[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 11 Mar 2025 14:39:00 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e713bce8 by Salvatore Bonaccorso at 2025-03-11T22:38:27+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -301,7 +301,7 @@ CVE-2025-22367 (The authenticated time setting capability 
of the firmware for Me
 CVE-2025-22366 (The authenticated firmware update capability of the firmware 
for Menne ...)
        NOT-FOR-US: Mennekes
 CVE-2025-22213 (Inadequate checks in the Media Manager allowed users with 
"edit" privi ...)
-       TODO: check
+       NOT-FOR-US: Joomla
 CVE-2025-21247 (Improper resolution of path equivalence in Windows 
MapUrlToZone allows ...)
        NOT-FOR-US: Microsoft
 CVE-2025-21199 (Improper privilege management in Azure Agent Installer allows 
an autho ...)
@@ -319,7 +319,7 @@ CVE-2025-0150 (Incorrect behavior order in some Zoom 
Workplace Apps for iOS befo
 CVE-2025-0149 (Insufficient verification of data authenticity in some Zoom 
Workplace  ...)
        NOT-FOR-US: Zoom
 CVE-2024-9157 (** UNSUPPORTED WHEN ASSIGNED **  A privilege escalation 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: Synaptics
 CVE-2024-56338 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 
6.1.2.6 a ...)
        NOT-FOR-US: IBM
 CVE-2024-56336 (A vulnerability has been identified in SINAMICS S200 (All 
versions wit ...)
@@ -329,23 +329,23 @@ CVE-2024-56182 (A vulnerability has been identified in 
SIMATIC Field PG M5 (All
 CVE-2024-56181 (A vulnerability has been identified in SIMATIC Field PG M5 
(All versio ...)
        NOT-FOR-US: Siemens
 CVE-2024-55597 (A improper limitation of a pathname to a restricted directory 
('path t ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-55592 (An incorrect authorization vulnerability [CWE-863] in 
FortiSIEM 7.2 al ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-55590 (Multiple improper neutralization of special elements used in 
an OS com ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-54085 (AMI\u2019s SPx contains a vulnerability in the BMC where an 
Attacker m ...)
        TODO: check
 CVE-2024-54084 (APTIOV contains a vulnerability in BIOS where an attacker may 
cause a  ...)
        TODO: check
 CVE-2024-54026 (An improper neutralization of special elements used in an sql 
command  ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-54018 (Multipleimproper neutralization of special elements used in an 
OS Comm ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-52961 (An improper neutralization of special elements used in an OS 
Command v ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-52960 (A client-side enforcement of server-side security 
vulnerability [CWE-6 ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-52285 (A vulnerability has been identified in SiPass integrated 
AC5102 (ACC-G ...)
        NOT-FOR-US: Siemens
 CVE-2024-51322 (Cross Site Scripting vulnerability in Zucchetti Ad Hoc 
Infinity 2.4 al ...)
@@ -357,27 +357,27 @@ CVE-2024-51320 (Cross Site Scripting vulnerability in 
Zucchetti Ad Hoc Infinity
 CVE-2024-51319 (A local file include vulnerability in the /servlet/Report of 
Zucchetti ...)
        TODO: check
 CVE-2024-46663 (A stack-buffer overflow vulnerability [CWE-121] in Fortinet 
FortiMail  ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-45328 (An incorrect authorization vulnerability [CWE-863] in 
FortiSandbox 4.4 ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-45324 (A use of externally-controlled format string vulnerability 
[CWE-134] i ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-33501 (Two improper neutralization of special elements used in an SQL 
Command ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-32123 (Multiple improper neutralization of special elements used in 
an os com ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2024-28607 (The ip-utils package through 2.4.0 for Node.js might allow 
SSRF becaus ...)
        TODO: check
 CVE-2024-12546 (EDK2 contains a vulnerability in BIOS where a user may cause 
an Intege ...)
        TODO: check
 CVE-2023-48790 (A cross site request forgery vulnerability [CWE-352] in 
Fortinet Forti ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2023-42784 (An improper handling of syntactically invalid structure in 
Fortinet Fo ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2023-40723 (An exposure of sensitive information to an unauthorized actor 
in Forti ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2023-37933 (An improper neutralization of input during web page generation 
('Cross ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2025-2190 (The mobile application (com.transsnet.store) has a 
man-in-the-middle a ...)
        NOT-FOR-US: com.transsnet.store
 CVE-2025-2177 (A vulnerability classified as critical was found in libzvbi up 
to 0.2. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e713bce8dfd81c45308bef65a4e75279e5e83604

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e713bce8dfd81c45308bef65a4e75279e5e83604
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to