[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 21 Dec 2024 00:26:20 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
23e67d36 by Salvatore Bonaccorso at 2024-12-21T09:25:05+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,47 +9,47 @@ CVE-2024-56335 (vaultwarden is an unofficial Bitwarden 
compatible server written
 CVE-2024-56334 (systeminformation is a System and OS information library for 
node.js.  ...)
        TODO: check
 CVE-2024-55509 (SQL injection vulnerability in CodeAstro Complaint Management 
System v ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro Complaint Management System
 CVE-2024-40875 (There is a cross-site scripting vulnerability in the 
management consol ...)
-       TODO: check
+       NOT-FOR-US: Absolute Secure Access
 CVE-2024-12846 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: Emlog Pro
 CVE-2024-12845 (A vulnerability classified as problematic was found in Emlog 
Pro up to ...)
-       TODO: check
+       NOT-FOR-US: Emlog Pro
 CVE-2024-12844 (A vulnerability classified as problematic has been found in 
Emlog Pro  ...)
-       TODO: check
+       NOT-FOR-US: Emlog Pro
 CVE-2024-12843 (A vulnerability was found in Emlog Pro up to 2.4.1. It has 
been rated  ...)
-       TODO: check
+       NOT-FOR-US: Emlog Pro
 CVE-2024-12771 (The eCommerce Product Catalog Plugin for WordPress plugin for 
WordPres ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12721 (The Custom Product Tabs For WooCommerce plugin for WordPress 
is vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12697 (The real.Kit plugin for WordPress is vulnerable to Stored 
Cross-Site S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12635 (The WP Docs plugin for WordPress is vulnerable to time-based 
SQL Injec ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12262 (The Ebook Store plugin for WordPress is vulnerable to 
Reflected Cross- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12066 (The SMSA Shipping(official) plugin for WordPress is vulnerable 
to arbi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11977 (The The kk Star Ratings \u2013 Rate Post & Collect User 
Feedbacks plug ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11975 (The Reactflow Visitor Recording and Heatmaps plugin for 
WordPress is v ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11938 (The One Click Upsell Funnel for WooCommerce \u2013  Funnel 
Builder for ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11811 (The Feedify \u2013 Web Push Notifications plugin for WordPress 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11682 (The G Web Pro Store Locator plugin for WordPress is vulnerable 
to Refl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11607 (The GTPayment Donations WordPress plugin through 1.0.0 does 
not have C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11349 (The AdForest theme for WordPress is vulnerable to 
authentication bypas ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-11287 (The Ebook Store plugin for WordPress is vulnerable to 
Reflected Cross- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11196 (The Multi-column Tag Map plugin for WordPress is vulnerable to 
Stored  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-7726 (There exists an unauthenticated accessible JTAG port on the 
Kioxia PM6 ...)
        NOT-FOR-US: Kioxia
 CVE-2024-56356 (In JetBrains TeamCity before 2024.12 insecure XMLParser 
configuration  ...)
@@ -132850,9 +132850,9 @@ CVE-2023-31282
 CVE-2023-31281
        RESERVED
 CVE-2023-31280 (An AirVantage online Warranty Checker tool vulnerability could 
allow a ...)
-       TODO: check
+       NOT-FOR-US: Sierra
 CVE-2023-31279 (The AirVantage platform is vulnerable to an unauthorized 
attacker regi ...)
-       TODO: check
+       NOT-FOR-US: Sierra
 CVE-2023-31245 (Devices using Snap One OvrC cloud are sent to a web address 
when acces ...)
        NOT-FOR-US: Snap One
 CVE-2023-31241 (Snap One OvrC cloud servers contain a route an attacker can 
use to byp ...)
@@ -359920,7 +359920,7 @@ CVE-2020-13714
 CVE-2020-13713
        REJECTED
 CVE-2020-13712 (A command injection is possible through the user interface, 
allowing a ...)
-       TODO: check
+       NOT-FOR-US: Sierra
 CVE-2020-13711
        RESERVED
 CVE-2020-13710



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23e67d361491686499f4ccdfdb7d98e04169bdaf

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23e67d361491686499f4ccdfdb7d98e04169bdaf
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to