[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Aug 7 21:29:43 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eeb8a314 by Salvatore Bonaccorso at 2023-08-07T22:29:15+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,11 +3,11 @@ CVE-2023-4205 (An out-of-bounds memory access flaw was found in the Linux kernel
 	NOTE: https://www.spinics.net/lists/kernel/msg4876594.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2228101
 CVE-2023-4201 (A vulnerability was found in SourceCodester Inventory Management Syste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Inventory Management System
 CVE-2023-4200 (A vulnerability has been found in SourceCodester Inventory Management  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Inventory Management System
 CVE-2023-4199 (A vulnerability, which was classified as critical, was found in Source ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Inventory Management System
 CVE-2023-3896 (Divide By Zero in vim/vim from9.0.1367-1 to9.0.1367-3)
 	- vim <unfixed>
 	NOTE: https://github.com/vim/vim/issues/12528
@@ -25,9 +25,9 @@ CVE-2023-3492 (The WP Shopping Pages WordPress plugin through 1.14 does not have
 CVE-2023-3365 (The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14 ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-39550 (Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0. ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-39524 (PrestaShop is an open source e-commerce web application. Prior to vers ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2023-39520 (Cryptomator encrypts data being stored on cloud infrastructure. The MS ...)
 	TODO: check
 CVE-2023-39363 (Vyer is a Pythonic Smart Contract Language for the Ethereum Virtual Ma ...)
@@ -59,35 +59,35 @@ CVE-2023-38930 (Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.
 CVE-2023-38929 (Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via th ...)
 	NOT-FOR-US: Tenda
 CVE-2023-38928 (Netgear R7100LG 1.0.0.78 was discovered to contain a command injection ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-38926 (Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow v ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-38925 (Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were disc ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-38924 (Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow  ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-38922 (Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0. ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-38921 (Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-38704 (`import-in-the-middle` is a module loading interceptor specifically fo ...)
 	TODO: check
 CVE-2023-38591 (Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer o ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-38412 (Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer ov ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-38392 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Hiroaki  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-38157 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2023-38045 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: Joomla advcomsys.com oneVote component
 CVE-2023-38044 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	TODO: check
 CVE-2023-36499 (Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer over ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2023-36220 (Directory Traversal vulnerability in Textpattern CMS v4.8.8 allows a r ...)
-	TODO: check
+	NOT-FOR-US: Textpattern CMS
 CVE-2023-36054 (lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 an ...)
 	TODO: check
 CVE-2023-34477 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -95,7 +95,7 @@ CVE-2023-34477 (Improper Neutralization of Special Elements used in an SQL Comma
 CVE-2023-34476 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	TODO: check
 CVE-2023-32783 (The event analysis component in Zoho ManageEngine ADAudit Plus 7.1.1 a ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2023-32090 (Pega platform clients who are using versions 6.1 through 7.3.1 may be  ...)
 	TODO: check
 CVE-2023-2843 (The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eeb8a31434c3974d700b7fe02d97b413ac4a6032

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eeb8a31434c3974d700b7fe02d97b413ac4a6032
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230807/c1b96573/attachment.htm>

More information about the debian-security-tracker-commits mailing list