[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Apr 3 21:31:12 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0a9fb734 by Salvatore Bonaccorso at 2023-04-03T22:30:40+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -317,9 +317,9 @@ CVE-2023-1768
CVE-2023-1767
RESERVED
CVE-2023-1766 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Akbim Computer Panon
CVE-2023-1765 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: Akbim Computer Panon
CVE-2023-29092
RESERVED
CVE-2023-29091
@@ -1161,7 +1161,7 @@ CVE-2023-28852
CVE-2023-28851 (Silverstripe Form Capture provides a method to capture simple silverst ...)
TODO: check
CVE-2023-28850 (Pimcore Perspective Editor provides an editor for Pimcore that allows ...)
- TODO: check
+ NOT-FOR-US: Pimcore Perspective Editor
CVE-2023-28849
RESERVED
CVE-2023-28848
@@ -7905,7 +7905,7 @@ CVE-2023-26531
CVE-2023-26530
RESERVED
CVE-2023-26529 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dupe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26528
RESERVED
CVE-2023-26527
@@ -8477,11 +8477,11 @@ CVE-2023-0979 (Improper Neutralization of Special Elements used in an SQL Comman
CVE-2023-0978 (A command injection vulnerability in Trellix Intelligent Sandbox CLI f ...)
NOT-FOR-US: Trellix
CVE-2023-0977 (A heap-based overflow vulnerability in Trellix Agent (Windows and Linu ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2023-0976
RESERVED
CVE-2023-0975 (A vulnerability exists in Trellix Agent for Windows version 5.7.8 and ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2023-0974
RESERVED
CVE-2023-0973 (STEPTools v18SP1 ifcmesh library (v18.1) is affected due to a null poi ...)
@@ -21218,11 +21218,11 @@ CVE-2022-4773 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as pro
CVE-2022-4772 (A vulnerability was found in Widoco and classified as critical. Affect ...)
NOT-FOR-US: Widoco
CVE-2022-4771 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-4770 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-4769 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-4768 (A vulnerability was found in Dropbox merou. It has been classified as ...)
NOT-FOR-US: Dropbox merou
CVE-2022-47318 (ruby-git versions prior to v1.13.0 allows a remote authenticated attac ...)
@@ -28786,7 +28786,7 @@ CVE-2022-46023
CVE-2022-46022
RESERVED
CVE-2022-46021 (X-Man 1.0 has a SQL injection vulnerability, which can cause data leak ...)
- TODO: check
+ NOT-FOR-US: X-Man
CVE-2022-46020 (WBCE CMS v1.5.4 can implement getshell by modifying the upload file ty ...)
NOT-FOR-US: WBCE CMS
CVE-2022-46019
@@ -31338,7 +31338,7 @@ CVE-2022-3962
CVE-2022-3961 (The Directorist WordPress plugin before 7.4.4 does not prevent users w ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3960 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-45167 (An issue was discovered in Archibus Web Central 2022.03.01.107. A serv ...)
NOT-FOR-US: Archibus Web Central
CVE-2022-45166 (An issue was discovered in Archibus Web Central 2022.03.01.107. A serv ...)
@@ -37370,13 +37370,13 @@ CVE-2022-43943
CVE-2022-43942
REJECTED
CVE-2022-43941 (Hitachi Vantara Pentaho Business Analytics Server versions before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43940 (Hitachi Vantara Pentaho Business Analytics Server versions before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43939 (Hitachi Vantara Pentaho Business Analytics Server versions before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43938 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43937
RESERVED
CVE-2022-43936
@@ -37724,15 +37724,15 @@ CVE-2022-43775 (The HICT_Loop class in Delta Electronics DIAEnergy v1.9 contains
CVE-2022-43774 (The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9 contain ...)
NOT-FOR-US: Delta Electronics DIAEnergy
CVE-2022-43773 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43772 (Hitachi Vantara Pentaho Business Analytics Server versions before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43771 (Hitachi Vantara Pentaho Business Analytics Server versions before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43770
RESERVED
CVE-2022-43769 (Hitachi Vantara Pentaho Business Analytics Server prior to versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43768
RESERVED
CVE-2022-43767
@@ -41615,7 +41615,7 @@ CVE-2022-42454 (Insights for Vulnerability Remediation (IVR) is vulnerable to ma
CVE-2022-42453 (There are insufficient warnings when a Fixlet is imported by a user. T ...)
NOT-FOR-US: HCL
CVE-2022-42452 (HCL Launch is vulnerable to HTML injection. HTML code is stored and in ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2022-42451
RESERVED
CVE-2022-42450
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a9fb7340f1867d787a253ba3d974077ebf77e67
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a9fb7340f1867d787a253ba3d974077ebf77e67
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230403/5c118caa/attachment.htm>
More information about the debian-security-tracker-commits
mailing list