[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) Wed, 28 Aug 2024 02:25:24 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
07958801 by Salvatore Bonaccorso at 2024-08-28T11:23:52+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,35 +31,35 @@ CVE-2024-8217 (A vulnerability has been found in 
SourceCodester E-Commerce Websi
 CVE-2024-8216 (A vulnerability, which was classified as critical, has been 
found in n ...)
        NOT-FOR-US: nafisulbari/itsourcecode Insurance Management System
 CVE-2024-8030 (The Ultimate Store Kit Elementor Addons, Woocommerce Builder, 
EDD Buil ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-7573 (The Relevanssi Live Ajax Search plugin for WordPress is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6448 (The Mollie Payments for WooCommerce plugin for WordPress is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6312 (The Funnelforms Free plugin for WordPress is vulnerable to 
arbitrary f ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6311 (The Funnelforms Free plugin for WordPress is vulnerable to 
arbitrary f ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4556 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: NetIQ Access Manager
 CVE-2024-4555 (Improper Privilege Management vulnerability in OpenText NetIQ 
Access M ...)
-       TODO: check
+       NOT-FOR-US: (OpenText) NetIQ Access Manager
 CVE-2024-4554 (Improper Input Validation vulnerability in OpenText NetIQ 
Access Manag ...)
-       TODO: check
+       NOT-FOR-US: (OpenText) NetIQ Access Manager
 CVE-2024-45346 (A code execution vulnerability exists in the XiaomiGetApps 
application ...)
-       TODO: check
+       NOT-FOR-US: XiaomiGetApps application
 CVE-2024-45049 (Hydra is a Continuous Integration service for Nix based 
projects. It i ...)
        TODO: check
 CVE-2024-45038 (Meshtastic device firmware is a firmware for meshtastic 
devices to run ...)
-       TODO: check
+       NOT-FOR-US: Meshtastic device firmware
 CVE-2024-39771 (QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and 
earlier  ...)
        TODO: check
 CVE-2024-39584 (Dell Client Platform BIOS contains a Use of Default 
Cryptographic Key  ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2023-45896 (ntfs3 in the Linux kernel before 6.5.11 allows a physically 
proximate  ...)
        TODO: check
 CVE-2023-43078 (Dell Dock Firmware and Dell Client Platform contain an 
Improper Link R ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2024-44943 (In the Linux kernel, the following vulnerability has been 
resolved:  m ...)
        - linux 6.10.3-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -147,7 +147,7 @@ CVE-2024-42851 (Buffer Overflow vulnerability in open 
source exiftags v.1.01 all
 CVE-2024-41622 (D-Link DIR-846W A1 FW100A43 was discovered to contain a remote 
command ...)
        NOT-FOR-US: D-Link
 CVE-2024-40395 (An Insecure Direct Object Reference (IDOR) in PTC ThingWorx 
v9.5.0 all ...)
-       TODO: check
+       NOT-FOR-US: PTC ThingWorx
 CVE-2024-3982 (An attacker with local access to machine where MicroSCADA X 
SYS600 is  ...)
        NOT-FOR-US: Hitachi
 CVE-2024-3980 (The product allows user input to control or influence paths or 
file na ...)
@@ -117474,13 +117474,13 @@ CVE-2023-26326 (The BuddyForms WordPress plugin, in 
versions prior to 2.7.8, was
 CVE-2023-26325 (The 'rx_export_review' action in the ReviewX WordPress Plugin, 
is affe ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-26324 (A code execution vulnerability exists in the XiaomiGetApps 
application ...)
-       TODO: check
+       NOT-FOR-US: XiaomiGetApps application
 CVE-2023-26323 (A code execution vulnerability exists in the Xiaomi App market 
product ...)
-       TODO: check
+       NOT-FOR-US: Xiaomi
 CVE-2023-26322 (A code execution vulnerability exists in the XiaomiGetApps 
application ...)
-       TODO: check
+       NOT-FOR-US: Xiaomi
 CVE-2023-26321 (A path traversal vulnerability exists in the Xiaomi File 
Manager appli ...)
-       TODO: check
+       NOT-FOR-US: Xiaomi
 CVE-2023-26320 (Improper Neutralization of Special Elements used in a Command 
('Comman ...)
        NOT-FOR-US: Xiaomi
 CVE-2023-26319 (Improper Neutralization of Special Elements used in a Command 
('Comman ...)
@@ -237566,11 +237566,11 @@ CVE-2021-38124 (Remote Code Execution vulnerability 
in Micro Focus ArcSight Ente
 CVE-2021-38123 (Open Redirect vulnerability in Micro Focus Network Automation, 
affecti ...)
        NOT-FOR-US: Micro Focus
 CVE-2021-38122 (A Cross-Site Scripting vulnerable identified in NetIQ Advance 
Authenti ...)
-       TODO: check
+       NOT-FOR-US: NetIQ Advance Authentication
 CVE-2021-38121 (Insufficient or weak TLS protocol version identified in 
Advance authen ...)
-       TODO: check
+       NOT-FOR-US: NetIQ
 CVE-2021-38120 (A vulnerability identified in Advance Authentication that 
allows bash  ...)
-       TODO: check
+       NOT-FOR-US: NetIQ
 CVE-2021-38119
        RESERVED
 CVE-2021-38118
@@ -277063,9 +277063,9 @@ CVE-2021-22532
 CVE-2021-22531 (A bug exist in the input parameter of Access Manager that 
allows suppl ...)
        NOT-FOR-US: Microfocus
 CVE-2021-22530 (A vulnerability identified in NetIQ Advance Authentication 
that doesn' ...)
-       TODO: check
+       NOT-FOR-US: NetIQ
 CVE-2021-22529 (A vulnerability identified in NetIQ Advance Authentication 
that leaks  ...)
-       TODO: check
+       NOT-FOR-US: NetIQ
 CVE-2021-22528 (Reflected Cross Site Scripting (XSS) vulnerability in NetIQ 
Access Man ...)
        NOT-FOR-US: NetIQ Access Manager
 CVE-2021-22527 (Information leakage vulnerability in NetIQ Access Manager 
prior to 5.0 ...)
@@ -277105,7 +277105,7 @@ CVE-2021-22511 (Improper Certificate Validation 
vulnerability in Micro Focus App
 CVE-2021-22510 (Reflected XSS vulnerability in Micro Focus Application 
Automation Tool ...)
        NOT-FOR-US: Jenkins plugin
 CVE-2021-22509 (A vulnerability identified in storing and reusing information 
in Advan ...)
-       TODO: check
+       NOT-FOR-US: NetIQ
 CVE-2021-22508 (A potential vulnerability has been identified for OpenText 
Operations  ...)
        NOT-FOR-US: OpenText Operations Bridge Reporter
 CVE-2021-22507 (Authentication bypass vulnerability in Micro Focus Operations 
Bridge M ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07958801d18ae46d5ab8daf1d8d04e5321f2d7e5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/07958801d18ae46d5ab8daf1d8d04e5321f2d7e5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to