[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Sep 2 21:27:08 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
96edacfb by Salvatore Bonaccorso at 2024-09-02T22:26:34+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2024-8004 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
-	TODO: check
+	NOT-FOR-US: 3DEXPERIENCE
 CVE-2024-7939 (A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in  ...)
-	TODO: check
+	NOT-FOR-US: 3DEXPERIENCE
 CVE-2024-7938 (A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboar ...)
-	TODO: check
+	NOT-FOR-US: 3DEXPERIENCE
 CVE-2024-7932 (A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboar ...)
-	TODO: check
+	NOT-FOR-US: 3DEXPERIENCE
 CVE-2024-6921 (Cleartext Storage of Sensitive Information vulnerability in NAC Teleco ...)
-	TODO: check
+	NOT-FOR-US: NAC Telecommunication Systems Inc. NACPremium
 CVE-2024-6920 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: NAC Telecommunication Systems Inc. NACPremium
 CVE-2024-6919 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: NAC Telecommunication Systems Inc. NACPremium
 CVE-2024-45622 (ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3 ...)
-	TODO: check
+	NOT-FOR-US: ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3)
 CVE-2024-45621 (The Electron desktop application of Rocket.Chat through 6.3.4 allows s ...)
 	TODO: check
 CVE-2024-45388 (Hoverfly is a lightweight service virtualization/ API simulation / API ...)
@@ -33,61 +33,61 @@ CVE-2024-45305 (gix-path is a crate of the gitoxide project dealing with git pat
 CVE-2024-43801 (Jellyfin is an open source self hosted media server. The Jellyfin user ...)
 	TODO: check
 CVE-2024-43797 (audiobookshelf is a self-hosted audiobook and podcast server. A non-ad ...)
-	TODO: check
+	NOT-FOR-US: Audiobookshelf
 CVE-2024-43792 (Halo is an open source website building tool. A security vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Halo
 CVE-2024-42471 (actions/artifact is the GitHub ToolKit for developing GitHub Actions.  ...)
 	TODO: check
 CVE-2024-38858 (Improper neutralization of input in Checkmk before version 2.3.0p14 al ...)
 	TODO: check
 CVE-2024-38402 (Memory corruption while processing IOCTL call for getting group info.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-38401 (Memory corruption while processing concurrent IOCTL calls.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33060 (Memory corruption when two threads try to map and unmap a single node  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33057 (Transient DOS while parsing the multi-link element Control field when  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33054 (Memory corruption during the handshake between the Primary Virtual Mac ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33052 (Memory corruption when user provides data for FM HCI command control o ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33051 (Transient DOS while processing TIM IE from beacon frame as there is no ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33050 (Transient DOS while parsing MBSSID during new IE generation in beacon/ ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33048 (Transient DOS while parsing the received TID-to-link mapping element o ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33047 (Memory corruption when the captureRead QDCM command is invoked from us ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33045 (Memory corruption when BTFM client sends new messages over Slimbus to  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33043 (Transient DOS while handling PS event when Program Service name length ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33042 (Memory corruption when Alternative Frequency offset value is set to 25 ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33038 (Memory corruption while passing untrusted/corrupted pointers from DSP  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33035 (Memory corruption while calculating total metadata size when a very hi ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33016 (memory corruption when an invalid firehose patch command is invoked.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-28100 (eLabFTW is an open source electronic lab notebook for research labs. B ...)
-	TODO: check
+	NOT-FOR-US: eLabFTW
 CVE-2024-23365 (Memory corruption while releasing shared resources in MinkSocket liste ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23364 (Transient DOS when processing the non-transmitted BSSID profile sub-el ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23362 (Cryptographic issue while parsing RSA keys in COBR format.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23359 (Information disclosure while decoding Tracking Area Update Accept or A ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23358 (Transient DOS when registration accept OTA is received with incorrect  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-1621 (The registration process of uniFLOW Online (NT-ware product) apps, pri ...)
-	TODO: check
+	NOT-FOR-US: uniFLOW Online (NT-ware product) apps
 CVE-2023-7279 (A vulnerability has been found in Secure Systems Engineering Connaisse ...)
-	TODO: check
+	NOT-FOR-US: Secure Systems Engineering Connaisseur
 CVE-2020-36830 (A vulnerability was found in nescalante urlregex up to 0.5.0 and class ...)
 	TODO: check
 CVE-2024-44947 (In the Linux kernel, the following vulnerability has been resolved:  f ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96edacfb1f5ff613d9eae0067a8fb7331ad136f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96edacfb1f5ff613d9eae0067a8fb7331ad136f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240902/5d881874/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list