[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 16 23:09:56 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b1dcd23 by Salvatore Bonaccorso at 2024-08-17T00:09:19+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35,9 +35,9 @@ CVE-2024-43807 (In JetBrains TeamCity before 2024.07.1 multiple stored XSS was p
 CVE-2024-43472 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2024-43381 (reNgine is an automated reconnaissance framework for web applications. ...)
-	TODO: check
+	NOT-FOR-US: reNgine
 CVE-2024-43042 (Pluck CMS 4.7.18 does not restrict failed login attempts, allowing att ...)
-	TODO: check
+	NOT-FOR-US: Pluck CMS
 CVE-2024-43011 (An arbitrary file deletion vulnerability exists in the admin/del.php f ...)
 	NOT-FOR-US: ZZCMS
 CVE-2024-43009 (A reflected cross-site scripting (XSS) vulnerability exists in user/lo ...)
@@ -51,31 +51,31 @@ CVE-2024-42995 (VTiger CRM <= 8.1.0 does not correctly check user privileges. A
 CVE-2024-42994 (VTiger CRM <= 8.1.0 does not properly sanitize user input before using ...)
 	NOT-FOR-US: VTiger CRM
 CVE-2024-42850 (An issue in the password change function of Silverpeas v6.4.2 and lowe ...)
-	TODO: check
+	NOT-FOR-US: Silverpeas
 CVE-2024-42849 (An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to c ...)
-	TODO: check
+	NOT-FOR-US: Silverpeas
 CVE-2024-42758 (A Cross-site Scripting (XSS) vulnerability exists in version v2024-01- ...)
-	TODO: check
+	NOT-FOR-US: indexmenu plugin for Dokuwiki
 CVE-2024-42639 (H3C GR1100-P v100R009 was discovered to use a hardcoded password in /e ...)
-	TODO: check
+	NOT-FOR-US: H3C GR1100-P v100R009
 CVE-2024-42638 (H3C Magic B1ST v100R012 was discovered to contain a hardcoded password ...)
-	TODO: check
+	NOT-FOR-US: H3C Magic B1ST v100R012
 CVE-2024-42637 (H3C R3010 v100R002L02 was discovered to contain a hardcoded password v ...)
-	TODO: check
+	NOT-FOR-US: H3C R3010 v100R002L02
 CVE-2024-42634 (A Command Injection vulnerability exists in formWriteFacMac of the htt ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2024-42486 (Cilium is a networking, observability, and security solution with an e ...)
 	TODO: check
 CVE-2024-42466 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: upKeeper
 CVE-2024-42465 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: upKeeper
 CVE-2024-42464 (Authorization Bypass Through User-Controlled Key vulnerability in upKe ...)
-	TODO: check
+	NOT-FOR-US: upKeeper
 CVE-2024-42463 (Authorization Bypass Through User-Controlled Key vulnerability in upKe ...)
-	TODO: check
+	NOT-FOR-US: upKeeper
 CVE-2024-42462 (Improper Authentication vulnerability in upKeeper Solutions product up ...)
-	TODO: check
+	NOT-FOR-US: upKeeper
 CVE-2024-2175 (An insecure permissions vulnerability was reported inLenovo Display Co ...)
 	TODO: check
 CVE-2024-25837 (A stored cross-site scripting (XSS) vulnerability in October CMS Blogh ...)
@@ -133,7 +133,7 @@ CVE-2024-43369 (Ibexa RichText Field Type is a Field Type for supporting rich fo
 CVE-2024-43367 (Boa is an embeddable and experimental Javascript engine written in Rus ...)
 	TODO: check
 CVE-2024-43366 (zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to v ...)
-	TODO: check
+	NOT-FOR-US: zkvyper Vyper compiler
 CVE-2024-42488 (Cilium is a networking, observability, and security solution with an e ...)
 	TODO: check
 CVE-2024-42487 (Cilium is a networking, observability, and security solution with an e ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b1dcd239c2601238ef60abdb11485ac49b48148

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b1dcd239c2601238ef60abdb11485ac49b48148
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240816/f3b18172/attachment.htm>

More information about the debian-security-tracker-commits mailing list