[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 24 Sep 2024 13:44:50 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
18b4119f by Salvatore Bonaccorso at 2024-09-24T22:32:26+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2024-9148 (Flowise < 2.1.1 suffers from a Stored Cross-Site vulnerability 
due to  ...)
-       TODO: check
+       NOT-FOR-US: Flowise
 CVE-2024-9142 (External Control of File Name or Path, : Incorrect Permission 
Assignme ...)
        NOT-FOR-US: Olgu Computer Systems e-Belediye
 CVE-2024-9141 (Cross-Site Scripting (XSS) vulnerability in the Oct8ne system. 
This fl ...)
@@ -7,7 +7,7 @@ CVE-2024-9141 (Cross-Site Scripting (XSS) vulnerability in the 
Oct8ne system. Th
 CVE-2024-9063
        REJECTED
 CVE-2024-8942 (Vulnerability in Scriptcase version 9.4.019 that consists of a 
Cross-S ...)
-       TODO: check
+       NOT-FOR-US: Scriptcase
 CVE-2024-8941 (Path traversal vulnerability in Scriptcase version 9.4.019, in 
/script ...)
        NOT-FOR-US: Scriptcase
 CVE-2024-8940 (Vulnerability in the Scriptcase application version 9.4.019, 
which inv ...)
@@ -19,7 +19,7 @@ CVE-2024-8877 (Improper neutralization of special elements 
results in a SQL Inje
 CVE-2024-8801 (The Happy Addons for Elementor plugin for WordPress is 
vulnerable to S ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-8067 (In versions of Helix Core prior to 2024.1 Patch 2 
(2024.1/2655224) a W ...)
-       TODO: check
+       NOT-FOR-US: Helix Core
 CVE-2024-47048 (Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and 
earlier a ...)
        NOT-FOR-US: Rocket.Chat
 CVE-2024-46936 (Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and 
before is ...)
@@ -35,15 +35,15 @@ CVE-2024-46609 (An access control issue in the CheckVip 
function in UserControll
 CVE-2024-46607 (Incorrect access control in IceCMS v3.4.7 and before allows 
attackers  ...)
        NOT-FOR-US: IceCMS
 CVE-2024-45599 (Cursor is an artificial intelligence code editor. Prior to 
version 0.4 ...)
-       TODO: check
+       NOT-FOR-US: Cursor AI Code Editor
 CVE-2024-42797 (An Incorrect Access Control vulnerability was found in 
/music/ajax.php ...)
        NOT-FOR-US: Kashipara Music Management System
 CVE-2024-42507 (Command injection vulnerabilities in the underlying CLI 
service could  ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2024-42506 (Command injection vulnerabilities in the underlying CLI 
service could  ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2024-42505 (Command injection vulnerabilities in the underlying CLI 
service could  ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2024-38324 (IBM Storage Defender 2.0.0 through 2.0.7 on-prem 
defender-sensor-cmd C ...)
        NOT-FOR-US: IBM
 CVE-2024-45817 [x86: Deadlock in vlapic_error()]
@@ -121986,17 +121986,17 @@ CVE-2023-26693
 CVE-2023-26692 (ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper 
Publication Manage ...)
        NOT-FOR-US: ZCBS Zijper Collectie Beheer Systeem
 CVE-2023-26691 (Directory Traversal vulnerability in CS-Cart MultiVendor 
4.16.1 allows ...)
-       TODO: check
+       NOT-FOR-US: CS-Cart MultiVendor
 CVE-2023-26690 (File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows 
remote  ...)
-       TODO: check
+       NOT-FOR-US: CS-Cart MultiVendor
 CVE-2023-26689 (An issue discovered in CS-Cart MultiVendor 4.16.1 allows 
attackers to  ...)
-       TODO: check
+       NOT-FOR-US: CS-Cart MultiVendor
 CVE-2023-26688 (Cross Site Scripting (XSS) vulnerability in CS-Cart 
MultiVendor 4.16.1 ...)
-       TODO: check
+       NOT-FOR-US: CS-Cart MultiVendor
 CVE-2023-26687 (Directory Traversal vulnerability in CS-Cart MultiVendor 
4.16.1 allows ...)
-       TODO: check
+       NOT-FOR-US: CS-Cart MultiVendor
 CVE-2023-26686 (File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows 
remote  ...)
-       TODO: check
+       NOT-FOR-US: CS-Cart MultiVendor
 CVE-2023-26685
        RESERVED
 CVE-2023-26684



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18b4119f4c1b8277959b63a13f8b7bbbe310cca1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18b4119f4c1b8277959b63a13f8b7bbbe310cca1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to