[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Wed Oct 23 10:06:51 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9d02c8f4 by Salvatore Bonaccorso at 2024-10-23T11:06:10+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25,35 +25,35 @@ CVE-2024-48415 (itsourcecode Loan Management System v1.0 is vulnerable to Cross
 CVE-2024-46914
 	REJECTED
 CVE-2024-46483 (Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in th ...)
-	TODO: check
+	NOT-FOR-US: Xlight FTP Server
 CVE-2024-46482 (An arbitrary file upload vulnerability in the Ticket Generation functi ...)
-	TODO: check
+	NOT-FOR-US: Ladybird Web Solution Faveo-Helpdesk
 CVE-2024-45526 (An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandar ...)
-	TODO: check
+	NOT-FOR-US: OPC Foundation OPCFoundation/UA-.NETStandard
 CVE-2024-44812 (SQL Injection vulnerability in Online Complaint Site v.1.0 allows a re ...)
-	TODO: check
+	NOT-FOR-US: Online Complaint Site
 CVE-2024-44331 (Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-s ...)
 	TODO: check
 CVE-2024-43924 (Missing Authorization vulnerability in dFactory Responsive Lightbox al ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-43812 (Kieback & Peter's DDC4000 serieshas an insufficiently protected creden ...)
-	TODO: check
+	NOT-FOR-US: Kieback & Peter's DDC4000 series
 CVE-2024-43698 (Kieback & Peter's DDC4000 seriesuses weak credentials, which may allow ...)
-	TODO: check
+	NOT-FOR-US: Kieback & Peter's DDC4000 series
 CVE-2024-42643 (Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote at ...)
 	TODO: check
 CVE-2024-41717 (Kieback & Peter's DDC4000 seriesis vulnerable to a path traversal vuln ...)
-	TODO: check
+	NOT-FOR-US: Kieback & Peter's DDC4000 series
 CVE-2024-40494 (Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to e ...)
 	TODO: check
 CVE-2024-40493 (Null Pointer Dereference in `coap_client_exchange_blockwise2` function ...)
 	TODO: check
 CVE-2024-31880 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-31029 (An issue in the server_handle_regular function of the test_coap_server ...)
 	TODO: check
 CVE-2024-26519 (An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a  ...)
-	TODO: check
+	NOT-FOR-US: Casa Systems NTC-221
 CVE-2024-10231 (Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a ...)
 	- chromium <unfixed>
 	[bullseye] - chromium <end-of-life> (see #1061268)
@@ -64,7 +64,7 @@ CVE-2024-10229 (Inappropriate implementation in Extensions in Google Chrome prio
 	- chromium <unfixed>
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-10045 (The Transients Manager plugin for WordPress is vulnerable to Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-50066 (In the Linux kernel, the following vulnerability has been resolved:  m ...)
 	- linux <unfixed>
 	[bookworm] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d02c8f4c3685900627c07a14d3d1dd61378d6d3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d02c8f4c3685900627c07a14d3d1dd61378d6d3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241023/2d739857/attachment.htm>
