[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Mon, 22 Apr 2024 14:28:36 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
31bf8786 by Moritz Muehlenhoff at 2024-04-22T23:27:47+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,87 +1,87 @@
 CVE-2024-4040 (VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 
and 11.1. ...)
-       TODO: check
+       NOT-FOR-US: CrushFTP
 CVE-2024-4026 (Cross-Site Scripting (XSS) vulnerability in the Holded 
application. Th ...)
-       TODO: check
+       NOT-FOR-US: Holded
 CVE-2024-3645 (The Essential Addons for Elementor Pro plugin for WordPress is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32691 (Missing Authorization vulnerability in realmag777 Active 
Products Tabl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32688 (Missing Authorization vulnerability in Long Watch Studio 
MyRewards.Thi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32687 (Missing Authorization vulnerability in WPClever WPC Frequently 
Bought  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32684 (Missing Authorization vulnerability in Wpmet Wp Ultimate 
Review.This i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32682 (Missing Authorization vulnerability in BdThemes Prime Slider 
\u2013 Ad ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32681 (Missing Authorization vulnerability in BdThemes Prime Slider 
\u2013 Ad ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-32407 (An issue in inducer relate before v.2024.1 allows a remote 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: inducer relate
 CVE-2024-32405 (Cross Site Scripting vulnerability in inducer relate before 
v.2024.1 a ...)
-       TODO: check
+       NOT-FOR-US: inducer relate
 CVE-2024-32399 (Directory Traversal vulnerability in RaidenMAILD Mail Server 
v.4.9.4 a ...)
-       TODO: check
+       NOT-FOR-US: RaidenMAILD Mail Server
 CVE-2024-32368 (Insecure Permission vulnerability in Agasta Sanketlife 2.0 
Pocket 12-L ...)
-       TODO: check
+       NOT-FOR-US: Agasta Sanketlife
 CVE-2024-32238 (H3C ER8300G2-X is vulnerable to Incorrect Access Control. The 
password ...)
-       TODO: check
+       NOT-FOR-US: H3C ER8300G2-X
 CVE-2024-32205
        REJECTED
 CVE-2024-31666 (An issue in flusity-CMS v.2.33 allows a remote attacker to 
execute arb ...)
-       TODO: check
+       NOT-FOR-US: flusity-CMS
 CVE-2024-31545 (Computer Laboratory Management System v1.0 is vulnerable to 
SQL Inject ...)
-       TODO: check
+       NOT-FOR-US: Computer Laboratory Management System
 CVE-2024-29661 (A File Upload vulnerability in DedeCMS v5.7 allows a local 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2024-29376 (Sylius 1.12.13 is vulnerable to Cross Site Scripting (XSS) via 
the "Pr ...)
-       TODO: check
+       NOT-FOR-US: Sylius
 CVE-2024-28717 (An issue in OpenStack Storlets yoga-eom allows a remote 
attacker to ex ...)
-       TODO: check
+       NOT-FOR-US: OpenStack Storlets yoga-eom
 CVE-2024-28699 (A buffer overflow vulnerability in pdf2json v0.70 allows a 
local attac ...)
        TODO: check
 CVE-2024-28436 (Cross Site Scripting vulnerability in D-Link DAP products 
DAP-2230, DA ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2024-22856 (A SQL injection vulnerability via the Save Favorite Search 
function in ...)
-       TODO: check
+       NOT-FOR-US: Axefinance Axe Credit Portal
 CVE-2024-22815 (An issue in the communication protocol of Tormach xsTECH CNC 
Router, P ...)
-       TODO: check
+       NOT-FOR-US: Tormach xsTECH
 CVE-2024-22813 (An issue in Tormach xsTECH CNC Router, PathPilot Controller 
v2.9.6 all ...)
-       TODO: check
+       NOT-FOR-US: Tormach xsTECH
 CVE-2024-22811 (An issue in Tormach xsTECH CNC Router, PathPilot Controller 
v2.9.6 all ...)
-       TODO: check
+       NOT-FOR-US: Tormach xsTECH
 CVE-2024-22809 (Incorrect access control in Tormach xsTECH CNC Router, 
PathPilot Contr ...)
-       TODO: check
+       NOT-FOR-US: Tormach xsTECH
 CVE-2024-22808 (An issue in Tormach xsTECH CNC Router, PathPilot Controller 
v2.9.6 all ...)
-       TODO: check
+       NOT-FOR-US: Tormach xsTECH
 CVE-2024-22807 (An issue in Tormach xsTECH CNC Router, PathPilot Controller 
v2.9.6 all ...)
-       TODO: check
+       NOT-FOR-US: Tormach xsTECH
 CVE-2023-38302 (A certain software build for the Sharp Rouvo V device 
(SHARP/VZW_STTM2 ...)
-       TODO: check
+       NOT-FOR-US: Sharp
 CVE-2023-38301 (An issue was discovered in a third-party component related to 
vendor.g ...)
-       TODO: check
+       NOT-FOR-US: vendor.gsm.serial,
 CVE-2023-38300 (A certain software build for the Orbic Maui device 
(Orbic/RC545L/RC545 ...)
-       TODO: check
+       NOT-FOR-US: Orbic Maui
 CVE-2023-38299 (Various software builds for the AT&T Calypso, Nokia C100, 
Nokia C200,  ...)
-       TODO: check
+       NOT-FOR-US: Nokia
 CVE-2023-38298 (Various software builds for the following TCL devices (30Z, 
A3X, 20XE, ...)
-       TODO: check
+       NOT-FOR-US: TCL
 CVE-2023-38297 (An issue was discovered in a third-party com.factory.mmigroup 
componen ...)
-       TODO: check
+       NOT-FOR-US: com.factory.mmigroup
 CVE-2023-38296 (Various software builds for the following TCL 30Z and TCL A3X 
devices  ...)
-       TODO: check
+       NOT-FOR-US: TCL
 CVE-2023-38295 (Certain software builds for the TCL 30Z and TCL 10 Android 
devices con ...)
-       TODO: check
+       NOT-FOR-US: TCL
 CVE-2023-38294 (Certain software builds for the Itel Vision 3 Turbo Android 
device con ...)
-       TODO: check
+       NOT-FOR-US: Itel
 CVE-2023-38293 (Certain software builds for the Nokia C200 and Nokia C100 
Android devi ...)
-       TODO: check
+       NOT-FOR-US: Nokia
 CVE-2023-38292 (Certain software builds for the TCL 20XE Android device 
contain a vuln ...)
-       TODO: check
+       NOT-FOR-US: TCL
 CVE-2023-38291 (An issue was discovered in a third-party component related to 
ro.boot. ...)
-       TODO: check
+       NOT-FOR-US: ro.boot.wifimacaddr
 CVE-2023-38290 (Certain software builds for the BLU View 2 and Sharp Rouvo V 
Android d ...)
-       TODO: check
+       NOT-FOR-US: BLU / Sharp
 CVE-2024-27349 (Authentication Bypass by Spoofing vulnerability in Apache 
HugeGraph-Se ...)
        NOT-FOR-US: Apache HugeGraph-Hubble
 CVE-2024-27348 (RCE-Remote Command Execution vulnerability in Apache 
HugeGraph-Server. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31bf878674e2a5767600167060d61694690344bd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31bf878674e2a5767600167060d61694690344bd
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to