[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Feb 4 17:19:38 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
12580932 by Moritz Muehlenhoff at 2024-02-04T17:41:27+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,9 +9,9 @@ CVE-2015-10129 (A vulnerability was found in planet-freo up to 20150116 and clas
 CVE-2024-1215 (A vulnerability was found in SourceCodester CRUD without Page Reload 1 ...)
 	NOT-FOR-US: SourceCodester CRUD without Page Reload
 CVE-2024-1064 (A host header injection vulnerability in the HTTP handler component of ...)
-	TODO: check
+	NOT-FOR-US: Crafty Controller
 CVE-2023-49950 (The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0  ...)
-	TODO: check
+	NOT-FOR-US: Logpoint SIEM
 CVE-2023-44031 (Incorrect access control in Reprise License Management Software Repris ...)
 	NOT-FOR-US: Reprise License Management Software Reprise License Manager
 CVE-2023-43183 (Incorrect access control in Reprise License Management Software Repris ...)
@@ -57,7 +57,7 @@ CVE-2024-25001
 CVE-2024-24760 (mailcow is a dockerized email package, with multiple containers linked ...)
 	NOT-FOR-US: mailcow
 CVE-2024-24757 (open-irs is an issue response robot that reponds to issues in the inst ...)
-	TODO: check
+	NOT-FOR-US: open-irs
 CVE-2024-24560 (Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual M ...)
 	NOT-FOR-US: Vyper
 CVE-2024-24470 (Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows  ...)
@@ -113,7 +113,7 @@ CVE-2024-0963 (The Calculated Fields Form plugin for WordPress is vulnerable to
 CVE-2024-0844 (The Popup More Popups, Lightboxes, and more popup modules plugin for W ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-0338 (A buffer overflow vulnerability has been found in XAMPP affecting vers ...)
-	TODO: check
+	NOT-FOR-US: XAMPP
 CVE-2024-0269 (ManageEngine ADAudit Plus versions7270and below are vulnerable to the  ...)
 	NOT-FOR-US: ManageEngine
 CVE-2024-0253 (ManageEngine ADAudit Plus versions7270and below are vulnerable to the  ...)
@@ -127,7 +127,7 @@ CVE-2023-6673 (Improper Neutralization of Input During Web Page Generation ('Cro
 CVE-2023-6672 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: National Keep Cyber Security Services CyberMath
 CVE-2023-6387 (A potential buffer overflow exists in the Bluetooth LE HCI CPC sample  ...)
-	TODO: check
+	NOT-FOR-US: Silicon Labs GDSK
 CVE-2023-51838 (Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Crypt ...)
 	NOT-FOR-US: Ylianst MeshCentral
 CVE-2023-51820 (An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows  ...)
@@ -199,7 +199,7 @@ CVE-2023-41274 (A NULL pointer dereference vulnerability has been reported to af
 CVE-2023-41273 (A heap-based buffer overflow vulnerability has been reported to affect ...)
 	NOT-FOR-US: QNAP
 CVE-2023-39611 (An issue in Software FX Chart FX 7 version 7.0.4962.20829 allows attac ...)
-	TODO: check
+	NOT-FOR-US: Software FX Chart FX
 CVE-2023-39303 (An improper authentication vulnerability has been reported to affect s ...)
 	NOT-FOR-US: QNAP
 CVE-2023-39302 (An OS command injection vulnerability has been reported to affect seve ...)
@@ -49204,7 +49204,7 @@ CVE-2023-1615 (The Ultimate Addons for Contact Form 7 plugin for WordPress is vu
 CVE-2023-1614 (The WP Custom Author URL WordPress plugin before 1.0.5 does not saniti ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-28807 (In Zscaler Internet Access (ZIA) a mismatch between Connect Host and C ...)
-	TODO: check
+	NOT-FOR-US: Zscaler
 CVE-2023-28806
 	RESERVED
 CVE-2023-28805 (An Improper Input Validation vulnerability in Zscaler Client Connector ...)
@@ -67900,7 +67900,7 @@ CVE-2014-125054 (A vulnerability classified as critical was found in koroket Red
 CVE-2023-22837
 	RESERVED
 CVE-2023-22836 (In cases where a multi-tenant stack user is operating Foundry\u2019s L ...)
-	TODO: check
+	NOT-FOR-US: Palantir
 CVE-2023-22835 (A security defect was identified that enabled a user of Foundry Issues ...)
 	NOT-FOR-US: Palantir
 CVE-2023-22834 (The Contour Service was not checking that users had permission to crea ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12580932769a5368a9e15ab623f58549f4bc394b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12580932769a5368a9e15ab623f58549f4bc394b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240204/2a52bcc5/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list