[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 09 Mar 2024 00:47:31 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0bc3e86d by Salvatore Bonaccorso at 2024-03-09T09:46:16+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2024-2329 (A vulnerability was found in Netentsec NS-ASG Application 
Security Gat ...)
-       TODO: check
+       NOT-FOR-US: Netentsec NS-ASG Application Security Gateway
 CVE-2024-28754 (RaspAP (aka raspap-webgui) through 3.0.9 allows remote 
attackers to ca ...)
-       TODO: check
+       NOT-FOR-US: RaspAP
 CVE-2024-28753 (RaspAP (aka raspap-webgui) through 3.0.9 allows remote 
attackers to re ...)
-       TODO: check
+       NOT-FOR-US: RaspAP
 CVE-2024-28184 (WeasyPrint helps web developers to create PDF documents. Since 
version ...)
-       TODO: check
+       NOT-FOR-US: WeasyPrint
 CVE-2024-28180 (Package jose aims to provide an implementation of the 
Javascript Objec ...)
        TODO: check
 CVE-2024-28176 (jose is JavaScript module for JSON Object Signing and 
Encryption, prov ...)
@@ -15,27 +15,27 @@ CVE-2024-28123 (Wasmi is an efficient and lightweight 
WebAssembly interpreter wi
 CVE-2024-28122 (JWX is Go module implementing various JWx 
(JWA/JWE/JWK/JWS/JWT, otherw ...)
        TODO: check
 CVE-2024-28089 (Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a 
remote att ...)
-       TODO: check
+       NOT-FOR-US: Hitron CODA-4582 2AHKM-CODA4589
 CVE-2024-25951 (A command injection vulnerability exists in local RACADM. A 
malicious  ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2024-25501 (An issue WinMail v.7.1 and v.5.1 and before allows a remote 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: WinMail
 CVE-2024-1767 (The Blocksy theme for WordPress is vulnerable to Stored 
Cross-Site Scr ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-1320 (The EventPrime \u2013 Events Calendar, Bookings and Tickets 
plugin for ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1125 (The EventPrime \u2013 Events Calendar, Bookings and Tickets 
plugin for ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1124 (The EventPrime \u2013 Events Calendar, Bookings and Tickets 
plugin for ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1123 (The EventPrime \u2013 Events Calendar, Bookings and Tickets 
plugin for ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50015 (An issue was discovered in Grandstream GXP14XX 1.0.8.9 and 
GXP16XX 1.0 ...)
-       TODO: check
+       NOT-FOR-US: Grandstream
 CVE-2023-49341 (An issue was discovered in Newland Nquire 1000 Interactive 
Kiosk versi ...)
-       TODO: check
+       NOT-FOR-US: Newland Nquire 1000 Interactive Kiosk
 CVE-2023-49340 (An issue was discovered in Newland Nquire 1000 Interactive 
Kiosk versi ...)
-       TODO: check
+       NOT-FOR-US: Newland Nquire 1000 Interactive Kiosk
 CVE-2023-46427 (An issue was discovered in gpac version 
2.3-DEV-rev588-g7edc40fee-mast ...)
        - gpac <unfixed>
        NOTE: https://github.com/gpac/gpac/issues/2641
@@ -45,7 +45,7 @@ CVE-2023-46426 (Heap-based Buffer Overflow vulnerability in 
gpac version 2.3-DEV
        NOTE: https://github.com/gpac/gpac/issues/2642
        NOTE: 
https://github.com/gpac/gpac/commit/14ec709a1ffae23ad777c37320290caa0a754341
 CVE-2023-32264 (CWE-1385 vulnerability in OpenText Documentum D2 affecting 
versions16. ...)
-       TODO: check
+       NOT-FOR-US: OpenText
 CVE-2024-2339 (PostgreSQL Anonymizer v1.2 contains a vulnerability  that 
allows a use ...)
        NOT-FOR-US: PostgreSQL Anonymizer
 CVE-2024-2338 (PostgreSQL Anonymizer v1.2 contains a SQL injection 
vulnerability that ...)
@@ -633,7 +633,7 @@ CVE-2024-24276 (Cross Site Scripting (XSS) vulnerability in 
Teamwire Windows des
 CVE-2024-24275 (Cross Site Scripting vulnerability in Teamwire Windows desktop 
client  ...)
        NOT-FOR-US: Teamwire Windows desktop client
 CVE-2024-22889 (Due to incorrect access control in Plone version v6.0.9, 
remote attack ...)
-       TODO: check
+       NOT-FOR-US: Plone
 CVE-2024-1989 (The Social Sharing Plugin \u2013 Sassy Social Share plugin for 
WordPre ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-1901 (Denial of service in PAM password rotation during the check-in 
process ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bc3e86d4e64005cf35ac26956d7a89f1eadc4c3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bc3e86d4e64005cf35ac26956d7a89f1eadc4c3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to