[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Apr 15 09:58:02 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f60b2a27 by Salvatore Bonaccorso at 2023-04-15T10:57:38+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -450,11 +450,11 @@ CVE-2023-27513
CVE-2023-25774
RESERVED
CVE-2023-2077 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Traffic Offense Management System
CVE-2023-2076 (A vulnerability classified as problematic was found in Campcodes Onlin ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Traffic Offense Management System
CVE-2023-2075 (A vulnerability classified as critical has been found in Campcodes Onl ...)
- TODO: check
+ NOT-FOR-US: Campcodes Online Traffic Offense Management System
CVE-2023-2074 (A vulnerability was found in Campcodes Online Traffic Offense Manageme ...)
NOT-FOR-US: Campcodes Online Traffic Offense Management System
CVE-2023-2073 (A vulnerability was found in Campcodes Online Traffic Offense Manageme ...)
@@ -522,11 +522,11 @@ CVE-2023-2043 (A vulnerability, which was classified as problematic, was found i
CVE-2023-2042 (A vulnerability, which was classified as problematic, has been found i ...)
TODO: check
CVE-2023-2041 (A vulnerability classified as critical was found in novel-plus 3.6.2. ...)
- TODO: check
+ NOT-FOR-US: novel-plus
CVE-2023-2040 (A vulnerability classified as critical has been found in novel-plus 3. ...)
- TODO: check
+ NOT-FOR-US: novel-plus
CVE-2023-2039 (A vulnerability was found in novel-plus 3.6.2. It has been rated as cr ...)
- TODO: check
+ NOT-FOR-US: novel-plus
CVE-2023-2038 (A vulnerability was found in Campcodes Video Sharing Website 1.0. It h ...)
NOT-FOR-US: Campcodes Video Sharing Website
CVE-2023-2037 (A vulnerability was found in Campcodes Video Sharing Website 1.0. It h ...)
@@ -2730,7 +2730,7 @@ CVE-2023-29600
CVE-2023-29599
RESERVED
CVE-2023-29598 (lmxcms v1.4.1 was discovered to contain a SQL injection vulnerability ...)
- TODO: check
+ NOT-FOR-US: lmxcms
CVE-2023-29597 (bloofox v0.5.2 was discovered to contain a SQL injection vulnerability ...)
TODO: check
CVE-2023-29596
@@ -3525,7 +3525,7 @@ CVE-2023-1865 (The YourChannel plugin for WordPress is vulnerable to unauthorize
CVE-2023-1864
RESERVED
CVE-2023-1863 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: Eskom Computer Water Metering Software
CVE-2023-1862
RESERVED
CVE-2023-1861
@@ -3907,7 +3907,7 @@ CVE-2023-1835
CVE-2023-1834
RESERVED
CVE-2023-1833 (Authentication Bypass by Primary Weakness vulnerability in DTS Electro ...)
- TODO: check
+ NOT-FOR-US: DTS Electronics Redline Router firmware
CVE-2023-1832
RESERVED
CVE-2023-1831
@@ -4069,7 +4069,7 @@ CVE-2023-29201
CVE-2023-29200
RESERVED
CVE-2023-29199 (There exists a vulnerability in source code transformer (exception san ...)
- TODO: check
+ NOT-FOR-US: Node vm2
CVE-2023-29198
RESERVED
CVE-2023-29197
@@ -4081,7 +4081,7 @@ CVE-2023-29195
CVE-2023-29194 (Vitess is a database clustering system for horizontal scaling of MySQL ...)
TODO: check
CVE-2023-29193 (SpiceDB is an open source, Google Zanzibar-inspired, database system f ...)
- TODO: check
+ NOT-FOR-US: Go SpiceDB
CVE-2023-29192 (SilverwareGames.io versions before 1.2.19 allow users with access to t ...)
NOT-FOR-US: SilverwareGames.io
CVE-2023-29191
@@ -4137,7 +4137,7 @@ CVE-2023-1805
CVE-2023-1804
RESERVED
CVE-2023-1803 (Authentication Bypass by Alternate Name vulnerability in DTS Electroni ...)
- TODO: check
+ NOT-FOR-US: DTS Electronics Redline Router firmware
CVE-2023-1802 (In Docker Desktop 4.17.x the Artifactory Integration falls back to sen ...)
NOT-FOR-US: Docker Desktop
CVE-2023-1801 (The SMB protocol decoder in tcpdump version 4.99.3 can perform an out- ...)
@@ -4369,21 +4369,21 @@ CVE-2023-1765 (Improper Neutralization of Special Elements used in an SQL Comman
CVE-2023-29092
RESERVED
CVE-2023-29091 (An issue was discovered in Exynos Mobile Processor, Automotive Process ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-29090 (An issue was discovered in Exynos Mobile Processor, Automotive Process ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-29089 (An issue was discovered in Exynos Mobile Processor, Automotive Process ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-29088 (An issue was discovered in Exynos Mobile Processor, Automotive Process ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-29087 (An issue was discovered in Exynos Mobile Processor, Automotive Process ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-29086 (An issue was discovered in Exynos Mobile Processor, Automotive Process ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-29085 (An issue was discovered in Exynos Mobile Processor, Automotive Process ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-29084 (Zoho ManageEngine ADManager Plus through 7180 allows for authenticated ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2023-29083
RESERVED
CVE-2023-29082
@@ -4417,7 +4417,7 @@ CVE-2023-29069
CVE-2023-29068
RESERVED
CVE-2023-29067 (A maliciously crafted X_B file when parsed through Autodesk® Auto ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-29066
RESERVED
CVE-2023-29065
@@ -5340,7 +5340,7 @@ CVE-2023-1619
CVE-2023-1618
RESERVED
CVE-2023-1617 (Improper Authentication vulnerability in B&R Industrial Automation ...)
- TODO: check
+ NOT-FOR-US: B&R Industrial Automation
CVE-2023-1616 (A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has bee ...)
NOT-FOR-US: XiaoBingBy TeaCMS
CVE-2020-36691 (An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c a ...)
@@ -7786,7 +7786,7 @@ CVE-2023-28123
CVE-2023-28122
RESERVED
CVE-2023-28121 (An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28120
RESERVED
{DSA-5389-1}
@@ -7865,7 +7865,7 @@ CVE-2023-28093 (A user with a compromised configuration can start an unsigned bi
CVE-2023-28092
RESERVED
CVE-2023-28091 (HPE OneView virtual appliance "Migrate server hardware" option may exp ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2023-28090
RESERVED
CVE-2023-28089
@@ -7877,7 +7877,7 @@ CVE-2023-28087
CVE-2023-28086
RESERVED
CVE-2023-28085 (An HPE OneView Global Dashboard (OVGD) appliance dump may expose OVGD ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2023-28084
RESERVED
CVE-2023-28083 (A remote Cross-site Scripting vulnerability was discovered in HPE Inte ...)
@@ -8205,7 +8205,7 @@ CVE-2023-1287 (An XSL template vulnerability in ENOVIA Live Collaboration V6R201
CVE-2023-1286 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
NOT-FOR-US: pimcore
CVE-2023-1285 (Signal Handler Race Condition vulnerability in Mitsubishi Electric Ind ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi Electric
CVE-2023-27984 (A CWE-20: Improper Input Validation vulnerability exists in Custom Rep ...)
NOT-FOR-US: Schneider Electric
CVE-2023-27983 (A CWE-306: Missing Authentication for Critical Function vulnerability ...)
@@ -8389,13 +8389,13 @@ CVE-2023-XXXX [RUSTSEC-2023-0018]
NOTE: https://github.com/advisories/GHSA-mc8h-8q98-g5hr
NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0018.html
CVE-2023-27915 (A maliciously crafted X_B file when parsed through Autodesk® Auto ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-27914 (A maliciously crafted X_B file when parsed through Autodesk® Auto ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-27913 (A maliciously crafted X_B file when parsed through Autodesk® Auto ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-27912 (A maliciously crafted X_B file when parsed through Autodesk® Auto ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-27911
RESERVED
CVE-2023-27910
@@ -8530,7 +8530,7 @@ CVE-2023-27892
CVE-2023-27891 (rami.io pretix before 4.17.1 allows OAuth application authorization fr ...)
NOT-FOR-US: rami.io
CVE-2023-27890 (** UNSUPPORTED WHEN ASSIGNED ** The Export User plugin through 2.0 for ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2023-27878
RESERVED
CVE-2023-27877
@@ -8954,7 +8954,7 @@ CVE-2023-27781 (jpegoptim v1.5.2 was discovered to contain a heap overflow in th
CVE-2023-27780
RESERVED
CVE-2023-27779 (AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerab ...)
- TODO: check
+ NOT-FOR-US: AM Presencia
CVE-2023-27778
RESERVED
CVE-2023-27777
@@ -8968,7 +8968,7 @@ CVE-2023-27774
CVE-2023-27773
RESERVED
CVE-2023-27772 (libiec61850 v1.5.1 was discovered to contain a segmentation violation ...)
- TODO: check
+ NOT-FOR-US: libIEC61850
CVE-2023-27771 (An issue found in Wondershare Technology Co.,Ltd Creative Centerr v.1. ...)
NOT-FOR-US: Wondershare
CVE-2023-27770 (An issue found in Wondershare Technology Co.,Ltd Edraw-max v.12.0.4 al ...)
@@ -9016,11 +9016,11 @@ CVE-2023-27750
CVE-2023-27749
RESERVED
CVE-2023-27748 (BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity ...)
- TODO: check
+ NOT-FOR-US: BlackVue DR750-2CH LTE
CVE-2023-27747 (BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticati ...)
- TODO: check
+ NOT-FOR-US: BlackVue DR750-2CH LTE
CVE-2023-27746 (BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a ...)
- TODO: check
+ NOT-FOR-US: BlackVue DR750-2CH LTE
CVE-2023-27745
RESERVED
CVE-2023-27744
@@ -9178,9 +9178,9 @@ CVE-2023-27669
CVE-2023-27668
RESERVED
CVE-2023-27667 (Auto Dealer Management System v1.0 was discovered to contain a SQL inj ...)
- TODO: check
+ NOT-FOR-US: Auto Dealer Management System
CVE-2023-27666 (Auto Dealer Management System v1.0 was discovered to contain a cross-s ...)
- TODO: check
+ NOT-FOR-US: Auto Dealer Management System
CVE-2023-27665
RESERVED
CVE-2023-27664
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f60b2a27fa48fa7ceab8fe5c70ccd194484a8672
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f60b2a27fa48fa7ceab8fe5c70ccd194484a8672
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230415/e21f021b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list