[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 25 20:24:34 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
784477f7 by Salvatore Bonaccorso at 2024-11-25T21:24:10+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
 CVE-2024-8272 (The com.uaudio.bsd.helperservice, responsible for handling privileged  ...)
 	TODO: check
 CVE-2024-7915 (The application Sensei Mac Cleaner contains a local privilege escalati ...)
-	TODO: check
+	NOT-FOR-US: Sensei Mac Cleaner
 CVE-2024-7056 (The WPForms  WordPress plugin before 1.9.1.6 does not sanitise and esc ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-6393 (The Photo Gallery, Sliders, Proofing and   WordPress plugin before 3.5 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-53930 (WikiDocs before 1.0.65 allows stored XSS by authenticated users via da ...)
-	TODO: check
+	NOT-FOR-US: WikiDocs
 CVE-2024-53916 (In OpenStack Neutron through 25.0.0, neutron/extensions/tagging.py can ...)
 	TODO: check
 CVE-2024-53915 (An issue was discovered in the server in Veritas Enterprise Vault befo ...)
-	TODO: check
+	NOT-FOR-US: Veritas Enterprise Vault
 CVE-2024-53914 (An issue was discovered in the server in Veritas Enterprise Vault befo ...)
-	TODO: check
+	NOT-FOR-US: Veritas Enterprise Vault
 CVE-2024-53913 (An issue was discovered in the server in Veritas Enterprise Vault befo ...)
-	TODO: check
+	NOT-FOR-US: Veritas Enterprise Vault
 CVE-2024-53912 (An issue was discovered in the server in Veritas Enterprise Vault befo ...)
-	TODO: check
+	NOT-FOR-US: Veritas Enterprise Vault
 CVE-2024-53911 (An issue was discovered in the server in Veritas Enterprise Vault befo ...)
-	TODO: check
+	NOT-FOR-US: Veritas Enterprise Vault
 CVE-2024-53910 (An issue was discovered in the server in Veritas Enterprise Vault befo ...)
-	TODO: check
+	NOT-FOR-US: Veritas Enterprise Vault
 CVE-2024-53909 (An issue was discovered in the server in Veritas Enterprise Vault befo ...)
-	TODO: check
+	NOT-FOR-US: Veritas Enterprise Vault
 CVE-2024-53599 (A cross-site scripting (XSS) vulnerability in the /scroll.php endpoint ...)
-	TODO: check
+	NOT-FOR-US: LafeLabs Chaos
 CVE-2024-53268 (Joplin is an open source, privacy-focused note taking app with sync ca ...)
 	TODO: check
 CVE-2024-53262 (SvelteKit is a framework for rapidly developing robust, performant web ...)
-	TODO: check
+	NOT-FOR-US: SvelteKit
 CVE-2024-53261 (SvelteKit is a framework for rapidly developing robust, performant web ...)
-	TODO: check
+	NOT-FOR-US: SvelteKit
 CVE-2024-53258 (Autolab is a course management service that enables auto-graded progra ...)
-	TODO: check
+	NOT-FOR-US: Autolab
 CVE-2024-53255 (BoidCMS is a free and open-source flat file CMS for building simple we ...)
-	TODO: check
+	NOT-FOR-US: BoidCMS
 CVE-2024-52811 (The ngtcp2 project is an effort to implement IETF QUIC protocol in C.  ...)
 	TODO: check
 CVE-2024-52787 (An issue in the upload_documents method of libre-chat v0.0.6 allows at ...)
@@ -43,21 +43,21 @@ CVE-2024-52787 (An issue in the upload_documents method of libre-chat v0.0.6 all
 CVE-2024-52529 (Cilium is a networking, observability, and security solution with an e ...)
 	TODO: check
 CVE-2024-51723 (A Stored Cross-Site Scripting (XSS) vulnerability in the Management Co ...)
-	TODO: check
+	NOT-FOR-US: Management Console of BlackBerry AtHoc
 CVE-2024-45756 (An issue was discovered in Centreon centreon-open-tickets 24.10.x befo ...)
 	TODO: check
 CVE-2024-45755 (An issue was discovered in Centreon centreon-dsm-server 24.10.x before ...)
 	TODO: check
 CVE-2024-32468 (Deno is a runtime for JavaScript and TypeScript written in rust. Sever ...)
-	TODO: check
+	NOT-FOR-US: Deno
 CVE-2024-27134 (Excessive directory permissions in MLflow leads to local privilege esc ...)
-	TODO: check
+	NOT-FOR-US: mlflow
 CVE-2024-11672 (Incorrect authorization in the add permission component in Devolutions ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2024-11671 (Improper authentication in SQL data source MFA validation in Devolutio ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2024-11670 (Incorrect authorization in the permission validation component of Devo ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2024-11666 (Affected devices beacon to eCharge cloud infrastructure asking if ther ...)
 	TODO: check
 CVE-2024-11665 (Improper Neutralization of Special Elements used in a Command ('Comman ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/784477f79e617f53f26c01c36b497b63163ad76f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/784477f79e617f53f26c01c36b497b63163ad76f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241125/2221ef4e/attachment.htm>

More information about the debian-security-tracker-commits mailing list