[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sun, 18 Feb 2024 22:35:16 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
98146075 by Salvatore Bonaccorso at 2024-02-19T07:33:08+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2024-25628 (Alf.io is a free and open source event attendance management 
system. I ...)
-       TODO: check
+       NOT-FOR-US: Alf.io
 CVE-2024-25627 (Alf.io is a free and open source event attendance management 
system. A ...)
-       TODO: check
+       NOT-FOR-US: Alf.io
 CVE-2024-25468 (An issue in TOTOLINK X5000R V.9.1.0u.6369_B20230113 allows a 
remote at ...)
        NOT-FOR-US: TOTOLINK
 CVE-2024-25298 (An issue was discovered in REDAXO version 5.15.1, allows 
attackers to  ...)
@@ -30,11 +30,11 @@ CVE-2024-22336 (IBM QRadar Suite 1.10.12.0 through 
1.10.17.0 and IBM Cloud Pak f
 CVE-2024-22335 (IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak 
for Sec ...)
        NOT-FOR-US: IBM
 CVE-2024-21987 (SnapCenter versions 4.8 prior to 5.0 are susceptible to a  
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: NetApp
 CVE-2024-21984 (StorageGRID (formerly StorageGRID Webscale) versions prior to 
11.8  ar ...)
-       TODO: check
+       NOT-FOR-US: StorageGRID
 CVE-2024-21983 (StorageGRID (formerly StorageGRID Webscale) versions prior to 
11.8  ar ...)
-       TODO: check
+       NOT-FOR-US: StorageGRID
 CVE-2024-21500 (All versions of the package github.com/greenpau/caddy-security 
are vul ...)
        TODO: check
 CVE-2024-21499 (All versions of the package github.com/greenpau/caddy-security 
are vul ...)
@@ -54,59 +54,59 @@ CVE-2024-21493 (All versions of the package 
github.com/greenpau/caddy-security a
 CVE-2024-21492 (All versions of the package github.com/greenpau/caddy-security 
are vul ...)
        TODO: check
 CVE-2024-20986 (Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion M ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20980 (Vulnerability in the Oracle BI Publisher product of Oracle 
Analytics ( ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20958 (Vulnerability in the Oracle Installed Base product of Oracle 
E-Busines ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20956 (Vulnerability in the Oracle Agile Product Lifecycle Management 
for Pro ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20953 (Vulnerability in the Oracle Agile PLM product of Oracle Supply 
Chain ( ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20951 (Vulnerability in the Oracle Customer Interaction History 
product of Or ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20949 (Vulnerability in the Oracle Customer Interaction History 
product of Or ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20947 (Vulnerability in the Oracle Common Applications product of 
Oracle E-Bu ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20943 (Vulnerability in the Oracle Knowledge Management product of 
Oracle E-B ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20941 (Vulnerability in the Oracle Installed Base product of Oracle 
E-Busines ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20939 (Vulnerability in the Oracle CRM Technical Foundation product 
of Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20937 (Vulnerability in the JD Edwards EnterpriseOne Tools product of 
Oracle  ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20935 (Vulnerability in the Oracle Installed Base product of Oracle 
E-Busines ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20933 (Vulnerability in the Oracle Installed Base product of Oracle 
E-Busines ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20931 (Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion M ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20929 (Vulnerability in the Oracle Application Object Library product 
of Orac ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20927 (Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion M ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20917 (Vulnerability in the Oracle Enterprise Manager Base Platform 
product o ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20915 (Vulnerability in the Oracle Application Object Library product 
of Orac ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20913 (Vulnerability in the Oracle Business Intelligence Enterprise 
Edition p ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20911 (Vulnerability in Oracle Audit Vault and Database Firewall 
(component:  ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20909 (Vulnerability in Oracle Audit Vault and Database Firewall 
(component:  ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20907 (Vulnerability in the Oracle Web Applications Desktop 
Integrator produc ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20905 (Vulnerability in the JD Edwards EnterpriseOne Tools product of 
Oracle  ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-20903 (Vulnerability in the Java VM component of Oracle Database 
Server.  Sup ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2024-1512 (The MasterStudy LMS WordPress Plugin \u2013 for Online Courses 
and Edu ...)
-       TODO: check
+       NOT-FOR-US: WordPress Plugin
 CVE-2024-0610 (The Piraeus Bank WooCommerce Payment Gateway plugin for 
WordPress is v ...)
-       TODO: check
+       NOT-FOR-US: WordPress Plugin
 CVE-2023-6749 (Unchecked length coming from user input in settings shell)
        TODO: check
 CVE-2023-6249 (Signed to unsigned conversion esp32_ipm_send)
@@ -114,63 +114,63 @@ CVE-2023-6249 (Signed to unsigned conversion 
esp32_ipm_send)
 CVE-2023-5779 (can: out of bounds in remove_rx_filter function)
        TODO: check
 CVE-2023-52387 (Resource reuse vulnerability in the GPU module. Successful 
exploitatio ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52381 (Script injection vulnerability in the email module.Successful 
exploita ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52380 (Vulnerability of improper access control in the email 
module.Successfu ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52379 (Permission control vulnerability in the calendarProvider 
module.Succes ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52378 (Vulnerability of incorrect service logic in the 
WindowManagerServices  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52377 (Vulnerability of input data not being verified in the cellular 
data mo ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52376 (Information management vulnerability in the Gallery 
module.Successful  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52375 (Permission control vulnerability in the WindowManagerServices 
module.S ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52374 (Permission control vulnerability in the package management 
module.Succ ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52373 (Vulnerability of permission verification in the content 
sharing pop-up ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52372 (Vulnerability of input parameter verification in the motor 
module.Succ ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52371 (Vulnerability of null references in the motor 
module.Successful exploi ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52370 (Stack overflow vulnerability in the network acceleration 
module.Succes ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52369 (Stack overflow vulnerability in the NFC module.Successful 
exploitation ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52368 (Input verification vulnerability in the account 
module.Successful expl ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52367 (Vulnerability of improper access control in the media library 
module.S ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52366 (Out-of-bounds read vulnerability in the smart activity 
recognition mod ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52365 (Out-of-bounds read vulnerability in the smart activity 
recognition mod ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52363 (Vulnerability of defects introduced in the design process in 
the Contr ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52362 (Permission management vulnerability in the lock screen 
module.Successf ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52361 (The VerifiedBoot module has a vulnerability that may cause 
authenticat ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52360 (Logic vulnerabilities in the baseband.Successful exploitation 
of this  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52358 (Vulnerability of configuration defects in some APIs of the 
audio modul ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52357 (Vulnerability of serialization/deserialization mismatch in the 
vibrati ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-52097 (Vulnerability of foreground service restrictions being 
bypassed in the ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-50951 (IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak 
for Sec ...)
        NOT-FOR-US: IBM
 CVE-2023-45918 (ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr 
in tinf ...)
        TODO: check
 CVE-2023-31728 (Teltonika RUT240 devices with firmware before 07.04.2, when 
bridge mod ...)
-       TODO: check
+       NOT-FOR-US: Teltonika RUT240 devices
 CVE-2022-48621 (Vulnerability of missing authentication for critical functions 
in the  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2024-25466 (Directory Traversal vulnerability in React Native Document 
Picker befo ...)
        NOT-FOR-US: React Native Document Picker
 CVE-2024-25320 (Tongda OA v2017 and up to v11.9 was discovered to contain a 
SQL inject ...)
@@ -75762,7 +75762,7 @@ CVE-2023-21835 (Vulnerability in the Oracle Java SE, 
Oracle GraalVM Enterprise E
 CVE-2023-21834 (Vulnerability in the Oracle Self-Service Human Resources 
product of Or ...)
        NOT-FOR-US: Oracle
 CVE-2023-21833 (Vulnerability in the Oracle ZFS Storage Appliance Kit product 
of Oracl ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2023-21832 (Vulnerability in the Oracle BI Publisher product of Oracle 
Fusion Midd ...)
        NOT-FOR-US: Oracle
 CVE-2023-21831 (Vulnerability in the PeopleSoft Enterprise CS Academic 
Advisement prod ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/981460756a021965a34276d147ccb8710941392d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/981460756a021965a34276d147ccb8710941392d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to