[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Dec 16 20:52:57 GMT 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4ede0bcc by Salvatore Bonaccorso at 2024-12-16T21:50:14+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -269,69 +269,69 @@ CVE-2024-54229 (Incorrect Privilege Assignment vulnerability in Straightvisions
 CVE-2024-54083 (Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11 ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2024-4762 (An improper validation vulnerability was reported in the firmware upda ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2024-49775 (A vulnerability has been identified in Opcenter Execution Foundation ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-48872 (Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11 ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2024-43234 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-37251 (Cross-Site Request Forgery (CSRF) vulnerability in WPENGINE, INC. Adva ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12687 (Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks  ...)
-	TODO: check
+	NOT-FOR-US: PlexTrac
 CVE-2024-12668 (Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Writ ...)
-	TODO: check
+	NOT-FOR-US: Velocidex WinPmem
 CVE-2024-12667 (A vulnerability was found in InvoicePlane up to 1.6.1 and classified a ...)
-	TODO: check
+	NOT-FOR-US: InvoicePlane
 CVE-2024-12666 (A vulnerability has been found in ClassCMS up to 4.8 and classified as ...)
-	TODO: check
+	NOT-FOR-US: ClassCMS
 CVE-2024-12665 (A vulnerability, which was classified as problematic, was found in rui ...)
-	TODO: check
+	NOT-FOR-US: ruifang-tech Rebuild
 CVE-2024-12664 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: ruifang-tech Rebuild
 CVE-2024-12663 (A vulnerability classified as problematic was found in funnyzpc Mee-Ad ...)
-	TODO: check
+	NOT-FOR-US: funnyzpc Mee-Admin
 CVE-2024-12662 (A vulnerability classified as problematic has been found in IObit Adva ...)
-	TODO: check
+	NOT-FOR-US: IObit Advanced SystemCare Utimate
 CVE-2024-12661 (A vulnerability was found in IObit Advanced SystemCare Utimate up to 1 ...)
-	TODO: check
+	NOT-FOR-US: IObit Advanced SystemCare Utimate
 CVE-2024-12660 (A vulnerability was found in IObit Advanced SystemCare Utimate up to 1 ...)
-	TODO: check
+	NOT-FOR-US: IObit Advanced SystemCare Utimate
 CVE-2024-12659 (A vulnerability was found in IObit Advanced SystemCare Utimate up to 1 ...)
-	TODO: check
+	NOT-FOR-US: IObit Advanced SystemCare Utimate
 CVE-2024-12658 (A vulnerability was found in IObit Advanced SystemCare Utimate up to 1 ...)
-	TODO: check
+	NOT-FOR-US: IObit Advanced SystemCare Utimate
 CVE-2024-12657 (A vulnerability has been found in IObit Advanced SystemCare Utimate up ...)
-	TODO: check
+	NOT-FOR-US: IObit Advanced SystemCare Utimate
 CVE-2024-12656 (A vulnerability, which was classified as problematic, was found in Fab ...)
-	TODO: check
+	NOT-FOR-US: FabulaTech USB over Network
 CVE-2024-12655 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: FabulaTech USB over Network
 CVE-2024-12654 (A vulnerability classified as problematic was found in FabulaTech USB  ...)
-	TODO: check
+	NOT-FOR-US: FabulaTech USB over Network
 CVE-2024-12653 (A vulnerability classified as problematic has been found in FabulaTech ...)
-	TODO: check
+	NOT-FOR-US: FabulaTech USB over Network
 CVE-2024-12478 (A vulnerability was found in InvoicePlane up to 1.6.1. It has been dec ...)
-	TODO: check
+	NOT-FOR-US: InvoicePlane
 CVE-2024-12362 (A vulnerability was found in InvoicePlane up to 1.6.1. It has been cla ...)
-	TODO: check
+	NOT-FOR-US: InvoicePlane
 CVE-2024-12092 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
-	TODO: check
+	NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x
 CVE-2024-12091 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
-	TODO: check
+	NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x
 CVE-2024-12090 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
-	TODO: check
+	NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x
 CVE-2024-12089 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
-	TODO: check
+	NOT-FOR-US: ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x
 CVE-2024-11358 (Mattermost Android Mobile Apps versions <=2.21.0 fail to properly conf ...)
-	TODO: check
+	NOT-FOR-US: Mattermost Android Mobile Apps
 CVE-2024-11144 (The server lacks thread safety and can be crashed by anomalous data se ...)
 	TODO: check
 CVE-2024-10972 (Velocidex WinPmem versions 4.1 and below suffer from an Improper Input ...)
-	TODO: check
+	NOT-FOR-US: Velocidex WinPmem
 CVE-2024-10095 (In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213) ...)
-	TODO: check
+	NOT-FOR-US: Telerik
 CVE-2024-55919 [Improper input validation on generic SSO login]
 	- sympa <unfixed> (bug #1090188)
 	NOTE: https://www.sympa.community/security/2024-001.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ede0bcccd04a8be466fbcaa97a705d29e62b4c8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ede0bcccd04a8be466fbcaa97a705d29e62b4c8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241216/160a2b65/attachment.htm>


More information about the debian-security-tracker-commits mailing list