[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 4 21:35:31 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
560e92f2 by Salvatore Bonaccorso at 2023-04-04T22:34:42+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1046,16 +1046,16 @@ CVE-2023-28744
 CVE-2023-1672
 	RESERVED
 CVE-2023-1671 (A pre-auth command injection vulnerability in the warn-proceed handler ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2023-1670 (A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-car ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/e8d20c3ded59a092532513c9bd030d1ea66f5f44
 CVE-2023-1669
 	RESERVED
 CVE-2022-4934 (A post-auth command injection vulnerability in the exception wizard of ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2020-36692 (A reflected XSS via POST vulnerability in report scheduler of Sophos W ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2023-28934
 	RESERVED
 CVE-2023-28933
@@ -2164,7 +2164,7 @@ CVE-2023-28615
 CVE-2023-28614
 	RESERVED
 CVE-2023-28613 (An issue was discovered in Samsung Exynos Mobile Processor and Baseban ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2023-28612
 	RESERVED
 CVE-2023-28611 (Incorrect authorization in OMICRON StationGuard 1.10 through 2.20 and  ...)
@@ -5028,31 +5028,31 @@ CVE-2023-27773
 CVE-2023-27772
 	RESERVED
 CVE-2023-27771 (An issue found in Wondershare Technology Co.,Ltd Creative Centerr v.1. ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27770 (An issue found in Wondershare Technology Co.,Ltd Edraw-max v.12.0.4 al ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27769 (An issue found in Wondershare Technology Co.,Ltd PDF Reader v.1.0.1 al ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27768 (An issue found in Wondershare Technology Co.,Ltd PDFelement v9.1.1 all ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27767 (An issue found in Wondershare Technology Co.,Ltd Dr.Fone v.12.4.9 allo ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27766 (An issue found in Wondershare Technology Co.,Ltd Anireel 1.5.4 allows  ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27765 (An issue found in Wondershare Technology Co.,Ltd Recoverit v.10.6.3 al ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27764 (An issue found in Wondershare Technology Co.,Ltd Repairit v.3.5.4 allo ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27763 (An issue found in Wondershare Technology Co.,Ltd MobileTrans v.4.0.2 a ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27762 (An issue found in Wondershare Technology Co., Ltd DemoCreator v.6.0.0  ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27761 (An issue found in Wondershare Technology Co., Ltd UniConverter v.14.0. ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27760 (An issue found in Wondershare Technology Co, Ltd Filmora v.12.0.9 allo ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27759 (An issue found in Wondershare Technology Co, Ltd Edrawmind v.10.0.6 al ...)
-	TODO: check
+	NOT-FOR-US: Wondershare
 CVE-2023-27758
 	RESERVED
 CVE-2023-27757 (An arbitrary file upload vulnerability in the /admin/user/uploadImg co ...)
@@ -6864,7 +6864,7 @@ CVE-2023-27093 (Cross Site Scripting vulnerability found in My-Blog allows attac
 CVE-2023-27092
 	RESERVED
 CVE-2023-27091 (An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows a ...)
-	TODO: check
+	NOT-FOR-US: XiaoBingby TeaCMS
 CVE-2023-27090
 	RESERVED
 CVE-2023-27089 (Cross Site Scripting vulnerability found in Ehuacui BBS allows attacke ...)
@@ -7098,7 +7098,7 @@ CVE-2023-26976 (Tenda AC6 v15.03.05.09_multi was discovered to contain a stack o
 CVE-2023-26975
 	RESERVED
 CVE-2023-26974 (Irfanview v4.62 allows a user-mode write access violation via a crafte ...)
-	TODO: check
+	NOT-FOR-US: Irfanview
 CVE-2023-26973
 	RESERVED
 CVE-2023-26972
@@ -7341,7 +7341,7 @@ CVE-2023-26857
 CVE-2023-26856
 	RESERVED
 CVE-2023-26855 (The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt v ...)
-	TODO: check
+	NOT-FOR-US: ChurchCRM
 CVE-2023-26854
 	RESERVED
 CVE-2023-26853
@@ -7499,9 +7499,9 @@ CVE-2023-26778
 CVE-2023-26777 (Cross Site Scripting vulnerability found in :ouislam Uptime Kuma v.1.1 ...)
 	TODO: check
 CVE-2023-26776 (Cross Site Scripting vulnerability found in Monitorr v.1.7.6 allows a  ...)
-	TODO: check
+	NOT-FOR-US: Monitorr
 CVE-2023-26775 (File Upload vulnerability found in Monitorr v.1.7.6 allows a remote at ...)
-	TODO: check
+	NOT-FOR-US: Monitorr
 CVE-2023-26774
 	RESERVED
 CVE-2023-26773



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/560e92f2d5849955e1648abcc3133ce0706cc290

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/560e92f2d5849955e1648abcc3133ce0706cc290
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230404/0dfb180b/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list