[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jan 31 21:33:48 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
213c152e by Salvatore Bonaccorso at 2023-01-31T22:33:21+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -561,7 +561,7 @@ CVE-2023-0573
CVE-2023-0572 (Unchecked Error Condition in GitHub repository froxlor/froxlor prior t ...)
- froxlor <itp> (bug #581792)
CVE-2022-4898 (In affected versions of Octopus Server the help sidebar can be customi ...)
- TODO: check
+ NOT-FOR-US: Octopus Server
CVE-2022-48304
RESERVED
CVE-2022-48303 (GNU Tar through 1.34 has a one-byte out-of-bounds read that results in ...)
@@ -1170,15 +1170,15 @@ CVE-2023-24467
CVE-2023-24466
RESERVED
CVE-2023-24020 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass ...)
- TODO: check
+ NOT-FOR-US: Snap One Wattbox WB-300-IP-3
CVE-2023-23582 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerab ...)
- TODO: check
+ NOT-FOR-US: Snap One Wattbox WB-300-IP-3
CVE-2023-22389 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwo ...)
- TODO: check
+ NOT-FOR-US: Snap One Wattbox WB-300-IP-3
CVE-2023-22371
RESERVED
CVE-2023-22315 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a propri ...)
- TODO: check
+ NOT-FOR-US: Snap One Wattbox WB-300-IP-3
CVE-2023-0456
RESERVED
CVE-2023-0455 (Unrestricted Upload of File with Dangerous Type in GitHub repository u ...)
@@ -6540,9 +6540,9 @@ CVE-2023-22613
CVE-2023-22612
RESERVED
CVE-2023-22611 (A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor ...)
- TODO: check
+ NOT-FOR-US: EcoStruxure Geo SCADA Expert
CVE-2023-22610 (A CWE-285: Improper Authorization vulnerability exists that could caus ...)
- TODO: check
+ NOT-FOR-US: EcoStruxure Geo SCADA Expert
CVE-2023-22609
RESERVED
CVE-2023-22608
@@ -7285,9 +7285,9 @@ CVE-2022-48178
CVE-2022-48177
RESERVED
CVE-2022-48176 (Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2022-48175 (Rukovoditel v3.2.1 was discovered to contain a remote code execution ( ...)
- TODO: check
+ NOT-FOR-US: Rukovoditel
CVE-2022-48174
RESERVED
CVE-2022-48173
@@ -7625,7 +7625,7 @@ CVE-2022-48008 (An arbitrary file upload vulnerability in the plugin manager of
CVE-2022-48007 (A stored cross-site scripting (XSS) vulnerability in identification.ph ...)
- piwigo <removed>
CVE-2022-48006 (An arbitrary file upload vulnerability in taocms v3.0.2 allows attacke ...)
- TODO: check
+ NOT-FOR-US: Taocms
CVE-2022-48005
RESERVED
CVE-2022-48004
@@ -8880,7 +8880,7 @@ CVE-2022-47782
CVE-2022-47781
RESERVED
CVE-2022-47780 (SQL Injection vulnerability in Bangresto 1.0 via the itemID parameter. ...)
- TODO: check
+ NOT-FOR-US: Bangresto
CVE-2022-47779
RESERVED
CVE-2022-47778
@@ -9038,15 +9038,15 @@ CVE-2022-47703
CVE-2022-47702
RESERVED
CVE-2022-47701 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
- TODO: check
+ NOT-FOR-US: COMFAST Router
CVE-2022-47700 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
- TODO: check
+ NOT-FOR-US: COMFAST Router
CVE-2022-47699 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
- TODO: check
+ NOT-FOR-US: COMFAST Router
CVE-2022-47698 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
- TODO: check
+ NOT-FOR-US: COMFAST Router
CVE-2022-47697 (COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR62 ...)
- TODO: check
+ NOT-FOR-US: COMFAST Router
CVE-2022-47696
RESERVED
CVE-2022-47695
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/213c152eea64b1cc763562337b3452b1e78a95ab
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/213c152eea64b1cc763562337b3452b1e78a95ab
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230131/3252d671/attachment.htm>
More information about the debian-security-tracker-commits
mailing list