[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 12 Mar 2024 01:53:24 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6d20aaeb by Salvatore Bonaccorso at 2024-03-12T09:51:59+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,49 +1,49 @@
 CVE-2024-28199 (phlex is an open source framework for building object-oriented 
views i ...)
        TODO: check
 CVE-2024-28163 (Under certain conditions, Support Web Pages of SAP NetWeaver 
Process I ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-28120 (codeium-chrome is an open source code completion plugin for 
the chrome ...)
        TODO: check
 CVE-2024-27938 (Postal is an open source SMTP server. Postal versions less 
than 3.0.0  ...)
        TODO: check
 CVE-2024-27902 (Applications based on SAP GUI for HTML in SAP NetWeaver AS 
ABAP - vers ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-27900 (Due to missing authorization check, attacker with business 
user accoun ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-27297 (Nix is a package manager for Linux and other Unix systems. A 
fixed-out ...)
        TODO: check
 CVE-2024-27121 (Path traversal vulnerability exists in Machine Automation 
Controller N ...)
        TODO: check
 CVE-2024-26521 (HTML Injection vulnerability in CE Phoenix v1.0.8.20 and 
before allows ...)
-       TODO: check
+       NOT-FOR-US: CE Phoenix
 CVE-2024-25854 (Cross Site Scripting (XSS) vulnerability in Sourcecodester 
Insurance M ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester Insurance Management System
 CVE-2024-25645 (Under certain conditionSAPNetWeaver (Enterprise Portal) - 
version 7.50 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-25644 (Under certain conditions SAP NetWeaverWSRM- version 7.50, 
allows an at ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-25331 (DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B 
Firmware v2.0 ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2024-25325 (SQL injection vulnerability in Employee Management System 
v.1.0 allows ...)
-       TODO: check
+       NOT-FOR-US: Employee Management System
 CVE-2024-25114 (Collabora Online is a collaborative online office suite based 
on Libre ...)
-       TODO: check
+       NOT-FOR-US: Collabora Online
 CVE-2024-24964 (Improper access control vulnerability exists in the resident 
process o ...)
-       TODO: check
+       NOT-FOR-US: SKYSEA Client View
 CVE-2024-22133 (SAP Fiori Front End Server - version 605, allows altering of 
approver  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-22127 (SAP NetWeaver Administrator AS Java (Administrator Log Viewer 
plug-in) ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-21805 (Improper access control vulnerability exists in the specific 
folder of ...)
-       TODO: check
+       NOT-FOR-US: SKYSEA Client View
 CVE-2024-21584 (Pleasanter 1.3.49.0 and earlier contains a cross-site 
scripting vulner ...)
-       TODO: check
+       NOT-FOR-US: Pleasanter
 CVE-2024-1645 (The Mollie Forms plugin for WordPress is vulnerable to 
unauthorized ac ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-1400 (The Mollie Forms plugin for WordPress is vulnerable to 
unauthorized po ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-6814 (Insertion of Sensitive Information into Log File vulnerability 
in Hita ...)
-       TODO: check
+       NOT-FOR-US: Hitachi
 CVE-2023-49785 (NextChat, also known as ChatGPT-Next-Web, is a cross-platform 
chat use ...)
        TODO: check
 CVE-2023-49453 (Reflected cross-site scripting (XSS) vulnerability in 
Racktables v0.22 ...)
@@ -86820,7 +86820,7 @@ CVE-2022-46072 (Helmet Store Showroom v1.0 vulnerable 
to unauthenticated SQL Inj
 CVE-2022-46071 (There is SQL Injection vulnerability at Helmet Store Showroom 
v1.0 Log ...)
        NOT-FOR-US: Helmet Store Showroom
 CVE-2022-46070 (GV-ASManager V6.0.1.0 contains a Local File Inclusion 
vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: GV-ASManager
 CVE-2022-46069
        RESERVED
 CVE-2022-46068



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d20aaebdc9cc9d234f4bedcb7aa599252128fc0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d20aaebdc9cc9d234f4bedcb7aa599252128fc0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to