[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 29 21:45:05 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7b2601b4 by Salvatore Bonaccorso at 2024-07-29T22:44:34+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2024-7195 (A vulnerability was found in itsourcecode Society Management Syst
 CVE-2024-7194 (A vulnerability was found in itsourcecode Society Management System 1. ...)
 	NOT-FOR-US: itsourcecode Society Management System
 CVE-2024-7193 (A vulnerability has been found in Mp3tag up to 3.26d and classified as ...)
-	TODO: check
+	NOT-FOR-US: Mp3tag
 CVE-2024-7192 (A vulnerability, which was classified as critical, was found in itsour ...)
 	NOT-FOR-US: itsourcecode Society Management System
 CVE-2024-7191 (A vulnerability, which was classified as critical, has been found in i ...)
@@ -27,21 +27,21 @@ CVE-2024-6761
 CVE-2024-6748 (Zohocorp ManageEngineOpManager, OpManager Plus, OpManager MSP and RMM  ...)
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2024-6727 (A flaw in versions of Delphix Data Control Tower (DCT) prior to 19.0.0 ...)
-	TODO: check
+	NOT-FOR-US: Delphix Data Control Tower (DCT)
 CVE-2024-6726 (Versions of Delphix Engine prior to Release 25.0.0.0 contain a flaw wh ...)
-	TODO: check
+	NOT-FOR-US: Delphix Engine
 CVE-2024-6578 (A stored cross-site scripting (XSS) vulnerability exists in aimhubio/a ...)
-	TODO: check
+	NOT-FOR-US: aimhubio/aim
 CVE-2024-6576 (Improper Authentication vulnerability in Progress MOVEit Transfer (SFT ...)
-	TODO: check
+	NOT-FOR-US: Progress MOVEit Transfer
 CVE-2024-6124 (Reflected XSS in M-Files Hubshare before version 5.0.6.0 allowsan atta ...)
-	TODO: check
+	NOT-FOR-US: M-Files
 CVE-2024-4848
 	REJECTED
 CVE-2024-41881 (SDoP versions prior to 1.11 fails to handle appropriately some paramet ...)
 	TODO: check
 CVE-2024-41819 (Note Mark is a web-based Markdown notes app. A stored cross-site scrip ...)
-	TODO: check
+	NOT-FOR-US: Note Mark
 CVE-2024-41818 (fast-xml-parser is an open source, pure javascript xml parser. a ReDOS ...)
 	TODO: check
 CVE-2024-41817 (ImageMagick is a free and open-source software suite, used for editing ...)
@@ -49,37 +49,37 @@ CVE-2024-41817 (ImageMagick is a free and open-source software suite, used for e
 CVE-2024-41810 (Twisted is an event-based framework for internet applications, support ...)
 	TODO: check
 CVE-2024-41799 (tgstation-server is a production scale tool for BYOND server managemen ...)
-	TODO: check
+	NOT-FOR-US: tgstation-server
 CVE-2024-41726 (Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 ...)
-	TODO: check
+	NOT-FOR-US: SKYSEA Client View
 CVE-2024-41676 (Magento-lts is a long-term support alternative to Magento Community Ed ...)
-	TODO: check
+	NOT-FOR-US: Magento LTS (alternative to Magento Community Edition)
 CVE-2024-41671 (Twisted is an event-based framework for internet applications, support ...)
 	TODO: check
 CVE-2024-41640 (Cross Site Scripting (XSS) vulnerability in AML Surety Eco up to 3.5 a ...)
-	TODO: check
+	NOT-FOR-US: AML Surety Eco
 CVE-2024-41631 (Buffer Overflow vulnerability in host-host NEUQ_board v.1.0 allows a r ...)
-	TODO: check
+	NOT-FOR-US: host-host NEUQ_board
 CVE-2024-41624 (Incorrect access control in Himalaya Xiaoya nano smart speaker rom_ver ...)
-	TODO: check
+	NOT-FOR-US: Himalaya Xiaoya nano smart speaker
 CVE-2024-41143 (Origin validation error vulnerability exists in SKYSEA Client View Ver ...)
-	TODO: check
+	NOT-FOR-US: SKYSEA Client View
 CVE-2024-41139 (Incorrect privilege assignment vulnerability exists in SKYSEA Client V ...)
-	TODO: check
+	NOT-FOR-US: SKYSEA Client View
 CVE-2024-40576 (Cross Site Scripting vulnerability in Best House Rental Management Sys ...)
-	TODO: check
+	NOT-FOR-US: Best House Rental Management System
 CVE-2024-38529 (Admidio is a free, open source user management system for websites of  ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2024-37906 (Admidio is a free, open source user management system for websites of  ...)
-	TODO: check
+	NOT-FOR-US: Admidio
 CVE-2024-37859 (Cross Site Scripting vulnerability in Lost and Found Information Syste ...)
-	TODO: check
+	NOT-FOR-US: Lost and Found Information System
 CVE-2024-37858 (SQL Injection vulnerability in Lost and Found Information System 1.0 a ...)
-	TODO: check
+	NOT-FOR-US: Lost and Found Information System
 CVE-2024-37857 (SQL Injection vulnerability in Lost and Found Information System 1.0 a ...)
-	TODO: check
+	NOT-FOR-US: Lost and Found Information System
 CVE-2024-37856 (Cross Site Scripting vulnerability in Lost and Found Information Syste ...)
-	TODO: check
+	NOT-FOR-US: Lost and Found Information System
 CVE-2024-33365 (Buffer Overflow vulnerability in Tenda AC10 v4 US_AC10V4.0si_V16.03.10 ...)
 	TODO: check
 CVE-2024-28806 (An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote u ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b2601b42e15636eefe0d1fa9cebffbd87d673d0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b2601b42e15636eefe0d1fa9cebffbd87d673d0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240729/bb72b709/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list