[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Oct 2 08:54:38 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7495f3e3 by Moritz Muehlenhoff at 2024-10-02T09:54:16+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,7 +53,7 @@ CVE-2024-8324 (The XO Slider plugin for WordPress is vulnerable to Stored Cross-
 CVE-2024-8288 (The Guten Post Layout \u2013 An Advanced Post Grid Collection for Word ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-47608 (Logicytics is designed to harvest and collect data for forensic analys ...)
-	TODO: check
+	NOT-FOR-US: Logicytics
 CVE-2024-47604 (NuGet Gallery is a package repository that powers nuget.org. The NuGet ...)
 	NOT-FOR-US: NuGet Gallery
 CVE-2024-47534 (go-tuf is a Go implementation of The Update Framework (TUF). The go-tu ...)
@@ -61,21 +61,21 @@ CVE-2024-47534 (go-tuf is a Go implementation of The Update Framework (TUF). The
 CVE-2024-47071 (OSS Endpoint Manager is an endpoint manager module for FreePBX. OSS En ...)
 	NOT-FOR-US: OSS Endpoint Manager
 CVE-2024-46276 (cute_png v1.05 was discovered to contain a heap buffer overflow via th ...)
-	TODO: check
+	NOT-FOR-US: cute_png
 CVE-2024-46274 (cute_png v1.05 was discovered to contain a heap buffer overflow via th ...)
-	TODO: check
+	NOT-FOR-US: cute_png
 CVE-2024-46267 (cute_png v1.05 was discovered to contain a heap buffer overflow via th ...)
-	TODO: check
+	NOT-FOR-US: cute_png
 CVE-2024-46264 (cute_png v1.05 was discovered to contain a heap buffer overflow via th ...)
-	TODO: check
+	NOT-FOR-US: cute_png
 CVE-2024-46263 (cute_png v1.05 was discovered to contain a stack overflow via the cp_d ...)
-	TODO: check
+	NOT-FOR-US: cute_png
 CVE-2024-46261 (cute_png v1.05 was discovered to contain a heap buffer overflow via th ...)
-	TODO: check
+	NOT-FOR-US: cute_png
 CVE-2024-46259 (cute_png v1.05 was discovered to contain a heap buffer overflow via th ...)
-	TODO: check
+	NOT-FOR-US: cute_png
 CVE-2024-46258 (cute_png v1.05 was discovered to contain a heap buffer overflow via th ...)
-	TODO: check
+	NOT-FOR-US: cute_png
 CVE-2024-46083 (Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting  ...)
 	NOT-FOR-US: Scriptcase
 CVE-2024-46081 (Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting  ...)
@@ -83,9 +83,9 @@ CVE-2024-46081 (Scriptcase v9.10.023 and before is vulnerable to Cross Site Scri
 CVE-2024-46079 (Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting  ...)
 	NOT-FOR-US: Scriptcase
 CVE-2024-45999 (A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, speci ...)
-	TODO: check
+	NOT-FOR-US: Cloudlog
 CVE-2024-45967 (Pagekit 1.0.18 is vulnerable to Cross Site Scripting (XSS) in index.ph ...)
-	TODO: check
+	NOT-FOR-US: Pagekit
 CVE-2024-45408 (eLabFTW is an open source electronic lab notebook for research labs. A ...)
 	NOT-FOR-US: eLabFTW
 CVE-2024-44744 (An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers  ...)
@@ -95,13 +95,13 @@ CVE-2024-44610 (PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway
 CVE-2024-42514 (A vulnerability in the legacy chat component of Mitel MiContact Center ...)
 	NOT-FOR-US: Mitel
 CVE-2024-41673 (Decidim is a participatory democracy framework. The version control fe ...)
-	TODO: check
+	NOT-FOR-US: Decidim
 CVE-2024-41276 (A vulnerability in Kaiten version 57.131.12 and earlier allows attacke ...)
-	TODO: check
+	NOT-FOR-US: Kaiten
 CVE-2024-31835 (Cross Site Scripting vulnerability in flatpress CMS Flatpress v1.3 all ...)
 	NOT-FOR-US: Flatpress
 CVE-2024-30132 (HCL Nomad server on Domino did not configure certain HTTP Security hea ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-25661 (In Infinera TNMS (Transcend Network Management System) 19.10.3, cleart ...)
 	NOT-FOR-US: Infinera TNMS (Transcend Network Management System)
 CVE-2024-25660 (The WebDAV service in Infinera TNMS (Transcend Network Management Syst ...)
@@ -113,7 +113,7 @@ CVE-2024-25658 (Cleartext storage of passwords in Infinera TNMS (Transcend Netwo
 CVE-2024-25632 (eLabFTW is an open source electronic lab notebook for research labs. I ...)
 	NOT-FOR-US: eLabFTW
 CVE-2023-7273 (Cross site request forgery in Kiteworks OwnCloud allows an unauthentic ...)
-	TODO: check
+	NOT-FOR-US: Kiteworks OwnCloud
 CVE-2023-3441 (An issue has been discovered in GitLab EE/CE affecting all versions st ...)
 	TODO: check
 CVE-2024-9403 (Memory safety bugs present in Firefox 130. Some of these bugs showed e ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7495f3e39826fc64cbd29cd482c02f517821ca55

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7495f3e39826fc64cbd29cd482c02f517821ca55
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241002/deb149bb/attachment.htm>

More information about the debian-security-tracker-commits mailing list