[Git][security-tracker-team/security-tracker][master] Process more NFUs

Tue Aug 13 04:56:20 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0e96c73d by Salvatore Bonaccorso at 2024-08-13T05:55:29+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2024-7697 (Logical vulnerability in the mobile application (com.transsion.ca
 CVE-2024-6917 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
 	NOT-FOR-US: Veribilim Software Veribase Order Management
 CVE-2024-6768 (A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, W ...)
-	TODO: check
+	NOT-FOR-US: CLFS.sys in Microsoft Windows
 CVE-2024-6758 (Improper Privilege ManagementinSprecher Automation SPRECON-E below ver ...)
 	NOT-FOR-US: Sprecher Automation
 CVE-2024-6684 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
@@ -59,11 +59,11 @@ CVE-2024-42520 (TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow
 CVE-2024-42489 (Pro Macros provides XWiki rendering macros. Missing escaping in the Vi ...)
 	NOT-FOR-US: XWiki Pro Macros
 CVE-2024-42485 (Filament Excel enables excel export for Filament admin resources. The  ...)
-	TODO: check
+	NOT-FOR-US: Filament Excel
 CVE-2024-42482 (fish-shop/syntax-check is a GitHub action for syntax checking fish she ...)
-	TODO: check
+	NOT-FOR-US: fish-shop/syntax-check
 CVE-2024-42481 (Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By maki ...)
-	TODO: check
+	NOT-FOR-US: Skyport Daemon (skyportd) in Skyport Panel
 CVE-2024-42480 (Kamaji is the Hosted Control Plane Manager for Kubernetes. In versions ...)
 	NOT-FOR-US: Kamaji
 CVE-2024-42479 (llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer m ...)
@@ -73,53 +73,53 @@ CVE-2024-42478 (llama.cpp provides LLM inference in C/C++. The unsafe `data` poi
 CVE-2024-42477 (llama.cpp provides LLM inference in C/C++. The unsafe `type` member in ...)
 	NOT-FOR-US: ggerganov/llama.cpp
 CVE-2024-42474 (Streamlit is a data oriented application development framework for pyt ...)
-	TODO: check
+	NOT-FOR-US: Streamlit
 CVE-2024-42167 (The function "generate_app_certificates" in controllers/saml2/saml2.js ...)
-	TODO: check
+	NOT-FOR-US: FIWARE Keyrock
 CVE-2024-42166 (The function "generate_app_certificates" in lib/app_certificates.js of ...)
-	TODO: check
+	NOT-FOR-US: FIWARE Keyrock
 CVE-2024-42165 (Insufficiently random values for generating activation token in FIWARE ...)
-	TODO: check
+	NOT-FOR-US: FIWARE Keyrock
 CVE-2024-42164 (Insufficiently random values for generating password reset token in FI ...)
-	TODO: check
+	NOT-FOR-US: FIWARE Keyrock
 CVE-2024-42163 (Insufficiently random values for generating password reset token in FI ...)
-	TODO: check
+	NOT-FOR-US: FIWARE Keyrock
 CVE-2024-41909 (Like many other SSH implementations, Apache MINA SSHD suffered from th ...)
-	TODO: check
+	NOT-FOR-US: Apache Mina SSHD
 CVE-2024-41710 (A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Serie ...)
 	NOT-FOR-US: Mitel
 CVE-2024-41651 (An issue in Prestashop v.8.1.7 and before allows a remote attacker to  ...)
 	NOT-FOR-US: Prestashop
 CVE-2024-41475 (Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS mis ...)
-	TODO: check
+	NOT-FOR-US: Gnuboard
 CVE-2024-40893 (Multiple authenticated operating system (OS) command injection vulnera ...)
-	TODO: check
+	NOT-FOR-US: Firewalla Box Software
 CVE-2024-40892 (A weak credential vulnerability exists in Firewalla Box Software versi ...)
-	TODO: check
+	NOT-FOR-US: Firewalla Box Software
 CVE-2024-40500 (Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11. ...)
-	TODO: check
+	NOT-FOR-US: mkucej/i-librarian-free
 CVE-2024-39091 (An OS command injection vulnerability in the ccm_debug component of MI ...)
-	TODO: check
+	NOT-FOR-US: MIPC Camera firmware
 CVE-2024-38530 (The Open eClass platform (formerly known as GUnet eClass) is a complet ...)
-	TODO: check
+	NOT-FOR-US: Open eClass platform
 CVE-2024-36877 (Micro-Star International Z-series motherboards (Z590, Z490, and Z790)  ...)
-	TODO: check
+	NOT-FOR-US: Micro-Star
 CVE-2024-33536 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. Th ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2024-33535 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. Th ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2024-33533 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, is ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2024-27443 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A  ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2024-27442 (An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. Th ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2024-21550 (SteVe is an open platform that implements different version of the OCP ...)
-	TODO: check
+	NOT-FOR-US: SteVe
 CVE-2023-7249 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: OpenText OpenText Directory Services
 CVE-2023-48171 (An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker ...)
-	TODO: check
+	NOT-FOR-US: OWASP DefectDojo
 CVE-2023-41884 (ZoneMinder is a free, open source Closed-circuit television software a ...)
 	- zoneminder <unfixed> (unimportant)
 	NOTE: Only supported for trusted users/behind auth



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e96c73dc422c6c959b93b59129f018894149efb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e96c73dc422c6c959b93b59129f018894149efb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240813/a2c5a741/attachment.htm>
