[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
55bcd05c by Moritz Muehlenhoff at 2024-10-22T09:22:06+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,59 +1,59 @@
 CVE-2024-8305 (prepareUnique index may cause secondaries to crash due to 
incorrect en ...)
-       TODO: check
+       - mongodb <removed>
 CVE-2024-49368 (Nginx UI is a web user interface for the Nginx web server. 
Prior to ve ...)
-       TODO: check
+       NOT-FOR-US: Nginx UI
 CVE-2024-49367 (Nginx UI is a web user interface for the Nginx web server. 
Prior to ve ...)
-       TODO: check
+       NOT-FOR-US: Nginx UI
 CVE-2024-49366 (Nginx UI is a web user interface for the Nginx web server. 
Nginx UI v2 ...)
-       TODO: check
+       NOT-FOR-US: Nginx UI
 CVE-2024-49321 (Missing Authorization vulnerability in Colorlib Simple Custom 
Post Ord ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-49293 (Missing Authorization vulnerability in Rextheme WP VR allows 
Exploitin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-49273 (Missing Authorization vulnerability in ProfileGrid User 
Profiles Profi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-48930 (secp256k1-node is a Node.js binding for an Optimized C library 
for EC  ...)
-       TODO: check
+       NOT-FOR-US: secp256k1-node
 CVE-2024-48709 (CodeAstro Membership Management System v1.0 is vulnerable to 
Cross Sit ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2024-48659 (An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to 
execute ...)
-       TODO: check
+       NOT-FOR-US: DCME-320-L
 CVE-2024-48645 (In Minecraft mod "Command Block IDE" up to and including 
version 0.4.9 ...)
-       TODO: check
+       NOT-FOR-US: Minecraft mod Command Block IDE
 CVE-2024-48597 (Online Clinic Management System v1.0 was discovered to contain 
a SQL i ...)
-       TODO: check
+       NOT-FOR-US: Online Clinic Management System
 CVE-2024-48509 (Learning with Texts (LWT) 2.0.3 is vulnerable to SQL 
Injection. This o ...)
-       TODO: check
+       NOT-FOR-US: Learning with Texts (LWT)
 CVE-2024-48231 (Funadmin 5.0.2 is vulnerable to SQL Injection via the 
selectFields par ...)
-       TODO: check
+       NOT-FOR-US: Funadmin
 CVE-2024-47912 (A vulnerability in the AWV (Audio, Web, and Video) 
Conferencing compon ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2024-47825 (Cilium is a networking, observability, and security solution 
with an e ...)
-       TODO: check
+       - cilium <itp> (bug #858303)
 CVE-2024-47722
        REJECTED
 CVE-2024-47328 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-47223 (A vulnerability in the AWV (Audio, Web and Video Conferencing) 
compone ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2024-47189 (The API Interface of the AWV (Audio, Web and Video 
Conferencing) compo ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2024-46326 (Public Knowledge Project pkp-lib 3.4.0-7 and earlier is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: Public Knowledge Project pkp-lib
 CVE-2024-46239 (Multiple cross-site scripting vulnerabilities exist in 
PHPGurukul Hosp ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2024-46238 (Multiple Cross Site Scripting (XSS) vulnerabilities exist in 
PHPGuruku ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2024-46236 (CodeAstro Membership Management System v1.0 is vulnerable to 
Cross Sit ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2024-45309 (OneDev is a Git server with CI/CD, kanban, and packages. A 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: OneDev
 CVE-2024-43945 (Cross-Site Request Forgery (CSRF) vulnerability in Latepoint 
LatePoint ...)
-       TODO: check
+       NOT-FOR-US: Latepoint
 CVE-2024-40746 (A stored cross-site scripting (XSS) vulnerability in HikaShop 
Joomla C ...)
-       TODO: check
+       NOT-FOR-US: Joomla plugin
 CVE-2024-31007 (Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows 
a local ...)
-       TODO: check
+       NOT-FOR-US: IrfanView
 CVE-2022-49033 (In the Linux kernel, the following vulnerability has been 
resolved:  b ...)
        - linux 6.0.12-1
        [bullseye] - linux 5.10.158-1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55bcd05c29f68b87c2616216d98212ecff255c76

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55bcd05c29f68b87c2616216d98212ecff255c76
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits