[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 30 Aug 2024 12:31:52 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8bb03737 by Salvatore Bonaccorso at 2024-08-30T21:30:20+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18,21 +18,21 @@ CVE-2024-8234 (** UNSUPPORTED WHEN ASSIGNED ** A command 
injection vulnerability
 CVE-2024-8016 (The Events Calendar Pro plugin for WordPress is vulnerable to 
PHP Obje ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-6672 (In WhatsUp Gold versions released before 2024.0.0, a SQL 
Injection vul ...)
-       TODO: check
+       NOT-FOR-US: WhatsUp Gold
 CVE-2024-6671 (In WhatsUp Gold versions released before 2024.0.0, if the 
application  ...)
-       TODO: check
+       NOT-FOR-US: WhatsUp Gold
 CVE-2024-6670 (In WhatsUp Gold versions released before 2024.0.0,a SQL 
Injection vuln ...)
-       TODO: check
+       NOT-FOR-US: WhatsUp Gold
 CVE-2024-5879 (The HubSpot \u2013 CRM, Email Marketing, Live Chat, Forms & 
Analytics  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5784 (The Tutor LMS  Pro plugin for WordPress is vulnerable to 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5061 (The Enfold - Responsive Multi-Purpose Theme theme for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5024 (The Memberpress plugin for WordPress is vulnerable to Reflected 
Cross- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-4401 (The Elementor Addon Elements plugin for WordPress is vulnerable 
to Sto ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-45492 (An issue was discovered in libexpat before 2.6.3. 
nextScaffoldPart in  ...)
        - expat <unfixed>
        NOTE: https://github.com/libexpat/libexpat/pull/892
@@ -46,7 +46,7 @@ CVE-2024-45490 (An issue was discovered in libexpat before 
2.6.3. xmlparse.c doe
        NOTE: https://github.com/libexpat/libexpat/pull/890
        NOTE: https://github.com/libexpat/libexpat/issues/887
 CVE-2024-45488 (One Identity Safeguard for Privileged Passwords before 7.5.2 
allows un ...)
-       TODO: check
+       NOT-FOR-US: One Identity Safeguard for Privileged Passwords
 CVE-2024-45302 (RestSharp is a Simple REST and HTTP API Client for .NET. The 
second ar ...)
        TODO: check
 CVE-2024-44944 [netfilter: ctnetlink: use helper function to calculate expect 
ID]
@@ -54,21 +54,21 @@ CVE-2024-44944 [netfilter: ctnetlink: use helper function 
to calculate expect ID
        [bookworm] - linux 6.1.106-1
        NOTE: 
https://git.kernel.org/linus/782161895eb4ac45cf7cfa8db375bd4766cb8299 (6.11-rc1)
 CVE-2024-42412 (Cross-site scripting vulnerability exists in WAB-I1750-PS and 
WAB-S116 ...)
-       TODO: check
+       NOT-FOR-US: WAB-I1750-PS and WAB-S1167-PS
 CVE-2024-41349 (unmark 1.9.2 is vulnerable to Cross Site Scripting (XSS) via 
applicati ...)
        TODO: check
 CVE-2024-3998 (The Betheme theme for WordPress is vulnerable to Stored 
Cross-Site Scr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-3673 (The Web Directory Free WordPress plugin before 1.7.3 does not 
validate ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-39300 (Missing authentication vulnerability exists in Telnet function 
of WAB- ...)
-       TODO: check
+       NOT-FOR-US: WAB-I1750-PS
 CVE-2024-34577 (Cross-site scripting vulnerability exists in WRC-X3000GS2-B, 
WRC-X3000 ...)
-       TODO: check
+       NOT-FOR-US: WRC-X3000GS2-B, WRC-X3000GS2-W, and WRC-X3000GS2A-B
 CVE-2024-2881 (Fault Injection vulnerability inwc_ed25519_sign_msg function in 
wolfss ...)
        TODO: check
 CVE-2024-2694 (The Betheme theme for WordPress is vulnerable to PHP Object 
Injection  ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-2502 (An application can be configured to block boot attempts after 
consecut ...)
        TODO: check
 CVE-2024-1545 (Fault Injection vulnerability in RsaPrivateDecryption function 
in wolf ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bb0373791262724682ee21bd00f1fd5287318aa

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bb0373791262724682ee21bd00f1fd5287318aa
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to