[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 03 Sep 2024 13:52:51 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a77fe801 by Salvatore Bonaccorso at 2024-09-03T22:46:30+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -48,21 +48,21 @@ CVE-2024-7346 (Host name validation for TLS certificates is 
bypassed when the in
 CVE-2024-7345 (Local ABL Client bypass of the required PASOE security checks 
may allo ...)
        TODO: check
 CVE-2024-6473 (Yandex Browser for Desktop before 24.7.1.380 has a DLL 
Hijacking Vulne ...)
-       TODO: check
+       NOT-FOR-US: Yandex Browser for Desktop
 CVE-2024-4629 (A vulnerability was found in Keycloak. This flaw allows 
attackers to b ...)
-       TODO: check
+       NOT-FOR-US: Keycloak
 CVE-2024-4259 (Improper Privilege Management vulnerability in SAMPA\u015e 
Holding AKO ...)
        TODO: check
 CVE-2024-45678 (Yubico YubiKey 5 Series devices with firmware before 5.7.0 and 
YubiHSM ...)
        TODO: check
 CVE-2024-45588 (This vulnerability exists in Symphony XTS Web Trading platform 
version ...)
-       TODO: check
+       NOT-FOR-US: Symphony XTS Web Trading platform
 CVE-2024-45587 (This vulnerability exists in Symphony XTS Web Trading platform 
version ...)
-       TODO: check
+       NOT-FOR-US: Symphony XTS Web Trading platform
 CVE-2024-45586 (This vulnerability exists due to improper access controls on 
APIs in t ...)
-       TODO: check
+       NOT-FOR-US: Symphony XTS Web Trading platform
 CVE-2024-45391 (Tina is an open-source content management system (CMS). Sites 
building ...)
-       TODO: check
+       NOT-FOR-US: Tina CMS
 CVE-2024-45390 (@blakeembrey/template is a string template library. Prior to 
version 1 ...)
        TODO: check
 CVE-2024-45389 (Pagefind, a fully static search library, initializes its 
dynamic JavaS ...)
@@ -70,21 +70,21 @@ CVE-2024-45389 (Pagefind, a fully static search library, 
initializes its dynamic
 CVE-2024-45307 (SudoBot, a Discord moderation bot, is vulnerable to privilege 
escalati ...)
        TODO: check
 CVE-2024-45180 (SquaredUp DS for SCOM 6.2.1.11104 allows XSS.)
-       TODO: check
+       NOT-FOR-US: SquaredUp DS for SCOM
 CVE-2024-44921 (SeaCMS v12.9 was discovered to contain a SQL injection 
vulnerability v ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2024-44920 (A cross-site scripting (XSS) vulnerability in the component 
admin_coll ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2024-43803 (The Bare Metal Operator (BMO) implements a Kubernetes API for 
managing ...)
        TODO: check
 CVE-2024-43413 (Xibo is an open source digital signage platform with a web 
content man ...)
-       TODO: check
+       NOT-FOR-US: Xibo
 CVE-2024-43412 (Xibo is an open source digital signage platform with a web 
content man ...)
-       TODO: check
+       NOT-FOR-US: Xibo
 CVE-2024-42991 (MCMS v5.4.1 has front-end file upload vulnerability which can 
lead to  ...)
-       TODO: check
+       NOT-FOR-US: MCMS
 CVE-2024-42904 (A cross-site scripting (XSS) vulnerability in SysPass 3.2.x 
allows att ...)
-       TODO: check
+       NOT-FOR-US: SysPass
 CVE-2024-42903 (A Host header injection vulnerability in the password reset 
function o ...)
        TODO: check
 CVE-2024-42902 (An issue in the js_localize.php function of LimeSurvey v6.6.2 
and befo ...)
@@ -96,11 +96,11 @@ CVE-2024-41718
 CVE-2024-41436 (ClickHouse v24.3.3.102 was discovered to contain a buffer 
overflow via ...)
        TODO: check
 CVE-2024-41435 (YugabyteDB v2.21.1.0 was discovered to contain a buffer 
overflow via t ...)
-       TODO: check
+       NOT-FOR-US: YugabyteDB
 CVE-2024-3655 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel 
Driver, Arm ...)
        TODO: check
 CVE-2024-38811 (VMware Fusion (13.x before 13.6) contains a code-execution 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2024-38456 (HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 
4.25.01.01 for Wi ...)
        TODO: check
 CVE-2024-34463 (BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices 
send sensit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a77fe801271ed090cac14607f5478cf7e02f1389

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a77fe801271ed090cac14607f5478cf7e02f1389
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to