[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 19 15:18:19 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
eba28ed0 by Salvatore Bonaccorso at 2024-12-19T16:17:53+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35,45 +35,45 @@ CVE-2024-53580 (iperf v3.17.1 was discovered to contain a segmentation violation
CVE-2024-51532 (Dell PowerStore contains an Improper Neutralization of Argument Delimi ...)
NOT-FOR-US: Dell
CVE-2024-4230 (External Control of File Name or Path vulnerability in Edgecross Basic ...)
- TODO: check
+ NOT-FOR-US: Edgecross Basic Software for Windows
CVE-2024-4229 (Incorrect Default Permissions vulnerability in Edgecross Basic Softwar ...)
- TODO: check
+ NOT-FOR-US: Edgecross Basic Software for Windows
CVE-2024-45338 (An attacker can craft an input to the Parse functions that would be pr ...)
TODO: check
CVE-2024-43106 (A library injection vulnerability exists in Microsoft Excel 16.83 for ...)
- TODO: check
+ NOT-FOR-US: Microsoft Excel for macOS
CVE-2024-42220 (A library injection vulnerability exists in Microsoft Outlook 16.83.3 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Outlook for macOS
CVE-2024-42004 (A library injection vulnerability exists in Microsoft Teams (work or s ...)
- TODO: check
+ NOT-FOR-US: Microsoft Teams for macOS
CVE-2024-41165 (A library injection vulnerability exists in Microsoft Word 16.83 for m ...)
- TODO: check
+ NOT-FOR-US: Microsoft Word for macOS
CVE-2024-41159 (A library injection vulnerability exists in Microsoft OneNote 16.83 fo ...)
- TODO: check
+ NOT-FOR-US: Microsoft OneNote for macOS
CVE-2024-41145 (A library injection vulnerability exists in the WebView.app helper app ...)
- TODO: check
+ NOT-FOR-US: Microsoft Teams for macOS
CVE-2024-41138 (A library injection vulnerability exists in the com.microsoft.teams2.m ...)
- TODO: check
+ NOT-FOR-US: Microsoft Teams for macOS
CVE-2024-39804 (A library injection vulnerability exists in Microsoft PowerPoint 16.83 ...)
- TODO: check
+ NOT-FOR-US: Microsoft PowerPoint for macOS
CVE-2024-37649 (Insecure Permissions vulnerability in SecureSTATION v.2.5.5.3116-S50-S ...)
- TODO: check
+ NOT-FOR-US: SecureSTATION
CVE-2024-35141 (IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a ...)
NOT-FOR-US: IBM
CVE-2024-12686 (A vulnerability has been discovered in Privileged Remote Access (PRA) ...)
TODO: check
CVE-2024-12560 (The Button Block \u2013 Get fully customizable & multi-functional butt ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12121 (The Broken Link Checker | Finder plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11984 (A unrestricted upload of file with dangerous type vulnerability in epa ...)
TODO: check
CVE-2024-11768 (The Download Manager plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11740 (The The Download Manager plugin for WordPress is vulnerable to arbitra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10548 (The WP Project Manager plugin for WordPress is vulnerable to Sensitive ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12695 (Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -157011,13 +157011,13 @@ CVE-2023-23359
CVE-2023-23358
RESERVED
CVE-2023-23357 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-23356 (A command injection vulnerability has been reported to affect several ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-23355 (An OS command injection vulnerability has been reported to affect QNAP ...)
NOT-FOR-US: QNAP
CVE-2023-23354 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-23353
RESERVED
CVE-2023-23352
@@ -167686,7 +167686,7 @@ CVE-2023-21588 (Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) ar
CVE-2023-21587 (Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affe ...)
NOT-FOR-US: Adobe
CVE-2023-21586 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21585 (Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 ...)
NOT-FOR-US: Adobe
CVE-2023-21584 (FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affecte ...)
@@ -174546,23 +174546,23 @@ CVE-2022-44522
CVE-2022-44521
RESERVED
CVE-2022-44520 (Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44519 (Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44518 (Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44517 (Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44516 (Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44515 (Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44514 (Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44513 (Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44512 (Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-44511
RESERVED
CVE-2022-44510 (Adobe Experience Manager version 6.5.14 (and earlier) is affected by a ...)
@@ -223887,7 +223887,7 @@ CVE-2022-27602
CVE-2022-27601
RESERVED
CVE-2022-27600 (An uncontrolled resource consumption vulnerability has been reported t ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2022-27599 (An insertion of sensitive information into Log file vulnerability has ...)
NOT-FOR-US: QNAP
CVE-2022-27598 (A vulnerability has been reported to affect QNAP operating systems. If ...)
@@ -223897,7 +223897,7 @@ CVE-2022-27597 (A vulnerability has been reported to affect QNAP operating syste
CVE-2022-27596 (A vulnerability has been reported to affect QNAP device running QuTS h ...)
NOT-FOR-US: QNAP
CVE-2022-27595 (An insecure library loading vulnerability has been reported to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2022-27594
RESERVED
CVE-2022-27593 (An externally controlled reference to a resource vulnerability has bee ...)
@@ -298747,7 +298747,7 @@ CVE-2021-26095 (The combination of various cryptographic issues in the session m
CVE-2021-26094
RESERVED
CVE-2021-26093 (An access of uninitialized pointer (CWE-824) vulnerabilityin FortiWLC ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2021-26092 (Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 ...)
NOT-FOR-US: FortiGuard
CVE-2021-26091
@@ -361811,7 +361811,7 @@ CVE-2020-12821 (Gossipsub 1.0 does not properly resist invalid message spam, suc
CVE-2020-12820
RESERVED
CVE-2020-12819 (A heap-based buffer overflow vulnerability in the processing of Link C ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2020-12818 (An insufficient logging vulnerability in FortiGate before 6.4.1 may al ...)
NOT-FOR-US: FortiGuard
CVE-2020-12817 (An improper neutralization of input vulnerability in FortiAnalyzer bef ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eba28ed0bf61f8d52423fbd2021ff3232f4bd065
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eba28ed0bf61f8d52423fbd2021ff3232f4bd065
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241219/32e138d3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list