[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Sep 11 11:37:07 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e04f0045 by Moritz Muehlenhoff at 2024-09-11T12:36:48+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -129,11 +129,11 @@ CVE-2024-8232 (SpiderControl SCADA Web Server has a vulnerability that could all
 CVE-2024-7770 (The Bit File Manager \u2013 100% Free & Open Source File Manager and C ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-7699 (An low privileged remote attacker can execute OS commands with root pr ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-7698 (A low privileged remote attacker canget access to CSRF tokens of highe ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-6876 (Out-of-Bounds read vulnerability in OSCAT Basic Library allows an loca ...)
-	TODO: check
+	NOT-FOR-US: OSCAT
 CVE-2024-6282 (The Master Addons \u2013 Free Widgets, Hover Effects, Toggle, Conditio ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-45845 (nix 2.24 through 2.24.5 allows directory traversal via a symlink in a  ...)
@@ -141,7 +141,7 @@ CVE-2024-45845 (nix 2.24 through 2.24.5 allows directory traversal via a symlink
 CVE-2024-45596 (Directus is a real-time API and App dashboard for managing SQL databas ...)
 	NOT-FOR-US: Directus
 CVE-2024-45595 (D-Tale is a visualizer for Pandas data structures. Users hosting D-Tal ...)
-	TODO: check
+	NOT-FOR-US: D-Tale
 CVE-2024-45593 (Nix is a package manager for Linux and other Unix systems. A bug in Ni ...)
 	TODO: check
 CVE-2024-45592 (auditor-bundle, formerly known as DoctrineAuditBundle, integrates audi ...)
@@ -238,23 +238,23 @@ CVE-2024-43455 (Windows Remote Desktop Licensing Service Spoofing Vulnerability)
 CVE-2024-43454 (Windows Remote Desktop Licensing Service Remote Code Execution Vulnera ...)
 	NOT-FOR-US: Microsoft
 CVE-2024-43393 (A low privileged remote attacker can perform configuration changes of  ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-43392 (A low privileged remote attacker can perform configuration changes of  ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-43391 (A low privileged remote attacker can perform configuration changes of  ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-43390 (A low privileged remote attacker can perform configuration changes of  ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-43389 (A low privileged remote attacker can perform configuration changes of  ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-43388 (A low privileged remote attacker with write permissions can reconfigur ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-43387 (A low privileged remote attacker can read and write files as root due  ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-43386 (A low privileged remote attacker can trigger the execution of arbitrar ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-43385 (A low privileged remote attacker can trigger theexecution of arbitrary ...)
-	TODO: check
+	NOT-FOR-US: Phoenix
 CVE-2024-43040 (Renwoxing Enterprise Intelligent Management System before v3.0 was dis ...)
 	NOT-FOR-US: Renwoxing Enterprise Intelligent Management System
 CVE-2024-42425 (Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains ...)
@@ -310,15 +310,15 @@ CVE-2024-38247 (Windows Graphics Component Elevation of Privilege Vulnerability)
 CVE-2024-38246 (Win32k Elevation of Privilege Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2024-38245 (Kernel Streaming Service Driver Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-38244 (Kernel Streaming Service Driver Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-38243 (Kernel Streaming Service Driver Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-38242 (Kernel Streaming Service Driver Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-38241 (Kernel Streaming Service Driver Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-38240 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
 	NOT-FOR-US: Microsoft
 CVE-2024-38239 (Windows Kerberos Elevation of Privilege Vulnerability)
@@ -356,7 +356,7 @@ CVE-2024-38217 (Windows Mark of the Web Security Feature Bypass Vulnerability)
 CVE-2024-38216 (Azure Stack Hub Elevation of Privilege Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2024-38194 (An authenticated attacker can exploit an improper authorization vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-38188 (Azure Network Watcher VM Agent Elevation of Privilege Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2024-38119 (Windows Network Address Translation (NAT) Remote Code Execution Vulner ...)
@@ -440,7 +440,7 @@ CVE-2024-21753 (A improper limitation of a pathname to a restricted directory ('
 CVE-2024-21416 (Windows TCP/IP Remote Code Execution Vulnerability)
 	TODO: check
 CVE-2023-6841 (A denial of service vulnerability was found in keycloak where the amou ...)
-	TODO: check
+	NOT-FOR-US: Keycloak
 CVE-2023-49069 (A vulnerability has been identified in Mendix Runtime V10 (All version ...)
 	TODO: check
 CVE-2023-44254 (An authorization bypass through user-controlled key[CWE-639] vulnerabi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e04f00455188b1201aee58c7bba83c5759f764f4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e04f00455188b1201aee58c7bba83c5759f764f4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240911/884186fb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list