[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 18 20:47:44 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e0ea67e by Salvatore Bonaccorso at 2024-11-18T21:47:18+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -70,11 +70,11 @@ CVE-2024-52316 (Unchecked Error Condition vulnerability in Apache Tomcat. If Tom
 CVE-2024-52303 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...)
 	TODO: check
 CVE-2024-51743 (MarkUs is a web application for the submission and grading of student  ...)
-	TODO: check
+	NOT-FOR-US: MarkUs
 CVE-2024-51499 (MarkUs is a web application for the submission and grading of student  ...)
-	TODO: check
+	NOT-FOR-US: MarkUs
 CVE-2024-50919 (Jpress until v5.1.1 has arbitrary file uploads on the windows platform ...)
-	TODO: check
+	NOT-FOR-US: Jpress
 CVE-2024-48917 (PhpSpreadsheet is a PHP library for reading and writing spreadsheet fi ...)
 	TODO: check
 CVE-2024-48901 (A vulnerability was found in Moodle. Additional checks are required to ...)
@@ -86,21 +86,21 @@ CVE-2024-48897 (A vulnerability was found in Moodle. Additional checks are requi
 CVE-2024-48896 (A vulnerability was found in Moodle. It is possible for users with the ...)
 	TODO: check
 CVE-2024-48294 (A NULL pointer dereference in the component libPdfCore.dll of Wondersh ...)
-	TODO: check
+	NOT-FOR-US: Wondershare PDF Reader
 CVE-2024-48293 (Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and ear ...)
-	TODO: check
+	NOT-FOR-US: QuickHeal Antivirus Pro
 CVE-2024-48292 (An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version  ...)
-	TODO: check
+	NOT-FOR-US: QuickHeal Antivirus Pro
 CVE-2024-47873 (PhpSpreadsheet is a PHP library for reading and writing spreadsheet fi ...)
 	TODO: check
 CVE-2024-47820 (MarkUs, a web application for the submission and grading of student as ...)
-	TODO: check
+	NOT-FOR-US: MarkUs
 CVE-2024-47533 (Cobbler, a Linux installation server that allows for rapid setup of ne ...)
 	TODO: check
 CVE-2024-44757 (An arbitrary file download vulnerability in the component /Basics/Down ...)
-	TODO: check
+	NOT-FOR-US: NUS-M9 ERP Management Software
 CVE-2024-44756 (NUS-M9 ERP Management Software v3.0.0 was discovered to contain a SQL  ...)
-	TODO: check
+	NOT-FOR-US: NUS-M9 ERP Management Software
 CVE-2024-43416 (GLPI is a free asset and IT management software package. Starting in v ...)
 	TODO: check
 CVE-2024-42392 (Improper Neutralization of Delimiters vulnerability in Cesanta Mongoos ...)
@@ -124,27 +124,27 @@ CVE-2024-42384 (Integer Overflow or Wraparound vulnerability in Cesanta Mongoose
 CVE-2024-42383 (Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose W ...)
 	TODO: check
 CVE-2024-41974 (A low privileged remote attackermay modify the BACNet service properti ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2024-41973 (A low privileged remote attacker canspecify an arbitrary file on the f ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2024-41972 (A low privileged remote attacker canoverwrite an arbitrary file on the ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2024-41971 (A low privileged remote attacker can overwrite an arbitrary file on th ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2024-41970 (A low privileged remote attackermay gain access to forbidden diagnosti ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2024-41969 (A low privileged remote attacker maymodify the configuration of the CO ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2024-41968 (A low privileged remote attacker may modify the docker settings setup  ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2024-41967 (A low privileged remote attackermay modify the boot mode configuration ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2024-3370 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Egebilgi Software Website Template
 CVE-2024-37155 (OpenCTI is an open source platform allowing organizations to manage th ...)
 	TODO: check
 CVE-2024-28058 (In RSA NetWitness (NW) Platform before 12.5.1, even when an administra ...)
-	TODO: check
+	NOT-FOR-US: RSA NetWitness (NW) Platform
 CVE-2024-11319 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	TODO: check
 CVE-2024-11318 (An IDOR (Insecure Direct Object Reference) vulnerability has been disc ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e0ea67e7aad4c3e9a1885780983014d31252e03

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e0ea67e7aad4c3e9a1885780983014d31252e03
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241118/12e82ce5/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list