[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
92c77284 by Moritz Muehlenhoff at 2024-11-11T14:46:04+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51,7 +51,7 @@ CVE-2024-51571 (Improper Neutralization of Input During Web Page Generation (XSS
 CVE-2024-48939 (Insufficient validation performed on the REST API License file in Paxt ...)
 	NOT-FOR-US: Paxton Net2
 CVE-2024-41992 (Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0 allows OS c ...)
-	TODO: check
+	NOT-FOR-US: Wi-Fi Alliance wfa_dut
 CVE-2024-38826 (Authenticated users can upload specifically crafted files to leak serv ...)
 	NOT-FOR-US: Cloud Foundry
 CVE-2024-11066 (The D-Link DSL6740C modem has an OS Command Injection vulnerability, a ...)
@@ -73,19 +73,19 @@ CVE-2024-11059 (A vulnerability was found in Project Worlds Free Download Online
 CVE-2024-11058 (A vulnerability was found in CodeAstro Real Estate Management System u ...)
 	NOT-FOR-US: CodeAstro Real Estate Management System
 CVE-2024-11021 (Webopac from Grand Vice info has Stored Cross-site Scripting vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Webopac
 CVE-2024-11020 (Webopac from Grand Vice info has a SQL Injection vulnerability, allowi ...)
-	TODO: check
+	NOT-FOR-US: Webopac
 CVE-2024-11019 (Webopac from Grand Vice info has a Reflected Cross-site Scripting vuln ...)
-	TODO: check
+	NOT-FOR-US: Webopac
 CVE-2024-11018 (Webopac from Grand Vice info does not properly validate uploaded file  ...)
-	TODO: check
+	NOT-FOR-US: Webopac
 CVE-2024-11017 (Webopac from Grand Vice info does not properly validate uploaded file  ...)
-	TODO: check
+	NOT-FOR-US: Webopac
 CVE-2024-11016 (Webopac from Grand Vice info has a SQL Injection vulnerability, allowi ...)
-	TODO: check
+	NOT-FOR-US: Webopac
 CVE-2023-40457 (The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allo ...)
-	TODO: check
+	NOT-FOR-US: EXOS
 CVE-2024-51584 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-51583 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -358343,11 +358343,11 @@ CVE-2020-10370 (Certain Cypress (and Broadcom) Wireless Combo chips such as CYW4
 	- bluez-firmware <not-affected> (BCM4345C0.hcd introduced already in fixed version in Debian with bluez-firmware/1.2-6)
 	NOTE: https://github.com/RPi-Distro/bluez-firmware/commit/8445a53ce2c51a77472b908a0c8f6f8e1fa5c37a
 CVE-2020-10369 (Certain Cypress (and Broadcom) Wireless Combo chips, when a January 20 ...)
-	TODO: check
+	NOT-FOR-US: Cypress (and Broadcom) Wireless Combo
 CVE-2020-10368 (Certain Cypress (and Broadcom) Wireless Combo chips, when a January 20 ...)
-	TODO: check
+	NOT-FOR-US: Cypress (and Broadcom) Wireless Combo
 CVE-2020-10367 (Certain Cypress (and Broadcom) Wireless Combo chips, when a January 20 ...)
-	TODO: check
+	NOT-FOR-US: Cypress (and Broadcom) Wireless Combo
 CVE-2020-10366 (LogicalDoc before 8.3.3 allows /servlet.gupld Directory Traversal, a d ...)
 	NOT-FOR-US: LogicalDoc
 CVE-2020-10365 (LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92c77284c4c97aaeabdc4d796e10f9d4c9d549fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92c77284c4c97aaeabdc4d796e10f9d4c9d549fd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241111/e1f2d5c2/attachment.htm>