[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3b3a5ce1 by Moritz Muehlenhoff at 2024-02-09T14:37:02+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -305,7 +305,7 @@ CVE-2024-24815 (CKEditor4 is an open source 
what-you-see-is-what-you-get HTML ed
 CVE-2024-24812 (Frappe is a full-stack web application framework that uses 
Python and  ...)
        NOT-FOR-US: Frappe Framework
 CVE-2024-24811 (SQLAlchemyDA is a generic database adapter for ZSQL methods. A 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SQLAlchemyDA
 CVE-2024-24771 (Open Forms allows users create and publish smart forms. 
Versions prior ...)
        NOT-FOR-US: Open Forms
 CVE-2024-24706 (Cross-Site Request Forgery (CSRF) vulnerability in Forum One 
WP-CFM wp ...)
@@ -627,7 +627,7 @@ CVE-2024-24112 (xmall v1.1 was discovered to contain a SQL 
injection vulnerabili
 CVE-2024-23304 (Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote 
unauthentica ...)
        NOT-FOR-US: Cybozu KUNAI for Android
 CVE-2024-23049 (An issue in symphony v.3.6.3 and before allows a remote 
attacker to ex ...)
-       TODO: check
+       NOT-FOR-US: symphony forum software
 CVE-2024-22853 (D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded 
password fo ...)
        NOT-FOR-US: D-LINK
 CVE-2024-22852 (D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a 
stack-based buff ...)
@@ -783,7 +783,7 @@ CVE-2024-0244 (Buffer overflow in CPCA PCFAX number process 
of Office Multifunct
 CVE-2024-0221 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery 
plugin ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-0202 (A security vulnerability has been identified in the cryptlib 
cryptogra ...)
-       TODO: check
+       NOT-FOR-US: cryptlib
 CVE-2023-7029 (The WordPress Button Plugin MaxButtons plugin for WordPress is 
vulnera ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-7014 (The Author Box, Guest Author and Co-Authors for Your Posts 
\u2013 Molo ...)
@@ -962,7 +962,7 @@ CVE-2024-23109 (An improper neutralization of special 
elements used in an os com
 CVE-2024-23108 (An improper neutralization of special elements used in an os 
command ( ...)
        NOT-FOR-US: FortiGuard
 CVE-2024-23054 (An issue in Plone Docker Official Image 5.2.13 (5221) 
open-source soft ...)
-       TODO: check
+       NOT-FOR-US: official Plone Docker image
 CVE-2024-22567 (File Upload vulnerability in MCMS 5.3.5 allows attackers to 
upload arb ...)
        NOT-FOR-US: MCMS
 CVE-2024-22202 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ 
and MySQL, ...)
@@ -982,9 +982,9 @@ CVE-2023-6874 (Prior to v7.4.0, Ember ZNet is vulnerable to 
a denial of service
 CVE-2023-6028 (A reflected cross-site scripting (XSS) vulnerability exists in 
the SVG ...)
        NOT-FOR-US: B&R Automation Runtime
 CVE-2023-5643 (Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel 
Driver ...)
-       TODO: check
+       NOT-FOR-US: Arm
 CVE-2023-5249 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel 
Driver, Arm ...)
-       TODO: check
+       NOT-FOR-US: Arm
 CVE-2023-52138 (Engrampa is an archive manager for the MATE environment. 
Engrampa is f ...)
        - engrampa <unfixed> (bug #1063494)
        NOTE: 
https://github.com/mate-desktop/engrampa/security/advisories/GHSA-c98h-v39w-3r7v
@@ -1693,7 +1693,7 @@ CVE-2024-21626 (runc is a CLI tool for spawning and 
running containers on Linux
        NOTE: 
https://github.com/opencontainers/runc/commit/ee73091a8d28692fa4868bac81aa40a0b05f9780
        NOTE: 
https://github.com/opencontainers/runc/commit/d8edada9f252873b88043279a71099db71941dea
 CVE-2024-24579 (stereoscope is a go library for processing container images 
and simula ...)
-       TODO: check
+       NOT-FOR-US: stereoscope
 CVE-2024-24566 (Lobe Chat is a chatbot framework that supports speech 
synthesis, multi ...)
        NOT-FOR-US: Lobe Chat
 CVE-2024-23637 (OctoPrint is a web interface for 3D printer.s OctoPrint 
versions up un ...)
@@ -56231,7 +56231,7 @@ CVE-2023-27003
 CVE-2023-27002
        RESERVED
 CVE-2023-27001 (An issue discovered in Egerie Risk Manager v4.0.5 allows 
attackers to  ...)
-       TODO: check
+       NOT-FOR-US: Egerie Risk Manager
 CVE-2023-27000 (Cross Site Scripting vulnerability found in NetScoutnGeniusOne 
v.6.3.4 ...)
        NOT-FOR-US: NetScoutnGeniusOne
 CVE-2023-26999 (An issue found in NetScout nGeniusOne v.6.3.4 allows a remote 
attacker ...)
@@ -61193,7 +61193,7 @@ CVE-2023-25367 (Siglent SDS 1104X-E 
SDS1xx4X-E_V6.1.37R9.ADS allows unfiltered u
 CVE-2023-25366 (In Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS, insecure SCPI 
interfa ...)
        NOT-FOR-US: Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS
 CVE-2023-25365 (Cross Site Scripting vulnerability found in October CMS 
v.3.2.0 allows ...)
-       TODO: check
+       NOT-FOR-US: October CMS
 CVE-2023-25364
        RESERVED
 CVE-2023-25363 (A use-after-free vulnerability in 
WebCore::RenderLayer::updateDescenda ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b3a5ce1c8545722c8dc7d5bb50c267b3af3f6cc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b3a5ce1c8545722c8dc7d5bb50c267b3af3f6cc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits