[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b154eccf by Salvatore Bonaccorso at 2024-08-16T22:42:28+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,55 +1,55 @@
 CVE-2024-7646 (A security issue was discovered in ingress-nginx where an actor 
with p ...)
        TODO: check
 CVE-2024-7147 (The JetBlocks for Elementor plugin for WordPress is vulnerable 
to Stor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-7146 (The JetTabs for Elementor plugin for WordPress is vulnerable to 
Local  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-7145 (The JetElements plugin for WordPress is vulnerable to Local 
File Inclu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-7144 (The JetElements plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-7136 (The JetSearch plugin for WordPress is vulnerable to Stored 
Cross-Site  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6098 (When performing an online tag generation to devices which 
communicate  ...)
-       TODO: check
+       NOT-FOR-US: Kepware
 CVE-2024-6004 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2024-5210 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2024-5209 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2024-4782 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2024-4781 (A denial-of-service vulnerability was reported in some Lenovo 
printers ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2024-4763 (An insecure driver vulnerability was reported inLenovo Display 
Control ...)
-       TODO: check
+       NOT-FOR-US: Lenovo
 CVE-2024-43810 (In JetBrains TeamCity before 2024.07.1 reflected XSS was 
possible in t ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2024-43809 (In JetBrains TeamCity before 2024.07.1 reflected XSS was 
possible on t ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2024-43808 (In JetBrains TeamCity before 2024.07.1 self XSS was possible 
in the Ha ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2024-43807 (In JetBrains TeamCity before 2024.07.1 multiple stored XSS was 
possibl ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2024-43472 (Microsoft Edge (Chromium-based) Elevation of Privilege 
Vulnerability)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2024-43381 (reNgine is an automated reconnaissance framework for web 
applications. ...)
        TODO: check
 CVE-2024-43042 (Pluck CMS 4.7.18 does not restrict failed login attempts, 
allowing att ...)
        TODO: check
 CVE-2024-43011 (An arbitrary file deletion vulnerability exists in the 
admin/del.php f ...)
-       TODO: check
+       NOT-FOR-US: ZZCMS
 CVE-2024-43009 (A reflected cross-site scripting (XSS) vulnerability exists in 
user/lo ...)
-       TODO: check
+       NOT-FOR-US: ZZCMS
 CVE-2024-43006 (A stored cross-site scripting (XSS) vulnerability exists in 
ZZCMS2023  ...)
-       TODO: check
+       NOT-FOR-US: ZZCMS
 CVE-2024-43005 (A reflected cross-site scripting (XSS) vulnerability in the 
component  ...)
-       TODO: check
+       NOT-FOR-US: ZZCMS
 CVE-2024-42995 (VTiger CRM <= 8.1.0 does not correctly check user privileges. 
A low-pr ...)
-       TODO: check
+       NOT-FOR-US: VTiger CRM
 CVE-2024-42994 (VTiger CRM <= 8.1.0 does not properly sanitize user input 
before using ...)
-       TODO: check
+       NOT-FOR-US: VTiger CRM
 CVE-2024-42850 (An issue in the password change function of Silverpeas v6.4.2 
and lowe ...)
        TODO: check
 CVE-2024-42849 (An issue in Silverpeas v.6.4.2 and lower allows a remote 
attacker to c ...)
@@ -129,7 +129,7 @@ CVE-2024-43378 (calamares-nixos-extensions provides 
Calamares branding and modul
 CVE-2024-43370 (gettext.js is a GNU gettext port for node and the browser. 
There is a  ...)
        TODO: check
 CVE-2024-43369 (Ibexa RichText Field Type is a Field Type for supporting rich 
formatte ...)
-       TODO: check
+       NOT-FOR-US: Ibexa RichText Field Type
 CVE-2024-43367 (Boa is an embeddable and experimental Javascript engine 
written in Rus ...)
        TODO: check
 CVE-2024-43366 (zkvyper is a Vyper compiler. Starting in version 1.3.12 and 
prior to v ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b154eccf8d6fcd8f26b579083a2d002efab3610e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b154eccf8d6fcd8f26b579083a2d002efab3610e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits