[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 13 Aug 2024 01:15:01 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
180df110 by Salvatore Bonaccorso at 2024-08-13T10:13:38+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -95,15 +95,15 @@ CVE-2024-43124 (Improper Neutralization of Input During Web 
Page Generation (XSS
 CVE-2024-43123 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        TODO: check
 CVE-2024-42377 (SAP shared service framework allows an authenticated 
non-administrativ ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-42376 (SAP Shared Service Framework does not perform necessary 
authorization  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-42375 (SAP BusinessObjects Business Intelligence   Platform allows an 
authent ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-42374 (BEx Web Java Runtime Export Web Service does not sufficiently 
validate ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-42373 (SAP Student Life Cycle Management (SLcM) fails to conduct 
proper autho ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-41978 (A vulnerability has been identified in RUGGEDCOM RM1224 
LTE(4G) EU (6G ...)
        TODO: check
 CVE-2024-41977 (A vulnerability has been identified in RUGGEDCOM RM1224 
LTE(4G) EU (6G ...)
@@ -131,21 +131,21 @@ CVE-2024-41904 (A vulnerability has been identified in 
SINEC Traffic Analyzer (6
 CVE-2024-41903 (A vulnerability has been identified in SINEC Traffic Analyzer 
(6GK8822 ...)
        TODO: check
 CVE-2024-41737 (SAP CRM ABAP (Insights Management) allows an authenticated 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-41736 (Under certain conditions SAP Permit to Work allows an 
authenticated at ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-41735 (SAP Commerce Backoffice does not sufficiently encode 
user-controlled i ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-41734 (Due to missing authorization check in SAP NetWeaver 
Application Server ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-41733 (In SAP Commerce, valid user accounts can be identified during 
the cust ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-41732 (SAP NetWeaver Application Server ABAP allows   an 
unauthenticated atta ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-41731 (SAP BusinessObjects Business Intelligence Platform allows an 
authentic ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-41730 (In SAP BusinessObjects Business Intelligence Platform, if 
Single Signe ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-41683 (A vulnerability has been identified in Location Intelligence 
family (A ...)
        TODO: check
 CVE-2024-41682 (A vulnerability has been identified in Location Intelligence 
family (A ...)
@@ -165,11 +165,11 @@ CVE-2024-36398 (A vulnerability has been identified in 
SINEC NMS (All versions <
 CVE-2024-35775 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        TODO: check
 CVE-2024-33005 (Due to the missing authorization checks in the local systems, 
the admi ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-33003 (Some OCC API endpoints in SAP Commerce Cloud allows Personally 
Identif ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2024-28166 (SAP BusinessObjects Business Intelligence   Platform allows an 
authent ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2023-7066 (The affected applications contain an out of bounds read past 
the end o ...)
        TODO: check
 CVE-2024-7700 (A command injection flaw was found in the "Host Init Config" 
template  ...)
@@ -158523,7 +158523,7 @@ CVE-2022-38384
 CVE-2022-38383 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 
and IBM Q ...)
        NOT-FOR-US: IBM
 CVE-2022-38382 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 
and IBM Q ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-38105 (An information disclosure vulnerability exists in the 
cm_processREQ_NC ...)
        NOT-FOR-US: Asus
 CVE-2022-2870 (A vulnerability was found in laravel 5.1 and classified as 
problematic ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/180df1103509b2838f5b252a8179414d92847d6e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/180df1103509b2838f5b252a8179414d92847d6e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to