[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 18 Dec 2024 13:04:06 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4a4b90d1 by Salvatore Bonaccorso at 2024-12-18T22:03:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79,11 +79,11 @@ CVE-2024-52579 (Misskey is an open source, federated social 
media platform. Some
 CVE-2024-52485 (Missing Authorization vulnerability in Yudiz Solutions Ltd. WP 
Menu Im ...)
        TODO: check
 CVE-2024-52361 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9  
   stor ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-51646 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        TODO: check
 CVE-2024-51470 (IBM MQ9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM 
MQ Appli ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-50570 (A Cleartext Storage of Sensitive Information vulnerability 
[CWE-312] i ...)
        TODO: check
 CVE-2024-4996 (Use of a hard-coded password for a database administrator 
account crea ...)
@@ -93,7 +93,7 @@ CVE-2024-4995 (Wapro ERP Desktop is vulnerable to MS SQL 
protocol downgrade requ
 CVE-2024-49677 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        TODO: check
 CVE-2024-49576 (A use-after-free vulnerability exists in the way Foxit Reader 
2024.3.0 ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2024-49363 (Misskey is an open source, federated social media platform. In 
affecte ...)
        TODO: check
 CVE-2024-49202 (Keyfactor Command before 12.5.0 has Incorrect Access Control: 
access t ...)
@@ -103,11 +103,11 @@ CVE-2024-49201 (Keyfactor Remote File Orchestrator (aka 
remote-file-orchestrator
 CVE-2024-48889 (An Improper Neutralization of Special Elements used in an OS 
Command ( ...)
        TODO: check
 CVE-2024-47810 (A use-after-free vulnerability exists in the way Foxit Reader 
2024.3.0 ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2024-47119 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 
does not ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-47104 (IBM i 7.4 and 7.5 is vulnerable to an authenticated user 
gaining eleva ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-47040 (There is a possible UAF due to a logic error in the code.This 
could le ...)
        TODO: check
 CVE-2024-47039 (In isSlotMarkedSuccessful of BootControl.cpp, there is a 
possible out  ...)
@@ -115,13 +115,13 @@ CVE-2024-47039 (In isSlotMarkedSuccessful of 
BootControl.cpp, there is a possibl
 CVE-2024-47038 (In dhd_prot_flowrings_pool_release of dhd_msgbuf.c, there is a 
possibl ...)
        TODO: check
 CVE-2024-45082 (IBM Cognos Analytics11.2.0 through 11.2.4 and 12.0.0 through 
12.0.3    ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-41752 (IBM Cognos Analytics11.2.0 through 11.2.4 and 12.0.0 through 
12.0.3 is ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-36694 (OpenCart 4.0.2.3 is vulnerable to Server-Side Template 
Injection (SSTI ...)
        TODO: check
 CVE-2024-25042 (IBM Cognos Analytics11.2.0 through 11.2.4 and 12.0.0 through 
12.0.3    ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-12741 (A deserialization of untrusted data vulnerability exists in NI 
DAQExpr ...)
        TODO: check
 CVE-2024-12554 (The Peter\u2019s Custom Anti-Spam plugin for WordPress is 
vulnerable t ...)
@@ -143,7 +143,7 @@ CVE-2024-11912 (The Travel Booking WordPress Theme theme 
for WordPress is vulner
 CVE-2024-11291 (The Paid Membership Subscriptions \u2013 Effortless 
Memberships, Recur ...)
        TODO: check
 CVE-2023-50956 (IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9  
 could  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-34990 (A relative path traversal in Fortinet FortiWLM version 8.6.0 
through 8 ...)
        TODO: check
 CVE-2024-56175 (In Optimizely Configured Commerce before 5.2.2408, malicious 
payloads  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a4b90d18b5bafc27e35c969a10ec9c10ed62bc0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a4b90d18b5bafc27e35c969a10ec9c10ed62bc0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to