[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sat Aug 3 10:54:52 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fafe969d by Moritz Muehlenhoff at 2024-08-03T11:53:51+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,83 +13,83 @@ CVE-2024-38891 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663
 CVE-2024-38887 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 throu ...)
 	TODO: check
 CVE-2024-7323 (Digiwin EasyFlow .NET lacks proper access control for specific functio ...)
-	TODO: check
+	NOT-FOR-US: Digiwin EasyFlow .NET
 CVE-2024-7314 (anji-plus AJ-Report is affected by an authentication bypass vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: anji-plus AJ-Report
 CVE-2024-7204 (Ai3 QbiBot does not properly filter user input, allowing unauthenticat ...)
-	TODO: check
+	NOT-FOR-US: Ai3 QbiBot
 CVE-2024-7029 (Commands can be injected over the network and executed without authent ...)
-	TODO: check
+	NOT-FOR-US: AVTech AVM1203
 CVE-2024-6704 (The Comments \u2013 wpDiscuz plugin for WordPress is vulnerable to HTM ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4643 (The Element Pack Elementor Addons (Header Footer, Template Library, Dy ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-42349 (FOG is a cloning/imaging/rescue suite/inventory management system. FOG ...)
-	TODO: check
+	NOT-FOR-US: FOG
 CVE-2024-42348 (FOG is a cloning/imaging/rescue suite/inventory management system. FOG ...)
-	TODO: check
+	NOT-FOR-US: FOG
 CVE-2024-41519 (Feripro <= v2.2.3 is vulnerable to Cross Site Scripting (XSS) via "/ad ...)
-	TODO: check
+	NOT-FOR-US: Feripro
 CVE-2024-41518 (An Incorrect Access Control vulnerability in "/admin/programm/<program ...)
-	TODO: check
+	NOT-FOR-US: Feripro
 CVE-2024-41517 (An Incorrect Access Control vulnerability in "/admin/benutzer/institut ...)
-	TODO: check
+	NOT-FOR-US: Feripro
 CVE-2024-41310 (AndServer 2.1.12 is vulnerable to Directory Traversal.)
-	TODO: check
+	NOT-FOR-US: Feripro
 CVE-2024-41127 (Monkeytype is a minimalistic and customizable typing test. Monkeytype  ...)
-	TODO: check
+	NOT-FOR-US: Monkeytype
 CVE-2024-40723 (The specific API in HWATAIServiSign Windows Version from CHANGING Info ...)
-	TODO: check
+	NOT-FOR-US: CHANGING Information Technology
 CVE-2024-40722 (The specific API in TCBServiSign Windows Version from CHANGING Informa ...)
-	TODO: check
+	NOT-FOR-US: CHANGING Information Technology
 CVE-2024-40721 (The specific API in TCBServiSign Windows Version from CHANGING Informa ...)
-	TODO: check
+	NOT-FOR-US: CHANGING Information Technology
 CVE-2024-40720 (The specific API in TCBServiSign Windows Version from CHANGING Informa ...)
-	TODO: check
+	NOT-FOR-US: CHANGING Information Technology
 CVE-2024-40719 (The encryption strength of the authorization keys in CHANGING Informat ...)
-	TODO: check
+	NOT-FOR-US: CHANGING Information Technology
 CVE-2024-38890 (An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1 ...)
-	TODO: check
+	NOT-FOR-US: Caterease
 CVE-2024-38889 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 throu ...)
-	TODO: check
+	NOT-FOR-US: Caterease
 CVE-2024-38888 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 throu ...)
-	TODO: check
+	NOT-FOR-US: Caterease
 CVE-2024-38886 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 throu ...)
-	TODO: check
+	NOT-FOR-US: Caterease
 CVE-2024-38885 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 throu ...)
-	TODO: check
+	NOT-FOR-US: Caterease
 CVE-2024-38884 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 throu ...)
-	TODO: check
+	NOT-FOR-US: Caterease
 CVE-2024-38883 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 throu ...)
-	TODO: check
+	NOT-FOR-US: Caterease
 CVE-2024-38882 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 throu ...)
-	TODO: check
+	NOT-FOR-US: Caterease
 CVE-2024-38881 (An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 throu ...)
-	TODO: check
+	NOT-FOR-US: Caterease
 CVE-2024-38879 (A vulnerability has been identified in OmniviseT3000 Application Serve ...)
-	TODO: check
+	NOT-FOR-US: OmniviseT3000
 CVE-2024-38878 (A vulnerability has been identified in OmniviseT3000 Application Serve ...)
-	TODO: check
+	NOT-FOR-US: OmniviseT3000
 CVE-2024-38877 (A vulnerability has been identified in OmniviseT3000 Application Serve ...)
-	TODO: check
+	NOT-FOR-US: OmniviseT3000
 CVE-2024-38876 (A vulnerability has been identified in OmniviseT3000 Application Serve ...)
-	TODO: check
+	NOT-FOR-US: OmniviseT3000
 CVE-2024-33896 (Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x ...)
-	TODO: check
+	NOT-FOR-US: Cosy+
 CVE-2024-33895 (Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x ...)
-	TODO: check
+	NOT-FOR-US: Cosy+
 CVE-2024-33894 (Insecure Permission vulnerability in Cosy+ devices running a firmware  ...)
-	TODO: check
+	NOT-FOR-US: Cosy+
 CVE-2024-33893 (Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x ...)
-	TODO: check
+	NOT-FOR-US: Cosy+
 CVE-2024-33892 (Insecure Permissions vulnerability in Cosy+ devices running a firmware ...)
-	TODO: check
+	NOT-FOR-US: Cosy+
 CVE-2024-28298 (SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1 allows authe ...)
-	TODO: check
+	NOT-FOR-US: BM SOFT BMPlanning
 CVE-2024-28297 (SQL injection vulnerability in AzureSoft MyHorus 4.3.5 allows authenti ...)
-	TODO: check
+	NOT-FOR-US: AzureSoft MyHorus
 CVE-2024-22169 (WD Discovery versions prior to 5.0.589 contain a misconfiguration in t ...)
-	TODO: check
+	NOT-FOR-US: Western Digital
 CVE-2024-36268 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
 	NOT-FOR-US: Apache Linkis
 CVE-2024-27182 (In Apache Linkis <= 1.5.0,  Arbitrary file deletion in Basic managemen ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fafe969dab931d430efcda55f10a792ed1c0be49

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fafe969dab931d430efcda55f10a792ed1c0be49
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240803/85851680/attachment.htm>

More information about the debian-security-tracker-commits mailing list