[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Aug 2 16:47:38 BST 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
deb83d78 by Moritz Mühlenhoff at 2023-08-02T17:47:06+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10,17 +10,17 @@ CVE-2023-3731 (Use after free in Diagnostics in Google Chrome on ChromeOS prior
 CVE-2023-3729 (Use after free in Splitscreen in Google Chrome on ChromeOS prior to 11 ...)
 	NOT-FOR-US: Google Chrome on ChromeOS
 CVE-2023-3494 (The fwctl driver implements a state machine which is executed when a b ...)
-	TODO: check
+	NOT-FOR-US: bhyve
 CVE-2023-3107 (A set of carefully crafted ipv6 packets can trigger an integer overflo ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD
 CVE-2023-38990 (An issue in the delete function in the MenuController class of jeesite ...)
-	TODO: check
+	NOT-FOR-US: jeesite
 CVE-2023-38556 (Improper input validation vulnerability in SEIKO EPSON printer Web Con ...)
-	TODO: check
+	NOT-FOR-US: SEIKO
 CVE-2023-36351 (An issue in Viatom Health ViHealth for Android v.2.74.58 and before al ...)
 	NOT-FOR-US: Viatom Health ViHealth for Android
 CVE-2023-36121 (Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote att ...)
-	TODO: check
+	NOT-FOR-US: e107
 CVE-2023-36118 (Cross Site Scripting vulnerability in Faculty Evaulation System using  ...)
 	NOT-FOR-US: Faculty Evaulation System
 CVE-2023-34869 (PHPJabbers Catering System v1.0 was discovered to contain a cross-site ...)
@@ -36,27 +36,27 @@ CVE-2023-33561 (Improper input validation of password parameter in PHP Jabbers T
 CVE-2023-33560 (There is a Cross Site Scripting (XSS) vulnerability in "cid" parameter ...)
 	NOT-FOR-US: PHP Jabbers Time Slots Booking Calendar
 CVE-2023-31928 (A reflected cross-site scripting (XSS) vulnerability exists in Brocade ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31927 (An information disclosure in the web interface of Brocade Fabric OS ve ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31926 (System files could be overwritten using the less command in Brocade Fa ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31432 (Through manipulation of passwords or other variables, using commands s ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31431 (A buffer overflow vulnerability in \u201cdiagstatus\u201d command in B ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31430 (A buffer overflow vulnerability in \u201csecpolicydelete\u201d command ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31429 (Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a  ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31428 (Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a  ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31427 (Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2. ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31426 (The Brocade Fabric OS Commands \u201cconfigupload\u201d and \u201cconf ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-31425 (A vulnerability in the fosexec command of Brocade Fabric OS after Broc ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2023-4008
 	- gitlab <unfixed>
 CVE-2023-4011 (An issue has been discovered in GitLab EE affecting all versions from  ...)
@@ -76515,7 +76515,7 @@ CVE-2022-2418 (A vulnerability was found in URVE Web Manager. It has been classi
 CVE-2022-2417 (Insufficient validation in GitLab CE/EE affecting all versions from 12 ...)
 	- gitlab 15.10.8+ds1-2
 CVE-2022-2416 (In affected versions of Octopus Deploy it is possible for a low privil ...)
-	TODO: check
+	NOT-FOR-US: Octopus Deploy
 CVE-2022-2415 (Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53  ...)
 	{DSA-5168-1}
 	- chromium 103.0.5060.53-1
@@ -77975,7 +77975,7 @@ CVE-2022-35300
 CVE-2022-33939 (CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP45 ...)
 	NOT-FOR-US: Yokogawa CENTUM CS 3000
 CVE-2022-2346 (In affected versions of Octopus Deploy it is possible for a low privil ...)
-	TODO: check
+	NOT-FOR-US: Octopus Deploy
 CVE-2022-2345 (Use After Free in GitHub repository vim/vim prior to 9.0.0046.)
 	- vim 2:9.0.0135-1 (unimportant)
 	NOTE: https://huntr.dev/bounties/1eed7009-db6d-487b-bc41-8f2fd260483f



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deb83d78691090cbaa390d881046781887b8b32f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deb83d78691090cbaa390d881046781887b8b32f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230802/0eb6aabd/attachment.htm>


More information about the debian-security-tracker-commits mailing list