[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Feb 6 21:01:56 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
005711b1 by Salvatore Bonaccorso at 2023-02-06T22:01:26+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -604,7 +604,7 @@ CVE-2023-0687 (A vulnerability was found in GNU C Library 2.38. It has been decl
 	NOTE: https://patchwork.sourceware.org/project/glibc/patch/20230204114138.5436-1-leo@yuriev.ru/
 	TODO: check
 CVE-2023-0686 (A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. I ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Eyewear Shop
 CVE-2023-0685
 	RESERVED
 CVE-2023-0684
@@ -618,7 +618,7 @@ CVE-2023-0681
 CVE-2023-0680
 	RESERVED
 CVE-2023-0679 (A vulnerability was found in SourceCodester Canteen Management System  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Canteen Management System
 CVE-2022-48316
 	RESERVED
 CVE-2022-48315
@@ -648,7 +648,7 @@ CVE-2023-25194
 CVE-2022-4902 (A vulnerability classified as problematic has been found in eXo Chat A ...)
 	TODO: check
 CVE-2020-36660 (A vulnerability was found in paxswill EVE Ship Replacement Program 0.1 ...)
-	TODO: check
+	NOT-FOR-US: paxswill EVE Ship Replacement Program
 CVE-2017-20177
 	RESERVED
 CVE-2015-10073
@@ -3295,29 +3295,29 @@ CVE-2023-24204
 CVE-2023-24203
 	RESERVED
 CVE-2023-24202 (Raffle Draw System v1.0 was discovered to contain a local file inclusi ...)
-	TODO: check
+	NOT-FOR-US: Raffle Draw System
 CVE-2023-24201 (Raffle Draw System v1.0 was discovered to contain a SQL injection vuln ...)
-	TODO: check
+	NOT-FOR-US: Raffle Draw System
 CVE-2023-24200 (Raffle Draw System v1.0 was discovered to contain a SQL injection vuln ...)
-	TODO: check
+	NOT-FOR-US: Raffle Draw System
 CVE-2023-24199 (Raffle Draw System v1.0 was discovered to contain a SQL injection vuln ...)
-	TODO: check
+	NOT-FOR-US: Raffle Draw System
 CVE-2023-24198 (Raffle Draw System v1.0 was discovered to contain multiple SQL injecti ...)
-	TODO: check
+	NOT-FOR-US: Raffle Draw System
 CVE-2023-24197 (Online Food Ordering System v2 was discovered to contain a SQL injecti ...)
-	TODO: check
+	NOT-FOR-US: Online Food Ordering System
 CVE-2023-24196
 	RESERVED
 CVE-2023-24195 (Online Food Ordering System v2 was discovered to contain a cross-site  ...)
-	TODO: check
+	NOT-FOR-US: Online Food Ordering System
 CVE-2023-24194 (Online Food Ordering System v2 was discovered to contain a cross-site  ...)
-	TODO: check
+	NOT-FOR-US: Online Food Ordering System
 CVE-2023-24193
 	RESERVED
 CVE-2023-24192 (Online Food Ordering System v2 was discovered to contain a cross-site  ...)
-	TODO: check
+	NOT-FOR-US: Online Food Ordering System
 CVE-2023-24191 (Online Food Ordering System v2 was discovered to contain a cross-site  ...)
-	TODO: check
+	NOT-FOR-US: Online Food Ordering System
 CVE-2023-24190
 	RESERVED
 CVE-2023-24189
@@ -4110,7 +4110,7 @@ CVE-2023-0402 (The Social Warfare plugin for WordPress is vulnerable to authoriz
 CVE-2023-0401
 	RESERVED
 CVE-2023-0400 (The protection bypass vulnerability in DLP for Windows 11.9.x is addre ...)
-	TODO: check
+	NOT-FOR-US: DLP for Windows
 CVE-2023-0399
 	RESERVED
 CVE-2023-0398 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...)
@@ -7057,9 +7057,9 @@ CVE-2023-0126 (Pre-authentication path traversal vulnerability in SMA1000 firmwa
 CVE-2023-0125 (A vulnerability was found in Control iD Panel. It has been declared as ...)
 	NOT-FOR-US: Control iD Panel
 CVE-2023-0124 (Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics DOPSoft
 CVE-2023-0123 (Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics DOPSoft
 CVE-2022-48251 (** DISPUTED ** The AES instructions on the ARMv8 platform do not have  ...)
 	NOT-FOR-US: ARM hardware design issue
 CVE-2021-46871 (tag.ex in Phoenix Phoenix.HTML (aka phoenix_html) before 3.0.4 allows  ...)
@@ -8883,9 +8883,9 @@ CVE-2022-48167
 CVE-2022-48166
 	RESERVED
 CVE-2022-48165 (An access control issue in the component /cgi-bin/ExportLogs.sh of Wav ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2022-48164 (An access control issue in the component /cgi-bin/ExportLogs.sh of Wav ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2022-48163
 	RESERVED
 CVE-2022-48162
@@ -8933,7 +8933,7 @@ CVE-2022-48142
 CVE-2022-48141
 	RESERVED
 CVE-2022-48140 (DedeCMS v5.7.97 was discovered to contain a cross-site scripting (XSS) ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2022-48139
 	RESERVED
 CVE-2022-48138
@@ -9049,13 +9049,13 @@ CVE-2022-48084
 CVE-2022-48083
 	RESERVED
 CVE-2022-48082 (Easyone CRM v5.50.02 was discovered to contain a SQL Injection vulnera ...)
-	TODO: check
+	NOT-FOR-US: Easyone CRM
 CVE-2022-48081
 	RESERVED
 CVE-2022-48080
 	RESERVED
 CVE-2022-48079 (Monnai aaPanel host system v1.5 contains an access control issue which ...)
-	TODO: check
+	NOT-FOR-US: Monnai aaPanel host system
 CVE-2022-48078 (pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered t ...)
 	TODO: check
 CVE-2022-48077
@@ -9175,7 +9175,7 @@ CVE-2022-48021 (A vulnerability in Zammad v5.3.0 allows attackers to execute arb
 CVE-2022-48020
 	RESERVED
 CVE-2022-48019 (The components wfshbr64.sys and wfshbr32.sys in Another Eden before v3 ...)
-	TODO: check
+	NOT-FOR-US: Another Eden
 CVE-2022-48018
 	RESERVED
 CVE-2022-48017
@@ -10134,7 +10134,7 @@ CVE-2022-46733 (Sewio’s Real-Time Location System (RTLS) Studio version 2.
 CVE-2022-46658
 	RESERVED
 CVE-2022-4634 (All versions prior to Delta Electronic’s CNCSoft version 1.01.34 ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2022-4633 (A vulnerability was found in Auto Upload Images up to 3.3.0 and classi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-4632 (A vulnerability has been found in Auto Upload Images up to 3.3.0 and c ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/005711b1641fec81a38bf30c5fa75ae853309f83

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/005711b1641fec81a38bf30c5fa75ae853309f83
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230206/3ba60dd4/attachment.htm>

More information about the debian-security-tracker-commits mailing list