[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 6 21:28:19 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0be368fb by Salvatore Bonaccorso at 2024-11-06T22:27:56+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30,85 +30,85 @@ CVE-2024-51754 (Twig is a template language for PHP. In a sandbox, an attacker c
 	NOTE: https://github.com/twigphp/Twig/security/advisories/GHSA-6377-hfv9-hqf6
 	NOTE: Fixed by: https://github.com/twigphp/Twig/commit/2bb8c2460a2c519c498df9b643d5277117155a73 (v3.14.1)
 CVE-2024-51751 (Gradio is an open-source Python package designed to enable quick build ...)
-	TODO: check
+	NOT-FOR-US: Gradio
 CVE-2024-50637 (UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in  ...)
-	TODO: check
+	NOT-FOR-US: UnoPim
 CVE-2024-50315
 	REJECTED
 CVE-2024-35146 (IBM Maximo Application Suite - Monitor Component 8.10.11, 8.11.8, and  ...)
 	NOT-FOR-US: IBM
 CVE-2024-20540 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20539 (A vulnerability in the web-based management interface of Cisco ISE cou ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20538 (A vulnerability in the web-based management interface of Cisco ISE cou ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20537 (A vulnerability in the web-based management interface of Cisco ISE cou ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20536 (A vulnerability in a REST API endpoint and web-based management interf ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20534 (A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco I ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20533 (A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco I ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20532 (A vulnerability in the API of Cisco ISE could allow an authenticated,  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20531 (A vulnerability in the API of Cisco ISE could allow an authenticated,  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20530 (A vulnerability in the web-based management interface of Cisco ISE cou ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20529 (A vulnerability in the API of Cisco ISE could allow an authenticated,  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20528 (A vulnerability in the API of Cisco ISE could allow an authenticated,  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20527 (A vulnerability in the API of Cisco ISE could allow an authenticated,  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20525 (A vulnerability in the web-based management interface of Cisco ISE cou ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20514 (A vulnerability in the web-based management interface of Cisco Evolved ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20511 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20507 (A vulnerability in the logging subsystem of Cisco Meeting Management c ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20504 (A vulnerability in the web-based management interface of Cisco AsyncOS ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20487 (A vulnerability in the web-based management interface of Cisco ISE cou ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20484 (A vulnerability in the External Agent Assignment Service (EAAS) featur ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20476 (A vulnerability in the web-based management interface of Cisco ISE cou ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20457 (A vulnerability in the logging component of Cisco Unified Communicatio ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20445 (A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco I ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20418 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-20371 (A vulnerability in the access control list (ACL) programming of Cisco  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-10920 (A vulnerability was found in mariazevedo88 travels-java-api up to 5.0. ...)
-	TODO: check
+	NOT-FOR-US: mariazevedo88 travels-java-api
 CVE-2024-10919 (A vulnerability has been found in didi Super-Jacoco 1.0 and classified ...)
-	TODO: check
+	NOT-FOR-US: didi Super-Jacoco
 CVE-2024-10916 (A vulnerability classified as problematic has been found in D-Link DNS ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-10915 (A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DN ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-10914 (A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DN ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-10715 (The MapPress Maps for WordPress plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10318 (A session fixation issue was discovered in the NGINX OpenID Connect re ...)
 	TODO: check
 CVE-2024-10186 (The Event post plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10168 (The Active Products Tables for WooCommerce. Use constructor to create  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10082 (CodeChecker is an analyzer tooling, defect database and viewer extensi ...)
-	TODO: check
+	NOT-FOR-US: CodeChecker
 CVE-2024-10081 (CodeChecker is an analyzer tooling, defect database and viewer extensi ...)
-	TODO: check
+	NOT-FOR-US: CodeChecker
 CVE-2024-9946 (The Social Share, Social Login and Social Comments Plugin \u2013 Super ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-9934 (The Wp-ImageZoom WordPress plugin through 1.1.0 does not sanitise and  ...)
@@ -133,9 +133,9 @@ CVE-2024-52043 (Generation of Error Message Containing Sensitive Informationin H
 CVE-2024-51756 (The cap-std project is organized around the eponymous `cap-std` crate, ...)
 	TODO: check
 CVE-2024-51745 (Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's file ...)
-	TODO: check
+	NOT-FOR-US: wasmtime
 CVE-2024-51358 (An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to  ...)
-	TODO: check
+	NOT-FOR-US: Linux Server Heimdall
 CVE-2024-51116 (Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflo ...)
 	NOT-FOR-US: Tenda
 CVE-2024-51115 (DCME-320 v7.4.12.90 was discovered to contain a command injection vuln ...)
@@ -352176,7 +352176,7 @@ CVE-2020-11861 (Unauthorized escalation of local privileges vulnerability on Mic
 CVE-2020-11860 (Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger prod ...)
 	NOT-FOR-US: Micro Focus
 CVE-2020-11859 (Improper Input Validation vulnerability in OpenText iManager allows Cr ...)
-	TODO: check
+	NOT-FOR-US: OpenText
 CVE-2020-11858 (Code execution with escalated privileges vulnerability in Micro Focus  ...)
 	NOT-FOR-US: Micro Focus
 CVE-2020-11857 (An Authorization Bypass vulnerability on Micro Focus Operation Bridge  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0be368fbf9ba8e7e2954f10d4fc8c954829ea52b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0be368fbf9ba8e7e2954f10d4fc8c954829ea52b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241106/3e2044f9/attachment.htm>

More information about the debian-security-tracker-commits mailing list