[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Jul 10 11:23:42 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
776a837c by Moritz Muehlenhoff at 2023-07-10T12:23:13+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24278,7 +24278,7 @@ CVE-2023-25519
 CVE-2023-25518 (NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe contro ...)
 	NOT-FOR-US: NVIDIA
 CVE-2023-25517 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
 CVE-2023-25516 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
 	- nvidia-open-gpu-kernel-modules <unfixed> (bug #1039686)
 	[bookworm] - nvidia-open-gpu-kernel-modules <no-dsa> (Contrib not supported)
@@ -220234,7 +220234,7 @@ CVE-2020-18434
 CVE-2020-18433
 	RESERVED
 CVE-2020-18432 (File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: SEMCMS PHP
 CVE-2020-18431
 	RESERVED
 CVE-2020-18430 (tinyexr 0.9.5 was discovered to contain an array index error in the ti ...)
@@ -220266,35 +220266,35 @@ CVE-2020-18420
 CVE-2020-18419
 	RESERVED
 CVE-2020-18418 (A Cross site request forgery (CSRF) vulnerability was discovered in Fe ...)
-	TODO: check
+	NOT-FOR-US: FeiFeiCMS
 CVE-2020-18417
 	RESERVED
 CVE-2020-18416 (An cross site request forgery (CSRF) vulnerability discovered in Jymus ...)
-	TODO: check
+	NOT-FOR-US: Jymusic
 CVE-2020-18415
 	RESERVED
 CVE-2020-18414 (Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 th ...)
-	TODO: check
+	NOT-FOR-US: Chaoji CMS
 CVE-2020-18413 (Stored cross site scripting (XSS) vulnerability in /index.php?admin-ma ...)
-	TODO: check
+	NOT-FOR-US: Chaoji CMS
 CVE-2020-18412
 	RESERVED
 CVE-2020-18411
 	RESERVED
 CVE-2020-18410 (A stored cross site scripting (XSS) vulnerability in /index.php?admin- ...)
-	TODO: check
+	NOT-FOR-US: Chaoji CMS
 CVE-2020-18409 (Cross Site Request Forgery (CSRF) vulnerability was discovered in Catf ...)
-	TODO: check
+	NOT-FOR-US: CatfishCMS
 CVE-2020-18408
 	RESERVED
 CVE-2020-18407
 	RESERVED
 CVE-2020-18406 (An issue was discovered in cmseasy v7.0.0 that allows user credentials ...)
-	TODO: check
+	NOT-FOR-US: cmseasy
 CVE-2020-18405
 	RESERVED
 CVE-2020-18404 (An issue was discovered in espcms version P8.18101601. There is a cros ...)
-	TODO: check
+	NOT-FOR-US: espcms
 CVE-2020-18403
 	RESERVED
 CVE-2020-18402
@@ -277502,7 +277502,7 @@ CVE-2019-16285 (If a local user has been configured and logged in, an unauthenti
 CVE-2019-16284 (A potential security vulnerability has been identified in multiple HP  ...)
 	NOT-FOR-US: HP
 CVE-2019-16283 (A potential security vulnerability has been identified with a version  ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2019-16282 (In NCH Express Invoice v7.12, persistent cross site scripting (XSS) ex ...)
 	NOT-FOR-US: NCH Express Invoice
 CVE-2019-16281 (Ptarmigan before 0.2.3 lacks API token validation, e.g., an "if (token ...)
@@ -483927,7 +483927,7 @@ CVE-2015-1315 (Buffer overflow in the charset_to_intern function in unix/unix.c
 CVE-2015-1314 (The USAA Mobile Banking application before 7.10.1 for Android displays ...)
 	NOT-FOR-US: USAA Mobile Banking application for Android
 CVE-2015-1313 (JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creat ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2015-1312 (The Dealer Portal in SAP ERP does not properly restrict access, which  ...)
 	NOT-FOR-US: SAP
 CVE-2015-1311 (The Extended Application Services (XS) in SAP HANA allows remote attac ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/776a837c39fd9d9493acddcee258255daaed2cab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/776a837c39fd9d9493acddcee258255daaed2cab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230710/9ba01ccf/attachment.htm>

More information about the debian-security-tracker-commits mailing list