[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Wed, 06 Mar 2024 00:29:20 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ee373b23 by Salvatore Bonaccorso at 2024-03-06T09:21:58+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2024-2179 (Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS 
via th ...)
-       TODO: check
+       NOT-FOR-US: Concrete CMS
 CVE-2024-27765 (Directory Traversal vulnerability in Jeewms v.3.7 and before 
allows a  ...)
        NOT-FOR-US: Jeewms
 CVE-2024-27764 (An issue in Jeewms v.3.7 and before allows a remote attacker 
to escala ...)
@@ -33,23 +33,23 @@ CVE-2024-24275 (Cross Site Scripting vulnerability in 
Teamwire Windows desktop c
 CVE-2024-22889 (Due to incorrect access control in Plone version v6.0.9, 
remote attack ...)
        TODO: check
 CVE-2024-1989 (The Social Sharing Plugin \u2013 Sassy Social Share plugin for 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1901 (Denial of service in PAM password rotation during the check-in 
process ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2024-1900 (Improper session management in the identity provider 
authentication fl ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2024-1898 (Improper access control in the notification feature in 
Devolutions Ser ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2024-1771 (The Total theme for WordPress is vulnerable to unauthorized 
modificati ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-1764 (Improper privilege management in Just-in-time (JIT) elevation 
module i ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2024-1760 (The Appointment Booking Calendar \u2014 Simply Schedule 
Appointments B ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1356 (Authenticated command injection vulnerabilities exist in the 
ArubaOS c ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2024-1220 (A stack-based buffer overflow in the built-in web server in 
Moxa NPort ...)
-       TODO: check
+       NOT-FOR-US: Moxa
 CVE-2023-49977 (A cross-site scripting (XSS) vulnerability in Customer Support 
System  ...)
        TODO: check
 CVE-2023-49976 (A cross-site scripting (XSS) vulnerability in Customer Support 
System  ...)
@@ -57,21 +57,21 @@ CVE-2023-49976 (A cross-site scripting (XSS) vulnerability 
in Customer Support S
 CVE-2023-49974 (A cross-site scripting (XSS) vulnerability in Customer Support 
System  ...)
        TODO: check
 CVE-2023-49973 (A cross-site scripting (XSS) vulnerability in Customer Support 
System  ...)
-       TODO: check
+       NOT-FOR-US: Customer Support System
 CVE-2023-49971 (A cross-site scripting (XSS) vulnerability in Customer Support 
System  ...)
-       TODO: check
+       NOT-FOR-US: Customer Support System
 CVE-2023-48644 (An issue was discovered in the Archibus app 4.0.3 for iOS. 
There is an ...)
-       TODO: check
+       NOT-FOR-US: Archibus app for iOS
 CVE-2023-43318 (TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 
allows at ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2023-38946 (An issue in Multilaser RE160 firmware v5.07.51_pt_MTL01 and 
v5.07.52_p ...)
-       TODO: check
+       NOT-FOR-US: Multilaser RE160 firmware
 CVE-2023-38945 (Multilaser RE160 v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01, 
Multilaser R ...)
-       TODO: check
+       NOT-FOR-US: Multilaser
 CVE-2023-38944 (An issue in Multilaser RE160V firmware v12.03.01.09_pt and 
Multilaser  ...)
-       TODO: check
+       NOT-FOR-US: Multilaser
 CVE-2023-33677 (Sourcecodester Lost and Found Information System's Version 1.0 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester Lost and Found Information System
 CVE-2024-2176
        - chromium 122.0.6261.111-1
        [bullseye] - chromium <end-of-life> (see #1061268)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee373b2331ca03a2fceff7384c72edcad152c256

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee373b2331ca03a2fceff7384c72edcad152c256
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to