[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 05 Jun 2024 13:23:35 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
55f1f248 by Salvatore Bonaccorso at 2024-06-05T22:22:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2,49 +2,49 @@ CVE-2024-5629 (An out-of-bounds read in the 'bson' module of 
PyMongo 4.6.2 or ea
        - pymongo <unfixed>
        NOTE: https://jira.mongodb.org/browse/PYTHON-4305
 CVE-2024-5571 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, 
Embed You ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5536 (The GamiPress \u2013 Link plugin for WordPress is vulnerable to 
Stored ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5526 (Grafana OnCall is an easy-to-use on-call management tool that 
will hel ...)
        TODO: check
 CVE-2024-5459 (The Restaurant Menu and Food Ordering plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5184 (The EmailGPT service contains a prompt injection 
vulnerability.The ser ...)
-       TODO: check
+       NOT-FOR-US: EmailGPT service
 CVE-2024-5037 (A flaw was found in OpenShift's Telemeter. If certain 
conditions are i ...)
        TODO: check
 CVE-2024-4821 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4812 (A flaw was found in the Katello plugin for Foreman, where it is 
possib ...)
        TODO: check
 CVE-2024-4743 (The LifterLMS \u2013 WordPress LMS Plugin for eLearning plugin 
for Wor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4009 (Replay Attack  in ABB, Busch-Jaeger, FTS Display (version 1.00) 
and BC ...)
-       TODO: check
+       NOT-FOR-US: ABB, Busch-Jaeger, FTS Display and BCU
 CVE-2024-4008 (FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and 
BCU (ve ...)
-       TODO: check
+       NOT-FOR-US: ABB, Busch-Jaeger, FTS Display and BCU
 CVE-2024-4001 (The Download Manager plugin for WordPress is vulnerable to 
Stored Cros ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3716 (A flaw was found in foreman-installer when puppet-candlepin is 
invoked ...)
        TODO: check
 CVE-2024-3469 (The GP Premium plugin for WordPress is vulnerable to Reflected 
Cross-S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-36837 (SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote 
attacker  ...)
-       TODO: check
+       NOT-FOR-US: CRMEB
 CVE-2024-36670 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-36669 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-36668 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-36667 (idccms v1.35 was discovered to contain a Cross-Site Request 
Forgery (C ...)
-       TODO: check
+       NOT-FOR-US: idccms
 CVE-2024-36129 (The OpenTelemetry Collector offers a vendor-agnostic 
implementation on ...)
        TODO: check
 CVE-2024-35674 (Missing Authorization vulnerability in Unlimited Elements 
Unlimited El ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-35673 (Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat 
by Ruby P ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-31631
        REJECTED
 CVE-2024-31630
@@ -66,51 +66,51 @@ CVE-2024-31623
 CVE-2024-31622
        REJECTED
 CVE-2024-28818 (An issue was discovered in Samsung Mobile Processor, Wearable 
Processo ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27382 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27381 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27380 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27379 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27378 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27377 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27376 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27375 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27374 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27373 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27372 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27371 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27370 (An issue was discovered in Samsung Mobile Processor Exynos 
980, Exynos ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-20405 (A vulnerability in the web-based management interface of Cisco 
Finesse ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2024-20404 (A vulnerability in the web-based management interface of Cisco 
Finesse ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2024-1662 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: PORTY Smart Tech Technology Joint Stock Company PowerBank 
Application
 CVE-2024-1272 (Inclusion of Sensitive Information in Source Code vulnerability 
in TNB ...)
-       TODO: check
+       NOT-FOR-US: TNB Mobile Solutions Cockpit Software
 CVE-2023-6734
        REJECTED
 CVE-2023-50804 (An issue was discovered in Samsung Mobile Processor, 
Automotive Proces ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-50803 (An issue was discovered in Samsung Mobile Processor, 
Automotive Proces ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-49928 (An issue was discovered in Samsung Mobile Processor, 
Automotive Proces ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-49927 (An issue was discovered in Samsung Mobile Processor, 
Automotive Proces ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-5636 (A vulnerability was found in itsourcecode Bakery Online 
Ordering Syste ...)
        NOT-FOR-US: Bakery Online Ordering System
 CVE-2024-5635 (A vulnerability was found in itsourcecode Bakery Online 
Ordering Syste ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55f1f2486276cef54b9a90ae42a146037cf747a6

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55f1f2486276cef54b9a90ae42a146037cf747a6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to