[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Oct 24 10:27:07 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
17c014a8 by Moritz Muehlenhoff at 2024-10-24T11:26:59+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -59,7 +59,7 @@ CVE-2024-50382 (Botan before 3.6.0, when certain LLVM versions are used, has com
 CVE-2024-50050 (Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 ...)
 	NOT-FOR-US: Llama Stack
 CVE-2024-49756 (AshPostgres is the PostgreSQL data layer for Ash Framework. Starting i ...)
-	TODO: check
+	NOT-FOR-US: AshPostgres
 CVE-2024-49751 (Press, a Frappe custom app that runs Frappe Cloud, manages infrastruct ...)
 	NOT-FOR-US: Press app for Frappe
 CVE-2024-49701 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
@@ -145,7 +145,7 @@ CVE-2024-20409 (A vulnerability in the web-based management interface of Cisco F
 CVE-2024-20408 (A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco  ...)
 	NOT-FOR-US: Cisco
 CVE-2024-20407 (A vulnerability in the interaction between the TCP Intercept feature a ...)
-	TODO: check
+	NOT-FOR-US: Cisco, appears specific to Snort integration into Cisco products
 CVE-2024-20403 (A vulnerability in the web-based management interface of Cisco Firepow ...)
 	NOT-FOR-US: Cisco
 CVE-2024-20402 (A vulnerability in the SSL VPN feature for Cisco Adaptive Security App ...)
@@ -173,7 +173,7 @@ CVE-2024-20370 (A vulnerability in the Cisco FXOS CLI feature on specific hardwa
 CVE-2024-20364 (A vulnerability in the web-based management interface of Cisco Firepow ...)
 	NOT-FOR-US: Cisco
 CVE-2024-20351 (A vulnerability in the TCP/IP traffic handling function of the Snort D ...)
-	TODO: check
+	NOT-FOR-US: Cisco, appears specific to Snort integration into Cisco products
 CVE-2024-20342 (Multiple Cisco products are affected by a vulnerability in the rate fi ...)
 	NOT-FOR-US: Cisco
 CVE-2024-20341 (A vulnerability in the VPN web client services feature of Cisco Adapti ...)
@@ -185,7 +185,7 @@ CVE-2024-20339 (A vulnerability in the TLS processing feature of Cisco Firepower
 CVE-2024-20331 (A vulnerability in the session authentication functionality of the Rem ...)
 	NOT-FOR-US: Cisco
 CVE-2024-20330 (A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engin ...)
-	TODO: check
+	NOT-FOR-US: Cisco, appears specific to Snort integration into Cisco products
 CVE-2024-20329 (A vulnerability in the SSH subsystem of Cisco Adaptive Security Applia ...)
 	NOT-FOR-US: Cisco
 CVE-2024-20300 (A vulnerability in the web-based management interface of Cisco Firepow ...)
@@ -231,13 +231,13 @@ CVE-2024-10291 (A vulnerability has been found in ZZCMS 2023 and classified as c
 CVE-2024-10290 (A vulnerability, which was classified as problematic, was found in ZZC ...)
 	NOT-FOR-US: ZZCMS
 CVE-2024-10289 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 t ...)
-	TODO: check
+	NOT-FOR-US: LocalServer
 CVE-2024-10288 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 t ...)
-	TODO: check
+	NOT-FOR-US: LocalServer
 CVE-2024-10287 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 t ...)
-	TODO: check
+	NOT-FOR-US: LocalServer
 CVE-2024-10286 (Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 t ...)
-	TODO: check
+	NOT-FOR-US: LocalServer
 CVE-2024-10283 (A vulnerability, which was classified as critical, has been found in T ...)
 	NOT-FOR-US: Tenda
 CVE-2024-10282 (A vulnerability classified as critical was found in Tenda RX9 and RX9  ...)
@@ -253,7 +253,7 @@ CVE-2024-10278 (A vulnerability was found in ESAFENET CDG 5. It has been classif
 CVE-2024-10277 (A vulnerability was found in ESAFENET CDG 5 and classified as critical ...)
 	NOT-FOR-US: ESAFENET CDG
 CVE-2024-10276 (A vulnerability has been found in Tektronix Sentry 6.0.9 and classifie ...)
-	TODO: check
+	NOT-FOR-US: Tektronix
 CVE-2024-10250 (The Nioland theme for WordPress is vulnerable to Reflected Cross-Site  ...)
 	NOT-FOR-US: WordPress theme
 CVE-2024-10041 (A vulnerability was found in PAM. The secret information is stored in  ...)
@@ -273,7 +273,7 @@ CVE-2024-9530 (The Qi Addons For Elementor plugin for WordPress is vulnerable to
 CVE-2024-7587 (Incorrect Default Permissions vulnerability in GenBroker32, which is i ...)
 	NOT-FOR-US: Mitsubishi Electric
 CVE-2024-48919 (Cursor is a code editor built for programming with AI. Prior to Sep 27 ...)
-	TODO: check
+	NOT-FOR-US: Cursor code editor
 CVE-2024-48657 (SQL Injection vulnerability in hospital management system in php with  ...)
 	NOT-FOR-US: hospital management system
 CVE-2024-48656 (Cross Site Scripting vulnerability in student management system in php ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17c014a89d4f7e257b41d37fcf5ab5cb4af25765

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17c014a89d4f7e257b41d37fcf5ab5cb4af25765
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241024/02ec2f7a/attachment.htm>

More information about the debian-security-tracker-commits mailing list