[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 30 Apr 2024 14:43:15 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4f241123 by Salvatore Bonaccorso at 2024-04-30T23:42:31+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -56,15 +56,15 @@ CVE-2024-33102 (A stored cross-site scripting (XSS) 
vulnerability in the compone
 CVE-2024-33101 (A stored cross-site scripting (XSS) vulnerability in the 
component /ac ...)
        NOT-FOR-US: ThinkSAAS
 CVE-2024-2877 (Vault Enterprise, when configured with performance standby 
nodes and a ...)
-       TODO: check
+       NOT-FOR-US: HashiCorp Vault
 CVE-2024-2663 (The ZD YouTube FLV Player plugin for WordPress is vulnerable to 
Server ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-2617 (A vulnerability exists in the RTU500 that allows for 
authenticated and ...)
-       TODO: check
+       NOT-FOR-US: Hitachi
 CVE-2024-2378 (A vulnerability exists in the web-authentication component of 
the SDM6 ...)
-       TODO: check
+       NOT-FOR-US: Hitachi
 CVE-2024-2377 (A vulnerability exists in the too permissive HTTP response 
header web  ...)
-       TODO: check
+       NOT-FOR-US: Hitachi
 CVE-2024-29384 (An issue in CSS Exfil Protection v.1.1.0 allows a remote 
attacker to o ...)
        NOT-FOR-US: CSS Exfil Protection
 CVE-2024-29320 (Wallos before 1.15.3 is vulnerable to SQL Injection via the 
category a ...)
@@ -72,9 +72,9 @@ CVE-2024-29320 (Wallos before 1.15.3 is vulnerable to SQL 
Injection via the cate
 CVE-2024-28716 (An issue in OpenStack Storlets yoga-eom allows a remote 
attacker to ex ...)
        TODO: check
 CVE-2024-28269 (ReCrystallize Server 5.10.0.0 allows administrators to upload 
files to ...)
-       TODO: check
+       NOT-FOR-US: ReCrystallize Server
 CVE-2024-26331 (ReCrystallize Server 5.10.0.0 uses a authorization mechanism 
that reli ...)
-       TODO: check
+       NOT-FOR-US: ReCrystallize Server
 CVE-2024-25938 (A use-after-free vulnerability exists in the way Foxit Reader 
2024.1.0 ...)
        NOT-FOR-US: Foxit Reader
 CVE-2024-25648 (A use-after-free vulnerability exists in the way Foxit Reader 
2024.1.0 ...)
@@ -82,31 +82,31 @@ CVE-2024-25648 (A use-after-free vulnerability exists in 
the way Foxit Reader 20
 CVE-2024-25575 (A type confusion vulnerability vulnerability exists in the way 
Foxit R ...)
        NOT-FOR-US: Foxit Reader
 CVE-2024-23774 (An issue was discovered in Quest KACE Agent for Windows 
12.0.38 and 13 ...)
-       TODO: check
+       NOT-FOR-US: Quest KACE Agent
 CVE-2024-23773 (An issue was discovered in Quest KACE Agent for Windows 
12.0.38 and 13 ...)
-       TODO: check
+       NOT-FOR-US: Quest KACE Agent
 CVE-2024-23772 (An issue was discovered in Quest KACE Agent for Windows 
12.0.38 and 13 ...)
-       TODO: check
+       NOT-FOR-US: Quest KACE Agent
 CVE-2024-23463 (Anti-tampering protection of the Zscaler Client Connector can 
be bypas ...)
-       TODO: check
+       NOT-FOR-US: Zscaler
 CVE-2024-22546 (TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection 
via the ...)
-       TODO: check
+       NOT-FOR-US: TRENDnet TEW-815DAP
 CVE-2024-22405 (XADMaster is an objective-C library for archive and file 
unarchiving a ...)
        TODO: check
 CVE-2024-1895 (The Event Monster \u2013 Event Management, Tickets Booking, 
Upcoming E ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50915 (An issue exists in GalaxyClientService.exe in GOG Galaxy 
(Beta) 2.0.67 ...)
-       TODO: check
+       NOT-FOR-US: GOG Galaxy
 CVE-2023-50914 (A Privilege Escalation issue in the inter-process 
communication proced ...)
-       TODO: check
+       NOT-FOR-US: GOG Galaxy
 CVE-2023-50059 (An issue ingalxe.com Galxe platform 1.0 allows a remote 
attacker to ob ...)
-       TODO: check
+       NOT-FOR-US: ingalxe.com Galxe
 CVE-2023-50053 (An issue in Foundation.app Foundation platform 1.0 allows a 
remote att ...)
-       TODO: check
+       NOT-FOR-US: Foundation.app Foundation platform
 CVE-2023-49473 (Shenzhen JF6000 Cloud Media Collaboration Processing Platform 
firmware ...)
-       TODO: check
+       NOT-FOR-US: Shenzhen JF6000 Cloud Media Collaboration Processing 
Platform firmware
 CVE-2023-46304 (modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a 
remote au ...)
-       TODO: check
+       NOT-FOR-US: Vtiger CRM
 CVE-2023-45385 (ProQuality pqprintshippinglabels before v.4.15.0 is vulnerable 
to Dire ...)
        TODO: check
 CVE-2023-38002 (IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an 
authenticated ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f2411235e63e394a1ab6e7cb7ee0576ca9aee9e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f2411235e63e394a1ab6e7cb7ee0576ca9aee9e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to