[Git][security-tracker-team/security-tracker][master] Process some new NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 19 20:20:26 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d02ae3ba by Salvatore Bonaccorso at 2023-12-19T21:19:55+01:00
Process some new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2023-6945 (A vulnerability has been found in SourceCodester Online Student Manage ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Student Management System
 CVE-2023-6932 (A use-after-free vulnerability in the Linux kernel's ipv4: igmp compon ...)
 	TODO: check
 CVE-2023-6931 (A heap out-of-bounds write vulnerability in the Linux kernel's Perform ...)
 	TODO: check
 CVE-2023-6913 (A session hijacking vulnerability has been detected in the Imou Life a ...)
-	TODO: check
+	NOT-FOR-US: Imou Life application
 CVE-2023-6730 (Deserialization of Untrusted Data in GitHub repository huggingface/tra ...)
 	TODO: check
 CVE-2023-6711 (Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 th ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2023-6280 (An XXE (XML External Entity) vulnerability has been detected in 52Nort ...)
-	TODO: check
+	NOT-FOR-US: 52North WPS
 CVE-2023-50376 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-50272 (A potential security vulnerability has been identified in HPE Integrat ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2023-49706 (Defective request context handling in Self Service in LinOTP 3.x befor ...)
 	TODO: check
 CVE-2023-49489 (Reflective Cross Site Scripting (XSS) vulnerability in KodeExplorer ve ...)
@@ -35,7 +35,7 @@ CVE-2023-46264 (An unrestricted upload of file with dangerous type vulnerability
 CVE-2023-46263 (An unrestricted upload of file with dangerous type vulnerability exist ...)
 	TODO: check
 CVE-2023-46262 (An unauthenticated attacked could send a specifically crafted web requ ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2023-46261 (An attacker sending specially crafted data packets to the Mobile Devic ...)
 	TODO: check
 CVE-2023-46260 (An attacker sending specially crafted data packets to the Mobile Devic ...)
@@ -63,11 +63,11 @@ CVE-2023-46217 (An attacker sending specially crafted data packets to the Mobile
 CVE-2023-46216 (An attacker sending specially crafted data packets to the Mobile Devic ...)
 	TODO: check
 CVE-2023-45105 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-44991 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-44983 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-43870 (When installing the Net2 software a root certificate is installed into ...)
 	TODO: check
 CVE-2023-43826 (Apache Guacamole 1.5.3 and older do not consistently ensure that value ...)
@@ -77,17 +77,17 @@ CVE-2023-41727 (An attacker sending specially crafted data packets to the Mobile
 CVE-2023-41648 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in S ...)
 	TODO: check
 CVE-2023-40602 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in D ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-38481 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-38478 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-37390 (Deserialization of Untrusted Data vulnerability in Themesflat Themesfl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-34382 (Deserialization of Untrusted Data vulnerability in weDevs Dokan \u2013 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-34027 (Deserialization of Untrusted Data vulnerability in Rajnish Arora Recen ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2019-25158 (A vulnerability has been found in pedroetb tts-api up to 2.1.4 and cla ...)
 	TODO: check
 CVE-2023-50762 (When processing a PGP/MIME payload that contains digitally signed text ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d02ae3ba3cb524f9b5562d1265350112ab9ed638

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d02ae3ba3cb524f9b5562d1265350112ab9ed638
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231219/258dfb14/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list