[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Mon, 18 Nov 2024 12:57:59 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5e0ea67e by Salvatore Bonaccorso at 2024-11-18T21:47:18+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -70,11 +70,11 @@ CVE-2024-52316 (Unchecked Error Condition vulnerability in 
Apache Tomcat. If Tom
 CVE-2024-52303 (aiohttp is an asynchronous HTTP client/server framework for 
asyncio an ...)
        TODO: check
 CVE-2024-51743 (MarkUs is a web application for the submission and grading of 
student  ...)
-       TODO: check
+       NOT-FOR-US: MarkUs
 CVE-2024-51499 (MarkUs is a web application for the submission and grading of 
student  ...)
-       TODO: check
+       NOT-FOR-US: MarkUs
 CVE-2024-50919 (Jpress until v5.1.1 has arbitrary file uploads on the windows 
platform ...)
-       TODO: check
+       NOT-FOR-US: Jpress
 CVE-2024-48917 (PhpSpreadsheet is a PHP library for reading and writing 
spreadsheet fi ...)
        TODO: check
 CVE-2024-48901 (A vulnerability was found in Moodle. Additional checks are 
required to ...)
@@ -86,21 +86,21 @@ CVE-2024-48897 (A vulnerability was found in Moodle. 
Additional checks are requi
 CVE-2024-48896 (A vulnerability was found in Moodle. It is possible for users 
with the ...)
        TODO: check
 CVE-2024-48294 (A NULL pointer dereference in the component libPdfCore.dll of 
Wondersh ...)
-       TODO: check
+       NOT-FOR-US: Wondershare PDF Reader
 CVE-2024-48293 (Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 
and ear ...)
-       TODO: check
+       NOT-FOR-US: QuickHeal Antivirus Pro
 CVE-2024-48292 (An issue in the wssrvc.exe service of QuickHeal Antivirus Pro 
Version  ...)
-       TODO: check
+       NOT-FOR-US: QuickHeal Antivirus Pro
 CVE-2024-47873 (PhpSpreadsheet is a PHP library for reading and writing 
spreadsheet fi ...)
        TODO: check
 CVE-2024-47820 (MarkUs, a web application for the submission and grading of 
student as ...)
-       TODO: check
+       NOT-FOR-US: MarkUs
 CVE-2024-47533 (Cobbler, a Linux installation server that allows for rapid 
setup of ne ...)
        TODO: check
 CVE-2024-44757 (An arbitrary file download vulnerability in the component 
/Basics/Down ...)
-       TODO: check
+       NOT-FOR-US: NUS-M9 ERP Management Software
 CVE-2024-44756 (NUS-M9 ERP Management Software v3.0.0 was discovered to 
contain a SQL  ...)
-       TODO: check
+       NOT-FOR-US: NUS-M9 ERP Management Software
 CVE-2024-43416 (GLPI is a free asset and IT management software package. 
Starting in v ...)
        TODO: check
 CVE-2024-42392 (Improper Neutralization of Delimiters vulnerability in Cesanta 
Mongoos ...)
@@ -124,27 +124,27 @@ CVE-2024-42384 (Integer Overflow or Wraparound 
vulnerability in Cesanta Mongoose
 CVE-2024-42383 (Use of Out-of-range Pointer Offset vulnerability in Cesanta 
Mongoose W ...)
        TODO: check
 CVE-2024-41974 (A low privileged remote attackermay modify the BACNet service 
properti ...)
-       TODO: check
+       NOT-FOR-US: WAGO
 CVE-2024-41973 (A low privileged remote attacker canspecify an arbitrary file 
on the f ...)
-       TODO: check
+       NOT-FOR-US: WAGO
 CVE-2024-41972 (A low privileged remote attacker canoverwrite an arbitrary 
file on the ...)
-       TODO: check
+       NOT-FOR-US: WAGO
 CVE-2024-41971 (A low privileged remote attacker can overwrite an arbitrary 
file on th ...)
-       TODO: check
+       NOT-FOR-US: WAGO
 CVE-2024-41970 (A low privileged remote attackermay gain access to forbidden 
diagnosti ...)
-       TODO: check
+       NOT-FOR-US: WAGO
 CVE-2024-41969 (A low privileged remote attacker maymodify the configuration 
of the CO ...)
-       TODO: check
+       NOT-FOR-US: WAGO
 CVE-2024-41968 (A low privileged remote attacker may modify the docker 
settings setup  ...)
-       TODO: check
+       NOT-FOR-US: WAGO
 CVE-2024-41967 (A low privileged remote attackermay modify the boot mode 
configuration ...)
-       TODO: check
+       NOT-FOR-US: WAGO
 CVE-2024-3370 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Egebilgi Software Website Template
 CVE-2024-37155 (OpenCTI is an open source platform allowing organizations to 
manage th ...)
        TODO: check
 CVE-2024-28058 (In RSA NetWitness (NW) Platform before 12.5.1, even when an 
administra ...)
-       TODO: check
+       NOT-FOR-US: RSA NetWitness (NW) Platform
 CVE-2024-11319 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        TODO: check
 CVE-2024-11318 (An IDOR (Insecure Direct Object Reference) vulnerability has 
been disc ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e0ea67e7aad4c3e9a1885780983014d31252e03

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e0ea67e7aad4c3e9a1885780983014d31252e03
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to