[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Apr 30 09:44:09 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e21e522e by Moritz Muehlenhoff at 2024-04-30T10:43:40+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,59 +5,59 @@ CVE-2024-4226 (It was identified that in certain versions of Octopus Server, tha
 CVE-2024-4225 (Multiple security vulnerabilities has been discovered in web interface ...)
 	NOT-FOR-US: NetGuardian DIN Remote Telemetry Unit (RTU)
 CVE-2024-34050 (Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice b ...)
-	TODO: check
+	NOT-FOR-US: Open Networking Foundation SD-RAN Rimedo rimedo-ts
 CVE-2024-34049 (Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice b ...)
-	TODO: check
+	NOT-FOR-US: Open Networking Foundation SD-RAN Rimedo rimedo-ts
 CVE-2024-34048 (O-RAN RIC I-Release e2mgr lacks array size checks in E2nodeConfigUpdat ...)
 	NOT-FOR-US: O-RAN RIC I-Release e2mgr
 CVE-2024-34047 (O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateH ...)
 	NOT-FOR-US: O-RAN RIC I-Release e2mgr
 CVE-2024-34046 (The O-RAN E2T I-Release Prometheus metric Increment function can crash ...)
-	TODO: check
+	NOT-FOR-US: O-RAN
 CVE-2024-34045 (The O-RAN E2T I-Release Prometheus metric Increment function can crash ...)
-	TODO: check
+	NOT-FOR-US: O-RAN
 CVE-2024-34044 (The O-RAN E2T I-Release buildPrometheusList function can have a NULL p ...)
-	TODO: check
+	NOT-FOR-US: O-RAN
 CVE-2024-34043 (O-RAN RICAPP kpimon-go I-Release has a segmentation violation via a ce ...)
-	TODO: check
+	NOT-FOR-US: O-RAN
 CVE-2024-33522 (In vulnerable versions of Calico (v3.27.2 and below), Calico Enterpris ...)
 	TODO: check
 CVE-2024-33401 (Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remot ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2024-33350 (Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote at ...)
-	TODO: check
+	NOT-FOR-US: TaoCMS
 CVE-2024-31837 (DMitry (Deepmagic Information Gathering Tool) 1.3a has a format-string ...)
 	TODO: check
 CVE-2024-28294 (Limbas up to v5.2.14 was discovered to contain a SQL injection vulnera ...)
-	TODO: check
+	NOT-FOR-US: Limbas
 CVE-2024-27518 (An issue in SUPERAntiSyware Professional X 10.0.1262 and 10.0.1264 all ...)
-	TODO: check
+	NOT-FOR-US: SUPERAntiSyware Professional X
 CVE-2024-1371 (The LeadConnector plugin for WordPress is vulnerable to unauthorized m ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0216 (The Google Doc Embedder plugin for WordPress is vulnerable to Server S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-52728 (Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an i ...)
-	TODO: check
+	NOT-FOR-US: onos-lib-go
 CVE-2023-52727 (Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an i ...)
-	TODO: check
+	NOT-FOR-US: onos-lib-go
 CVE-2023-52726 (Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows i ...)
-	TODO: check
+	NOT-FOR-US: onos-ric-sdk-go
 CVE-2023-52725 (Open Networking Foundation SD-RAN ONOS onos-kpimon 0.4.7 allows blocki ...)
-	TODO: check
+	NOT-FOR-US: onos-kpimon
 CVE-2023-52724 (Open Networking Foundation SD-RAN onos-kpimon 0.4.7 allows out-of-boun ...)
-	TODO: check
+	NOT-FOR-US: onos-kpimon
 CVE-2023-50434 (emdns_resolve_raw in emdns.c in emdns through fbd1eef calls strlen wit ...)
-	TODO: check
+	NOT-FOR-US: emdns
 CVE-2023-50433 (marshall in dhcp_packet.c in simple-dhcp-server through ec976d2 allows ...)
-	TODO: check
+	NOT-FOR-US: simple-dhcp-server
 CVE-2023-50432 (simple-dhcp-server through ec976d2 allows remote attackers to cause a  ...)
-	TODO: check
+	NOT-FOR-US: simple-dhcp-server
 CVE-2023-46960 (Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacke ...)
 	TODO: check
 CVE-2023-46566 (Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e3 ...)
 	TODO: check
 CVE-2023-31889 (An issue discovered in httpd in ASUS RT-AC51U with firmware version up ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2024-4310 (Cross-site Scripting (XSS) vulnerability in HubBank affecting version  ...)
 	NOT-FOR-US: HubBank
 CVE-2024-4309 (SQL injection vulnerability in HubBank affecting version 1.0.2. This v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e21e522e802fe281b76ffd02aec9554b9339bba4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e21e522e802fe281b76ffd02aec9554b9339bba4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240430/61e9d2ac/attachment.htm>

More information about the debian-security-tracker-commits mailing list