[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 31 22:40:18 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e3ff3232 by Salvatore Bonaccorso at 2023-08-31T23:39:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,41 +15,41 @@ CVE-2023-4678 (Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.)
 	NOTE: https://github.com/gpac/gpac/commit/4607052c482a51dbdacfe1ade10645c181d07b07
 	NOTE: https://huntr.dev/bounties/688a4a01-8c18-469d-8cbe-a2e79e80c877
 CVE-2023-41748 (Remote command execution due to improper input validation. The followi ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-41747 (Sensitive information disclosure due to improper input validation. The ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-41746 (Remote command execution due to improper input validation. The followi ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-41745 (Sensitive information disclosure due to excessive collection of system ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-41744 (Local privilege escalation due to unrestricted loading of unsigned lib ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-41743 (Local privilege escalation due to insecure driver communication port p ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-41742 (Excessive attack surface due to binding to an unrestricted IP address. ...)
-	TODO: check
+	NOT-FOR-US: Acronis
 CVE-2023-41741 (Exposure of sensitive information to an unauthorized actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2023-41740 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2023-41739 (Uncontrolled resource consumption vulnerability in File Functionality  ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2023-41738 (Improper neutralization of special elements used in an OS command ('OS ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2023-41717 (Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and ...)
 	TODO: check
 CVE-2023-41642 (Multiple reflected cross-site scripting (XSS) vulnerabilities in the E ...)
-	TODO: check
+	NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41640 (An improper error handling vulnerability in the component ErroreNonGes ...)
-	TODO: check
+	NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41638 (An arbitrary file upload vulnerability in the Gestione Documentale mod ...)
-	TODO: check
+	NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41637 (An arbitrary file upload vulnerability in the Carica immagine function ...)
-	TODO: check
+	NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41636 (A SQL injection vulnerability in the Data Richiesta dal parameter of G ...)
-	TODO: check
+	NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41635 (A XML External Entity (XXE) vulnerability in the VerifichePeriodiche.a ...)
-	TODO: check
+	NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41045 (Graylog is a free and open log management platform. Graylog makes use  ...)
 	TODO: check
 CVE-2023-41044 (Graylog is a free and open log management platform. A partial path tra ...)
@@ -67,9 +67,9 @@ CVE-2023-39351 (FreeRDP is a free implementation of the Remote Desktop Protocol
 CVE-2023-39350 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
 	TODO: check
 CVE-2023-34392 (A Missing Authentication for Critical Function vulnerability in the Sc ...)
-	TODO: check
+	NOT-FOR-US: Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator
 CVE-2023-34391 (Insecure Inherited Permissions vulnerability in Schweitzer Engineering ...)
-	TODO: check
+	NOT-FOR-US: Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software
 CVE-2023-33835 (IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a  ...)
 	NOT-FOR-US: IBM
 CVE-2023-33834 (IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3ff3232f24d7dcc7f7fd53ecc7dad527c4c155f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3ff3232f24d7dcc7f7fd53ecc7dad527c4c155f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230831/ace2ba77/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list