[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 12 Aug 2024 13:21:42 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
434cf0f9 by Salvatore Bonaccorso at 2024-08-12T22:20:58+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,63 +1,63 @@
 CVE-2024-7700 (A command injection flaw was found in the "Host Init Config" 
template  ...)
        TODO: check
 CVE-2024-7697 (Logical vulnerability in the mobile application 
(com.transsion.carlcar ...)
-       TODO: check
+       NOT-FOR-US: mobile application (com.transsion.carlcare)
 CVE-2024-6917 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
-       TODO: check
+       NOT-FOR-US: Veribilim Software Veribase Order Management
 CVE-2024-6768 (A Denial of Service in CLFS.sys in Microsoft Windows 10, 
Windows 11, W ...)
        TODO: check
 CVE-2024-6758 (Improper Privilege ManagementinSprecher Automation SPRECON-E 
below ver ...)
-       TODO: check
+       NOT-FOR-US: Sprecher Automation
 CVE-2024-6684 (Authentication Bypass Using an Alternate Path or Channel 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: GST Electronics inohom Nova Panel N7
 CVE-2024-6639 (The MDx theme for WordPress is vulnerable to Stored Cross-Site 
Scripti ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-42748 (In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file 
/cgi-bin/cstecgi. ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42747 (In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file 
/cgi-bin/cstecgi. ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42745 (In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file 
/cgi-bin/cstecgi. ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42744 (In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file 
/cgi-bin/cstecgi. ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42743 (In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file 
/cgi-bin/cstecgi. ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42742 (In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file 
/cgi-bin/cstecgi. ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42741 (In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file 
/cgi-bin/cstecgi. ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42632 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42631 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42630 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42629 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42628 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42627 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42626 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42625 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42624 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42623 (FrogCMS v0.9.5 was discovered to contain a Cross-Site Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: FrogCMS
 CVE-2024-42547 (TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42546 (TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42545 (TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42543 (TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42520 (TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer 
overflow vulne ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2024-42489 (Pro Macros provides XWiki rendering macros. Missing escaping 
in the Vi ...)
-       TODO: check
+       NOT-FOR-US: XWiki Pro Macros
 CVE-2024-42485 (Filament Excel enables excel export for Filament admin 
resources. The  ...)
        TODO: check
 CVE-2024-42482 (fish-shop/syntax-check is a GitHub action for syntax checking 
fish she ...)
@@ -65,13 +65,13 @@ CVE-2024-42482 (fish-shop/syntax-check is a GitHub action 
for syntax checking fi
 CVE-2024-42481 (Skyport Daemon (skyportd) is the daemon for the Skyport Panel. 
By maki ...)
        TODO: check
 CVE-2024-42480 (Kamaji is the Hosted Control Plane Manager for Kubernetes. In 
versions ...)
-       TODO: check
+       NOT-FOR-US: Kamaji
 CVE-2024-42479 (llama.cpp provides LLM inference in C/C++. The unsafe `data` 
pointer m ...)
-       TODO: check
+       NOT-FOR-US: ggerganov/llama.cpp
 CVE-2024-42478 (llama.cpp provides LLM inference in C/C++. The unsafe `data` 
pointer m ...)
-       TODO: check
+       NOT-FOR-US: ggerganov/llama.cpp
 CVE-2024-42477 (llama.cpp provides LLM inference in C/C++. The unsafe `type` 
member in ...)
-       TODO: check
+       NOT-FOR-US: ggerganov/llama.cpp
 CVE-2024-42474 (Streamlit is a data oriented application development framework 
for pyt ...)
        TODO: check
 CVE-2024-42167 (The function "generate_app_certificates" in 
controllers/saml2/saml2.js ...)
@@ -87,9 +87,9 @@ CVE-2024-42163 (Insufficiently random values for generating 
password reset token
 CVE-2024-41909 (Like many other SSH implementations, Apache MINA SSHD suffered 
from th ...)
        TODO: check
 CVE-2024-41710 (A vulnerability in the Mitel 6800 Series, 6900 Series, and 
6900w Serie ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2024-41651 (An issue in Prestashop v.8.1.7 and before allows a remote 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: Prestashop
 CVE-2024-41475 (Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a 
CORS mis ...)
        TODO: check
 CVE-2024-40893 (Multiple authenticated operating system (OS) command injection 
vulnera ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/434cf0f92710d2e9a853da42ed5f7fc5cc74e705

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/434cf0f92710d2e9a853da42ed5f7fc5cc74e705
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to