[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 04 Oct 2024 13:46:45 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
da801b57 by Salvatore Bonaccorso at 2024-10-04T22:46:07+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,81 +37,81 @@ CVE-2024-47789 (** UNSUPPORTED WHEN ASSIGNED ** This 
vulnerability exists in D3D
 CVE-2024-47769 (IDURAR is open source ERP CRM accounting invoicing software. 
The vulne ...)
        NOT-FOR-US: IDURAR
 CVE-2024-47768 (Lif Authentication Server is a server used by Lif to do 
various tasks  ...)
-       TODO: check
+       NOT-FOR-US: Lif Auth Server
 CVE-2024-47765 (Minecraft MOTD Parser is a PHP library to parse minecraft 
server motd. ...)
        TODO: check
 CVE-2024-47764 (cookie is a basic HTTP cookie parser and serializer for HTTP 
servers.  ...)
        TODO: check
 CVE-2024-47657 (This vulnerability exists in the Shilpi Net Back Office due to 
imprope ...)
-       TODO: check
+       NOT-FOR-US: Shilpi Net Back Office
 CVE-2024-47656 (This vulnerability exists in Shilpi Client Dashboard due to 
missing re ...)
-       TODO: check
+       NOT-FOR-US: Shilpi Client Dashboard
 CVE-2024-47655 (This vulnerability exists in the Shilpi Client Dashboard due 
to improp ...)
-       TODO: check
+       NOT-FOR-US: Shilpi Client Dashboard
 CVE-2024-47654 (This vulnerability exists in Shilpi Client Dashboard due to 
lack of ra ...)
-       TODO: check
+       NOT-FOR-US: Shilpi Client Dashboard
 CVE-2024-47653 (This vulnerability exists in Shilpi Client Dashboard due to 
lack of au ...)
-       TODO: check
+       NOT-FOR-US: Shilpi Client Dashboard
 CVE-2024-47652 (This vulnerability exists in Shilpi Client Dashboard due to 
implementa ...)
-       TODO: check
+       NOT-FOR-US: Shilpi Client Dashboard
 CVE-2024-47651 (This vulnerability exists in Shilpi Client Dashboard due to 
improper h ...)
-       TODO: check
+       NOT-FOR-US: Shilpi Client Dashboard
 CVE-2024-47211 (In OpenStack Ironic before 21.4.4, 22.x and 23.x before 
23.0.3, 23.x a ...)
        TODO: check
 CVE-2024-47183 (Parse Server is an open source backend that can be deployed to 
any inf ...)
-       TODO: check
+       NOT-FOR-US: Parse Server
 CVE-2024-46486 (TP-LINK TL-WDR5620 v2.3 was discovered to contain a remote 
code execut ...)
-       TODO: check
+       NOT-FOR-US: TP-LINK
 CVE-2024-46409 (A stored cross-site scripting (XSS) vulnerability in SeedDMS 
v6.0.28 a ...)
-       TODO: check
+       NOT-FOR-US: SeedDMS
 CVE-2024-46078 (itsourcecode Sports Management System Project 1.0 is 
vulnerable to SQL ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode Sports Management System Project
 CVE-2024-46077 (itsourcecode Online Tours and Travels Management System v1.0 
is vulner ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode Online Tours and Travels Management System
 CVE-2024-44439 (An issue in Shanghai Zhouma Network Technology CO., Ltd IMS 
Intelligen ...)
-       TODO: check
+       NOT-FOR-US: Shanghai Zhouma Network Technology CO
 CVE-2024-43687 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2024-43686 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2024-43685 (Improper Authentication vulnerability in Microchip 
TimeProvider 4100 ( ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2024-43684 (Cross-Site Request Forgery (CSRF) vulnerability in Microchip 
TimeProvi ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2024-43683 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in M ...)
-       TODO: check
+       NOT-FOR-US: Microchip
 CVE-2024-41516 (A Reflected cross-site scripting (XSS) vulnerability in 
"ccHandler.asp ...)
-       TODO: check
+       NOT-FOR-US: CADClick
 CVE-2024-41515 (A reflected cross-site scripting (XSS) vulnerability in 
"ccHandlerReso ...)
-       TODO: check
+       NOT-FOR-US: CADClick
 CVE-2024-41514 (A reflected cross-site scripting (XSS) vulnerability in 
"PrevPgGroup.a ...)
-       TODO: check
+       NOT-FOR-US: CADClick
 CVE-2024-41513 (A reflected cross-site scripting (XSS) vulnerability in 
"Artikel.aspx" ...)
-       TODO: check
+       NOT-FOR-US: CADClick
 CVE-2024-41512 (A SQL Injection vulnerability in "ccHandler.aspx" in all 
versions of C ...)
-       TODO: check
+       NOT-FOR-US: CADClick
 CVE-2024-41511 (A Path Traversal (Local File Inclusion) vulnerability in 
"BinaryFileRe ...)
-       TODO: check
+       NOT-FOR-US: CADClick
 CVE-2024-38040 (There is a local file inclusion vulnerability in Esri Portal 
for ArcGI ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-38039 (There is an HTML injection vulnerability in Esri Portal for 
ArcGIS ver ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-38038 (There is a reflected XSS vulnerability in Esri Portal for 
ArcGIS versi ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-38037 (There is an unvalidated redirect vulnerability in Esri Portal 
for ArcG ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-38036 (There is a reflected XSS vulnerability in Esri Portal for 
ArcGIS versi ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-25707 (There is a reflected cross site scripting in Esri Portal for 
ArcGIS 11 ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-25702 (There is a stored Cross-site Scripting vulnerability in Esri 
Portal fo ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-25701 (There is a stored Cross-site Scripting vulnerability in Esri 
Portal fo ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-25694 (There is a stored Cross-site Scripting vulnerability in Esri 
Portal fo ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-25691 (There is a reflected XSS vulnerability in Esri Portal for 
ArcGIS versi ...)
-       TODO: check
+       NOT-FOR-US: Esri Portal for ArcGIS
 CVE-2024-47191
        {DSA-5784-1}
        - oath-toolkit 2.6.12-1
@@ -124030,9 +124030,9 @@ CVE-2023-26773 (Cross Site Scripting vulnerability 
found in Sales Tracker Manage
 CVE-2023-26772
        RESERVED
 CVE-2023-26771 (Taskcafe 0.3.2 is vulnerable to Cross Site Scripting (XSS). 
There is a ...)
-       TODO: check
+       NOT-FOR-US: Taskcafe
 CVE-2023-26770 (TaskCafe 0.3.2 lacks validation in the Cookie value. Any 
unauthenticat ...)
-       TODO: check
+       NOT-FOR-US: Taskcafe
 CVE-2023-26769 (Buffer Overflow vulnerability found in Liblouis Lou_Trace 
v.3.24.0 all ...)
        - liblouis 3.24.0-2 (bug #1033202; unimportant)
        NOTE: https://github.com/liblouis/liblouis/pull/1300



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da801b57073d92988f5a00ddda252bce0f164bc2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da801b57073d92988f5a00ddda252bce0f164bc2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to