario before 
9.5.60602 is a ...)
-       TODO: check
+       NOT-FOR-US: Zenario
 CVE-2024-1050 (The Import and export users and customers plugin for WordPress 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-7065 (The Stop Spammers Security | Block Spam Users, Comments, Forms 
plugin  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4466 (SQL injection vulnerability in Gescen on the 
centrosdigitales.net plat ...)
        NOT-FOR-US: Gescen
 CVE-2024-4461 (Unquoted path or search item vulnerability in SugarSync 
versions prior ...)
@@ -875,9 +875,9 @@ CVE-2023-47220 (An OS command injection vulnerability has 
been reported to affec
 CVE-2023-44472 (Missing Authorization vulnerability in ThemeFuse Unyson.This 
issue aff ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-44452 (Linux Mint Xreader CBT File Parsing Argument Injection Remote 
Code Exe ...)
-       TODO: check
+       NOT-FOR-US: Linux Mint Xreader
 CVE-2023-44451 (Linux Mint Xreader EPUB File Parsing Directory Traversal 
Remote Code E ...)
-       TODO: check
+       NOT-FOR-US: Linux Mint Xreader
 CVE-2023-44450 (NETGEAR ProSAFE Network Management System 
getNodesByTopologyMapSearch  ...)
        NOT-FOR-US: Netgear
 CVE-2023-44449 (NETGEAR ProSAFE Network Management System clearAlertByIds SQL 
Injectio ...)
@@ -909,7 +909,7 @@ CVE-2023-44432 (Kofax Power PDF PDF File Parsing 
Out-Of-Bounds Write Remote Code
 CVE-2023-44431 (BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote 
Code Exec ...)
        TODO: check
 CVE-2023-44430 (Bentley View SKP File Parsing Use-After-Free Remote Code 
Execution Vul ...)
-       TODO: check
+       NOT-FOR-US: Bentley
 CVE-2023-44428 (MuseScore CAP File Parsing Heap-based Buffer Overflow Remote 
Code Exec ...)
        TODO: check
 CVE-2023-44427 (D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command 
Injecti ...)
@@ -1895,11 +1895,11 @@ CVE-2023-32159 (PDF-XChange Editor PDF File Parsing 
Out-Of-Bounds Write Remote C
 CVE-2023-32158 (PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote 
Code Ex ...)
        NOT-FOR-US: PDF-XChange Editor
 CVE-2023-32157 (Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow 
Arbitrary Code ...)
-       TODO: check
+       NOT-FOR-US: Tesla
 CVE-2023-32156 (Tesla Model 3 Gateway Firmware Signature Validation Bypass 
Vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: Tesla
 CVE-2023-32155 (Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege 
Escalation Vu ...)
-       TODO: check
+       NOT-FOR-US: Tesla
 CVE-2023-32154 (Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code 
Execution Vuln ...)
        NOT-FOR-US: Mikrotik RouterOS
 CVE-2023-32153 (D-Link DIR-2640 EmailFrom Command Injection Remote Code 
Execution Vuln ...)
@@ -325182,13 +325182,13 @@ CVE-2019-19757 (An internal product security audit 
of Lenovo XClarity Administra
 CVE-2019-19756 (An internal product security audit of Lenovo XClarity 
Administrator (L ...)
        NOT-FOR-US: Lenovo
 CVE-2019-19755 (ethOS through 1.3.3 ships with SSH host keys baked into the 
installati ...)
-       TODO: check
+       NOT-FOR-US: ethOS
 CVE-2019-19754 (HiveOS through 0.6-102@191212 ships with SSH host keys baked 
into the  ...)
-       TODO: check
+       NOT-FOR-US: HiveOS
 CVE-2019-19753 (SimpleMiningOS through v1259 ships with SSH host keys baked 
into the i ...)
        NOT-FOR-US: SimpleMiningOS
 CVE-2019-19752 (nvOC through 3.2 ships with SSH host keys baked into the 
installation  ...)
-       TODO: check
+       NOT-FOR-US: nvOC
 CVE-2019-19751 (easyMINE before 2019-12-05 ships with SSH host keys baked into 
the ins ...)
        NOT-FOR-US: easyMINE
 CVE-2019-19750 (minerstat msOS before 2019-10-23 does not have a unique SSH 
key for ea ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d165141147842d59ddbb1a64557b9180ca2f5bbc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d165141147842d59ddbb1a64557b9180ca2f5bbc
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to