[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 22 21:49:34 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fd630e22 by Salvatore Bonaccorso at 2023-08-22T22:49:04+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -69,7 +69,7 @@ CVE-2023-37422 (Vulnerabilities in the web-based management interface of EdgeCon
 CVE-2023-37421 (Vulnerabilities in the web-based management interface of EdgeConnect S ...)
 	NOT-FOR-US: Aruba
 CVE-2023-36281 (An issue in langchain v.0.0.171 allows a remote attacker to execute ar ...)
-	TODO: check
+	NOT-FOR-US: langchain
 CVE-2023-34853 (Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b ...)
 	NOT-FOR-US: Supermicro motherboard X12DPG-QR
 CVE-2022-48571 (memcached 1.6.7 allows a Denial of Service via multi-packet uploads in ...)
@@ -29074,11 +29074,11 @@ CVE-2023-25917
 CVE-2023-25916
 	RESERVED
 CVE-2023-25915 (Due to improper input validation, a remote attacker could execute arbi ...)
-	TODO: check
+	NOT-FOR-US: Danfoss AK-SM80A
 CVE-2023-25914 (Due to improper restriction, attackers could retrieve and read system  ...)
-	TODO: check
+	NOT-FOR-US: Danfoss AK-SM80A
 CVE-2023-25913 (Because of an authentication flaw an attacker would be capable of gene ...)
-	TODO: check
+	NOT-FOR-US: Danfoss AK-SM80A
 CVE-2023-25912 (The webreport generation feature in the Danfoss AK-EM100 allows an una ...)
 	NOT-FOR-US: Danfoss AK-EM100
 CVE-2023-25911 (The Danfoss AK-EM100 web applications allow for OS command injection t ...)
@@ -33593,13 +33593,13 @@ CVE-2023-24519 (Two OS command injection vulnerability exist in the vtysh_ubus t
 CVE-2023-24518
 	RESERVED
 CVE-2023-24517 (Unrestricted Upload of File with Dangerous Type vulnerability in the P ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS File Manager component
 CVE-2023-24516 (Cross-site Scripting (XSS) vulnerability in the Pandora FMS Special Da ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-24515 (Server-Side Request Forgery (SSRF) vulnerability in API checker of Pan ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-24514 (Cross-site Scripting (XSS) vulnerability in Visual Console Module of P ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-23546 (A misconfiguration vulnerability exists in the urvpn_client functional ...)
 	NOT-FOR-US: Milesight UR32L
 CVE-2023-0507 (Grafana is an open-source platform for monitoring and observability.   ...)
@@ -36490,11 +36490,11 @@ CVE-2023-23589 (The SafeSocks option in Tor before 0.4.7.13 has a logic error in
 CVE-2023-23566 (A 2-Step Verification problem in Axigen 10.3.3.52 allows an attacker t ...)
 	NOT-FOR-US: Axigen
 CVE-2023-23565 (An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote  ...)
-	TODO: check
+	NOT-FOR-US: Geomatika IsiGeo Web
 CVE-2023-23564 (An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote  ...)
-	TODO: check
+	NOT-FOR-US: Geomatika IsiGeo Web
 CVE-2023-23563 (An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote  ...)
-	TODO: check
+	NOT-FOR-US: Geomatika IsiGeo Web
 CVE-2023-23562 (Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access ...)
 	NOT-FOR-US: Stormshield Endpoint Security
 CVE-2023-23561 (Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access ...)
@@ -49857,7 +49857,7 @@ CVE-2022-45613 (Book Store Management System v1.0 was discovered to contain a cr
 CVE-2022-45612
 	RESERVED
 CVE-2022-45611 (An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows  ...)
-	TODO: check
+	NOT-FOR-US: Fresenius Kabi PharmaHelp
 CVE-2022-45610
 	RESERVED
 CVE-2022-45609



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd630e22416af4f1fcfbcfa96c61deddfbea688b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd630e22416af4f1fcfbcfa96c61deddfbea688b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230822/5ce48259/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list