[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f3bc7aea by Moritz Muehlenhoff at 2024-09-10T10:54:01+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2024-8611 (A vulnerability classified as critical was found in itsourcecode Tailo ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2024-8610 (A vulnerability classified as problematic has been found in SourceCode ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-8478 (The The Affiliate Super Assistent plugin for WordPress is vulnerable t ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-8268 (The Frontend Dashboard plugin for WordPress is vulnerable to unauthori ...)
@@ -29,13 +29,13 @@ CVE-2024-6342 (**UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability i
 CVE-2024-6173 (51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Gu ...)
 	NOT-FOR-US: Axis
 CVE-2024-45504 (Cross-site request forgery (CSRF) vulnerability in multiple Alps Syste ...)
-	TODO: check
+	NOT-FOR-US: InterSafe
 CVE-2024-45286 (Due to lack of proper authorization checks when calling user, a functi ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2024-45285 (The RFC enabled function module allows a low privileged user to perfor ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2024-45284 (An authenticated attacker with high privilege can use functions of SLC ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2024-45283 (SAP NetWeaver AS for Java allows an authorized attacker to obtain sens ...)
 	NOT-FOR-US: SAP
 CVE-2024-45281 (SAP BusinessObjects Business Intelligence Platform allows a high privi ...)
@@ -806,7 +806,7 @@ CVE-2024-45442 (Vulnerability of permission verification for APIs in the Downloa
 CVE-2024-45441 (Input verification vulnerability in the system service module Impact:  ...)
 	NOT-FOR-US: Huawei
 CVE-2024-45394 (Authenticator is a browser extensions that generates two-step verifica ...)
-	TODO: check
+	NOT-FOR-US: Authenticator extension
 CVE-2024-45314 (Flask-AppBuilder is an application development framework. Prior to ver ...)
 	- flask-appbuilder <unfixed>
 	NOTE: https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-fw5r-6m3x-rh7p
@@ -1516,7 +1516,7 @@ CVE-2024-1621 (The registration process of uniFLOW Online (NT-ware product) apps
 CVE-2023-7279 (A vulnerability has been found in Secure Systems Engineering Connaisse ...)
 	NOT-FOR-US: Secure Systems Engineering Connaisseur
 CVE-2020-36830 (A vulnerability was found in nescalante urlregex up to 0.5.0 and class ...)
-	TODO: check
+	NOT-FOR-US: Node urlregex
 CVE-2024-44947 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
 	- linux 6.10.7-1
 	NOTE: https://git.kernel.org/linus/3c0da3d163eb32f1f91891efaade027fa9b245b9 (6.11-rc4)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3bc7aea612d0d58cbe14b4a0504092ed58146e2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3bc7aea612d0d58cbe14b4a0504092ed58146e2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240910/dc1e54ab/attachment-0001.htm>