[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso (@carnil) Tue, 07 Jan 2025 12:25:46 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1a4652a8 by Salvatore Bonaccorso at 2025-01-07T21:24:56+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -123,7 +123,7 @@ CVE-2025-22502 (Improper Neutralization of Special Elements 
used in an SQL Comma
 CVE-2025-22500 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        TODO: check
 CVE-2025-22365 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: EMC2 Alert Boxes
 CVE-2025-22364 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
        TODO: check
 CVE-2025-22363 (Missing Authorization vulnerability in ORION Allada T-shirt 
Designer f ...)
@@ -345,15 +345,15 @@ CVE-2024-53522 (Bangkok Medical Software HOSxP XE 
v4.64.11.3 was discovered to c
 CVE-2024-53345 (An authenticated arbitrary file upload vulnerability in Car 
Rental Man ...)
        TODO: check
 CVE-2024-52893 (IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3  
could al ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-52891 (IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3   
could a ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-52813 (matrix-rust-sdk is an implementation of a Matrix client-server 
library ...)
        TODO: check
 CVE-2024-52367 (IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 
could dis ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-52366 (IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 
1.0.3could allo ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-51715 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2024-51700 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
@@ -389,9 +389,9 @@ CVE-2024-46601 (Elspec Engineering G5 Digital Fault 
Recorder Firmware v1.2.1.12
 CVE-2024-46242 (An issue in the validate_email function in 
CTFd/utils/validators/__ini ...)
        TODO: check
 CVE-2024-45640 (IBM Security ReaQta 3.12 returns sensitive information in an 
HTTP resp ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-45100 (IBM Security ReaQta 3.12could allow a privileged user to cause 
a denia ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-44450 (Multiple functions are vulnerable to Authorization Bypass in 
AIMS eCre ...)
        TODO: check
 CVE-2024-43243 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Theme ...)
@@ -403,15 +403,15 @@ CVE-2024-40748 (Lack of output escaping in the id 
attribute of menu lists.)
 CVE-2024-40747 (Various module chromes didn't properly process inputs, leading 
to XSS  ...)
        TODO: check
 CVE-2024-40702 (IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 
11.1.0  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-40427 (Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows 
attackers ...)
        TODO: check
 CVE-2024-35532 (An XML External Entity (XXE) injection vulnerability in 
Intersec Geosa ...)
        TODO: check
 CVE-2024-28778 (IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 
11.1.0  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-25037 (IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 
11.1.0  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-12738 (The User Profile Builder \u2013 Beautiful User Registration 
Forms, Use ...)
        TODO: check
 CVE-2024-12719 (The WordPress File Upload plugin for WordPress is vulnerable 
to unauth ...)
@@ -246305,7 +246305,7 @@ CVE-2022-22365 (IBM WebSphere Application Server 7.0, 
8.0, 8.5, and 9.0, with th
 CVE-2022-22364 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable 
to exte ...)
        NOT-FOR-US: IBM
 CVE-2022-22363 (IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 
11.1.0  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2022-22362
        RESERVED
 CVE-2022-22361 (IBM Business Automation Workflow traditional 21.0.1 through 
21.0.3, 20 ...)
@@ -319007,7 +319007,7 @@ CVE-2021-20457
 CVE-2021-20456
        RESERVED
 CVE-2021-20455 (IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 
11.1.0  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20454 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is 
vulnerable  ...)
        NOT-FOR-US: IBM
 CVE-2021-20453 (IBM WebSphere Application Server 8.0, 8.5, and 9.0 is 
vulnerable to a  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a4652a892c0e98150290081ba1ff77d2399a30d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a4652a892c0e98150290081ba1ff77d2399a30d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process more NFUs

Reply via email to