[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 22 Nov 2024 00:21:49 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2689fdb6 by Salvatore Bonaccorso at 2024-11-22T09:21:03+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2024-9542 (The Sky Addons for Elementor plugin for WordPress is vulnerable 
to Sen ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-9422 (The GEO my WP WordPress plugin before 4.5, gmw-premium-settings 
WordPr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-8735 (The MailMunch \u2013 Grow your Email List plugin for WordPress 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-8526 (A vulnerability in Automated Logic WebCTRL 7.0 could allow an 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Automated Logic WebCTRL
 CVE-2024-8525 (An unrestricted upload of file with dangerous type in Automated 
Logic  ...)
-       TODO: check
+       NOT-FOR-US: Automated Logic WebCTRL
 CVE-2024-7130 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: Kion Computer KION Exchange Programs Software
 CVE-2024-7026 (SQL Injection: Hibernate vulnerability in Teknogis Informatics 
Closed  ...)
-       TODO: check
+       NOT-FOR-US: Teknogis Informatics Closed Circuit Vehicle Tracking 
Software
 CVE-2024-7016 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: Smarttek Informatics Smart Doctor
 CVE-2024-53432 (While parsing certain malformed PLY files, PCL version 1.14.1 
crashes  ...)
        TODO: check
 CVE-2024-53429 (Open62541 v1.4.6 is has an assertion failure in 
fuzz_binary_decode, wh ...)
@@ -23,11 +23,11 @@ CVE-2024-53426 (A heap-buffer-overflow vulnerability has 
been identified in ntop
 CVE-2024-53425 (A heap-buffer-overflow vulnerability was discovered in the 
SkipSpacesA ...)
        TODO: check
 CVE-2024-53335 (TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer 
Overflo ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-53334 (TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer 
Overflo ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-53333 (TOTOLINK EX200 v4.0.3c.7646_B20201211 was found to contain a 
command i ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-52803 (LLama Factory enables fine-tuning of large language models. A 
critical ...)
        TODO: check
 CVE-2024-52799 (Argo Workflows Chart is used to set up argo and its needed 
dependencie ...)
@@ -35,21 +35,21 @@ CVE-2024-52799 (Argo Workflows Chart is used to set up argo 
and its needed depen
 CVE-2024-52309 (SFTPGo is a full-featured and highly configurable SFTP, 
HTTP/S, FTP/S  ...)
        TODO: check
 CVE-2024-52307 (authentik is an open-source identity provider. Due to the 
usage of a n ...)
-       TODO: check
+       NOT-FOR-US: authentik
 CVE-2024-52289 (authentik is an open-source identity provider. Redirect URIs 
in the OA ...)
-       TODO: check
+       NOT-FOR-US: authentik
 CVE-2024-52287 (authentik is an open-source identity provider. When using the 
client_c ...)
-       TODO: check
+       NOT-FOR-US: authentik
 CVE-2024-52056 (Path Traversal in the Manager component of Wowza Streaming 
Engine belo ...)
-       TODO: check
+       NOT-FOR-US: Wowza
 CVE-2024-52055 (Path Traversal in the Manager component of Wowza Streaming 
Engine belo ...)
-       TODO: check
+       NOT-FOR-US: Wowza
 CVE-2024-52054 (Path Traversal in the Manager component of Wowza Streaming 
Engine belo ...)
-       TODO: check
+       NOT-FOR-US: Wowza
 CVE-2024-52053 (Stored Cross-Site Scripting in the Manager component of Wowza 
Streamin ...)
-       TODO: check
+       NOT-FOR-US: Wowza
 CVE-2024-52052 (Wowza Streaming Engine below 4.9.1 permits an authenticated 
Streaming  ...)
-       TODO: check
+       NOT-FOR-US: Wowza
 CVE-2024-51367 (An arbitrary file upload vulnerability in the component 
\Users\usernam ...)
        TODO: check
 CVE-2024-51366 (An arbitrary file upload vulnerability in the component 
\Roaming\Omega ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2689fdb62795e7de6c882a404043f8e6711e6fb4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2689fdb62795e7de6c882a404043f8e6711e6fb4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to