[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 28 21:39:29 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0bb978b1 by Salvatore Bonaccorso at 2024-05-28T22:38:55+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39,65 +39,65 @@ CVE-2024-35581 (A cross-site scripting (XSS) vulnerability in Sourcecodester Lab
 CVE-2024-35563 (CDG-Server-V5.6.2.126.139 and earlier was discovered to contain a SQL  ...)
 	TODO: check
 CVE-2024-35510 (An arbitrary file upload vulnerability in /dede/file_manage_control.ph ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2024-35403 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a sta ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35401 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a com ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35400 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a sta ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35399 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a sta ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35398 (TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a sta ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35397 (TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a co ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2024-35344 (Certain Anpviz products contain a hardcoded cryptographic key stored i ...)
-	TODO: check
+	NOT-FOR-US: Anpviz
 CVE-2024-35343 (Certain Anpviz products allow unauthenticated users to download arbitr ...)
-	TODO: check
+	NOT-FOR-US: Anpviz
 CVE-2024-35342 (Certain Anpviz products allow unauthenticated users to modify or disab ...)
-	TODO: check
+	NOT-FOR-US: Anpviz
 CVE-2024-35341 (Certain Anpviz products allow unauthenticated users to download the ru ...)
-	TODO: check
+	NOT-FOR-US: Anpviz
 CVE-2024-35324 (Douchat 4.0.5 suffers from an arbitrary file upload vulnerability via  ...)
-	TODO: check
+	NOT-FOR-US: Douchat
 CVE-2024-34854 (F-logic DataCube3 v1.0 is vulnerable to File Upload via `/admin/transc ...)
-	TODO: check
+	NOT-FOR-US: F-logic DataCube3
 CVE-2024-34852 (F-logic DataCube3 v1.0 is affected by command injection due to imprope ...)
-	TODO: check
+	NOT-FOR-US: F-logic DataCube3
 CVE-2024-33849 (ci solution CI-Out-of-Office Manager through 6.0.0.77 uses a Hard-code ...)
-	TODO: check
+	NOT-FOR-US: ci solution CI-Out-of-Office Manager
 CVE-2024-33808 (A SQL injection vulnerability in /model/get_timetable.php in campcodes ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33807 (A SQL injection vulnerability in /model/get_teacher_timetable.php in c ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33806 (A SQL injection vulnerability in /model/get_grade.php in campcodes Com ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33805 (A SQL injection vulnerability in /model/get_student.php in campcodes C ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33804 (A SQL injection vulnerability in /model/get_subject.php in campcodes C ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33803 (A SQL injection vulnerability in /model/get_exam.php in campcodes Comp ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33802 (A SQL injection vulnerability in /model/get_student_subject.php in cam ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33801 (A SQL injection vulnerability in /model/get_subject_routing.php in cam ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33800 (A SQL injection vulnerability in /model/get_student1.php in campcodes  ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33799 (A SQL injection vulnerability in /model/get_teacher.php in campcodes C ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-33450 (SQL Injection in Finereport v.8.0 allows a remote attacker to obtain s ...)
-	TODO: check
+	NOT-FOR-US: Finereport
 CVE-2024-33402 (A SQL injection vulnerability in /model/approve_petty_cash.php in camp ...)
-	TODO: check
+	NOT-FOR-US: campcodes Complete Web-Based School Management System
 CVE-2024-30212 (If a SCSI READ(10) command is initiated via USB using the largest LBA  ...)
 	TODO: check
 CVE-2024-30165 (Amazon AWS Client VPN before 3.9.1 on macOS has a buffer overflow that ...)
-	TODO: check
+	NOT-FOR-US: Amazon AWS Client VPN
 CVE-2024-30164 (Amazon AWS Client VPN has a buffer overflow that could potentially all ...)
-	TODO: check
+	NOT-FOR-US: Amazon AWS Client VPN
 CVE-2024-2451 (Improper fingerprint validation in the TeamViewer Client (Full & Host) ...)
 	TODO: check
 CVE-2024-2199 (A denial of service vulnerability was found in 389-ds-base ldap server ...)
@@ -105,35 +105,35 @@ CVE-2024-2199 (A denial of service vulnerability was found in 389-ds-base ldap s
 CVE-2024-29072 (A privilege escalation vulnerability exists in the Foxit Reader 2024.2 ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2024-28061 (An issue was discovered in Apiris Kafeo 6.4.4. It permits a bypass, of ...)
-	TODO: check
+	NOT-FOR-US: Apiris Kafeo
 CVE-2024-28060 (An issue was discovered in Apiris Kafeo 6.4.4. It permits DLL hijackin ...)
-	TODO: check
+	NOT-FOR-US: Apiris Kafeo
 CVE-2024-26024 (SUBNET Solutions Inc. has identified vulnerabilities in third-party co ...)
 	TODO: check
 CVE-2024-24963 (A stack-based buffer overflow vulnerability exists in the Programming  ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24962 (A stack-based buffer overflow vulnerability exists in the Programming  ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24959 (Several out-of-bounds write vulnerabilities exist in the Programming S ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24958 (Several out-of-bounds write vulnerabilities exist in the Programming S ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24957 (Several out-of-bounds write vulnerabilities exist in the Programming S ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24956 (Several out-of-bounds write vulnerabilities exist in the Programming S ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24955 (Several out-of-bounds write vulnerabilities exist in the Programming S ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24954 (Several out-of-bounds write vulnerabilities exist in the Programming S ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24947 (A heap-based buffer overflow vulnerability exists in the Programming S ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24946 (A heap-based buffer overflow vulnerability exists in the Programming S ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24919 (Potentially allowing an attacker to read certain information on Check  ...)
-	TODO: check
+	NOT-FOR-US: Check Point Security Gateways
 CVE-2024-24851 (A heap-based buffer overflow vulnerability exists in the Programming S ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2024-24686 (Multiple stack-based buffer overflow vulnerabilities exist in the read ...)
 	TODO: check
 CVE-2024-24685 (Multiple stack-based buffer overflow vulnerabilities exist in the read ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bb978b1d45343fad1e6e6fd405936b5605b6583

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bb978b1d45343fad1e6e6fd405936b5605b6583
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240528/78f02a91/attachment.htm>

More information about the debian-security-tracker-commits mailing list