[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 08 Jul 2024 13:27:52 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
df1f4602 by Salvatore Bonaccorso at 2024-07-08T22:27:02+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
 CVE-2024-6580 (The /n software IPWorks SSH library SFTPServer component can be 
induce ...)
-       TODO: check
+       NOT-FOR-US: /n software IPWorks SSH library SFTPServer component
 CVE-2024-6564 (Buffer overflow in "rcar_dev_init"  due to using due to using 
untruste ...)
        TODO: check
 CVE-2024-6563 (Buffer Copy without Checking Size of Input ('Classic Buffer 
Overflow') ...)
        TODO: check
 CVE-2024-6227 (A vulnerability in aimhubio/aim version 3.19.3 allows an 
attacker to c ...)
-       TODO: check
+       NOT-FOR-US: aimhubio/aim
 CVE-2024-6163 (Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 
2.2.0p31, <  ...)
        TODO: check
 CVE-2024-4882 (The user may be redirected to an arbitrary site in Sitefinity 
15.1.832 ...)
-       TODO: check
+       NOT-FOR-US: Sitefinity
 CVE-2024-4341 (Improper Privilege Management vulnerability in Ekstrem Bir 
Bilgisayar  ...)
-       TODO: check
+       NOT-FOR-US: Ekstrem Bir Bilgisayar Danismanlik Ic Ve Dis Ticaret Ltd. 
Sti. Extreme XDS
 CVE-2024-39896 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
-       TODO: check
+       NOT-FOR-US: Directus
 CVE-2024-39895 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
-       TODO: check
+       NOT-FOR-US: Directus
 CVE-2024-39743 (IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a 
user to ...)
        NOT-FOR-US: IBM
 CVE-2024-39742 (IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a 
user to ...)
        NOT-FOR-US: IBM
 CVE-2024-39701 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
-       TODO: check
+       NOT-FOR-US: Directus
 CVE-2024-39699 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
-       TODO: check
+       NOT-FOR-US: Directus
 CVE-2024-39695 (Exiv2 is a command-line utility and C++ library for reading, 
writing,  ...)
        TODO: check
 CVE-2024-39677 (NHibernate is an object-relational mapper for the .NET 
framework. A SQ ...)
@@ -33,15 +33,15 @@ CVE-2024-39312 (Botan is a C++ cryptography library. X.509 
certificates can iden
 CVE-2024-39308 (RailsAdmin is a Rails engine that provides an interface for 
managing d ...)
        TODO: check
 CVE-2024-39203 (A cross-site scripting (XSS) vulnerability in the Backend 
Theme Manage ...)
-       TODO: check
+       NOT-FOR-US: Backend Theme Management module of Z-BlogPHP
 CVE-2024-39202 (D-Link DIR-823X firmware - 240126 was discovered to contain a 
remote c ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2024-37999 (A vulnerability has been identified in Medicalis Workflow 
Orchestrator ...)
-       TODO: check
+       NOT-FOR-US: Medicalis Workflow Orchestrator
 CVE-2024-34702 (Botan is a C++ cryptography library. X.509 certificates can 
identify e ...)
        TODO: check
 CVE-2024-31504 (Buffer Overflow vulnerability in SILA Embedded Solutions GmbH 
freemodb ...)
-       TODO: check
+       NOT-FOR-US: SILA Embedded Solutions GmbH freemodbus
 CVE-2024-27903 (OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier 
could be lo ...)
        TODO: check
 CVE-2024-27459 (The interactive service in OpenVPN 2.6.9 and earlier allows an 
attacke ...)
@@ -51,7 +51,7 @@ CVE-2024-25639 (Khoj is an application that creates personal 
AI agents. The Khoj
 CVE-2024-24974 (The interactive service in OpenVPN 2.6.9 and earlier allows 
the OpenVP ...)
        TODO: check
 CVE-2024-23562 (A security vulnerability in HCL Domino could allow disclosure 
of sensi ...)
-       TODO: check
+       NOT-FOR-US: HCL Domino
 CVE-2024-21778 (A heap-based buffer overflow vulnerability exists in the 
configuration ...)
        TODO: check
 CVE-2024-1305 (tap-windows6 driver version 9.26 and earlier does not properly  
check  ...)
@@ -109,7 +109,7 @@ CVE-2024-37528 (IBM Cloud Pak for Business Automation 
18.0.0, 18.0.1, 18.0.2, 19
 CVE-2024-37389 (Apache NiFi 1.10.0 through 1.26.0 and 2.0.0-M1 through 
2.0.0-M3 suppor ...)
        NOT-FOR-US: Apache NiFi
 CVE-2024-34603 (Improper access control in Samsung Message prior to SMR 
Jul-2024 Relea ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-34602 (Use of implicit intent for sensitive communication in Samsung 
Messages ...)
        NOT-FOR-US: Samsung
 CVE-2024-31897 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 
19.0.1,  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df1f4602c05ce4522b0568d712c5f49a672c1a28

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df1f4602c05ce4522b0568d712c5f49a672c1a28
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to