[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jul 14 16:16:05 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
20c85db5 by Moritz Muehlenhoff at 2023-07-14T17:15:37+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -285,13 +285,13 @@ CVE-2023-37628 (Online Piggery Management System 1.0 is vulnerable to SQL Inject
 CVE-2023-37627 (Code-projects Online Restaurant Management System 1.0 is vulnerable to ...)
 	NOT-FOR-US: Code-projects Online Restaurant Management System
 CVE-2023-37582 (The RocketMQ NameServer component still has a remote command execution ...)
-	TODO: check
+	NOT-FOR-US: Apache RocketMQ
 CVE-2023-37456 (The session restore helper crashed whenever there was no parameter sen ...)
 	- firefox <not-affected> (Only affects Firefox on iOS)
 CVE-2023-37455 (The permission request prompt from the site in the background tab was  ...)
 	- firefox <not-affected> (Only affects Firefox on iOS)
 CVE-2023-36266 (An issue was discovered in Keeper Password Manager for Desktop version ...)
-	TODO: check
+	NOT-FOR-US: Keeper Password Manager for Desktop
 CVE-2023-33905 (In iwnpi server, there is a possible out of bounds write due to a miss ...)
 	NOT-FOR-US: Unisoc
 CVE-2023-33904 (In hci_server, there is a possible out of bounds read due to a missing ...)
@@ -51695,13 +51695,13 @@ CVE-2023-20212
 CVE-2023-20211
 	RESERVED
 CVE-2023-20210 (A vulnerability in Cisco BroadWorks could allow an authenticated, loca ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2023-20209
 	RESERVED
 CVE-2023-20208
 	RESERVED
 CVE-2023-20207 (A vulnerability in the logging component of Cisco Duo Authentication P ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2023-20206
 	RESERVED
 CVE-2023-20205
@@ -51745,7 +51745,7 @@ CVE-2023-20187
 CVE-2023-20186
 	RESERVED
 CVE-2023-20185 (A vulnerability in the Cisco ACI Multi-Site CloudSec encryption featur ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2023-20184 (Multiple vulnerabilities in the API of Cisco DNA Center Software could ...)
 	NOT-FOR-US: Cisco
 CVE-2023-20183 (Multiple vulnerabilities in the API of Cisco DNA Center Software could ...)
@@ -57620,7 +57620,7 @@ CVE-2022-42047
 CVE-2022-42046 (wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary ...)
 	NOT-FOR-US: HeavenBurnsRed
 CVE-2022-42045 (Certain Zemana products are vulnerable to Arbitrary code injection. Th ...)
-	TODO: check
+	NOT-FOR-US: Zemana
 CVE-2022-42044 (The d8s-asns package for Python, as distributed on PyPI, included a po ...)
 	NOT-FOR-US: d8s-asns
 CVE-2022-42043 (The d8s-xml package for Python, as distributed on PyPI, included a pot ...)
@@ -85265,7 +85265,7 @@ CVE-2022-31812
 CVE-2022-31811
 	RESERVED
 CVE-2022-31810 (A vulnerability has been identified in SiPass integrated (All versions ...)
-	TODO: check
+	NOT-FOR-US: SiPass
 CVE-2022-31809
 	RESERVED
 CVE-2022-31808 (A vulnerability has been identified in SiPass integrated AC5102 (ACC-G ...)
@@ -92284,9 +92284,9 @@ CVE-2022-29564 (Jamf Private Access before 2022-05-16 has Incorrect Access Contr
 CVE-2022-29563
 	RESERVED
 CVE-2022-29562 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
-	TODO: check
+	NOT-FOR-US: RUGGEDCOM
 CVE-2022-29561 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
-	TODO: check
+	NOT-FOR-US: RUGGEDCOM
 CVE-2022-29560 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
 	NOT-FOR-US: RUGGEDCOM
 CVE-2022-1426 (An issue has been discovered in GitLab affecting all versions starting ...)
@@ -111175,7 +111175,7 @@ CVE-2022-23449 (A vulnerability has been identified in SIMATIC Energy Manager Ba
 CVE-2022-23448 (A vulnerability has been identified in SIMATIC Energy Manager Basic (A ...)
 	NOT-FOR-US: Siemens SIMATIC
 CVE-2022-23447 (An improper limitation of a pathname to a restricted directory ('Path  ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2022-23446 (A improper control of a resource through its lifetime in Fortinet Fort ...)
 	NOT-FOR-US: Fortinet
 CVE-2022-23445
@@ -115383,7 +115383,7 @@ CVE-2022-22304 (An improper neutralization of input during web page generation v
 CVE-2022-22303 (An exposure of sensitive system information to an unauthorized control ...)
 	NOT-FOR-US: FortiGuard
 CVE-2022-22302 (A clear text storage of sensitive information (CWE-312) vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Fortinet
 CVE-2022-22301 (An improper neutralization of special elements used in an OS Command v ...)
 	NOT-FOR-US: FortiGuard
 CVE-2022-22300 (A improper handling of insufficient permissions or privileges in Forti ...)
@@ -120788,7 +120788,7 @@ CVE-2021-44698 (Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlie
 CVE-2021-44697 (Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are  ...)
 	NOT-FOR-US: Adobe
 CVE-2021-44696 (Adobe Prelude version 22.1.1 (and earlier) is affected by an out-of-bo ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-44695 (A vulnerability has been identified in SIMATIC Drive Controller CPU 15 ...)
 	NOT-FOR-US: Siemens
 CVE-2021-44694 (A vulnerability has been identified in SIMATIC Drive Controller CPU 15 ...)
@@ -124928,13 +124928,13 @@ CVE-2021-43762 (AEM's Cloud Service offering, as well as version 6.5.10.0 (and b
 CVE-2021-43761 (AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), ...)
 	NOT-FOR-US: Adobe
 CVE-2021-43760 (Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected b ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-43759 (Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected b ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-43758 (Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected b ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-43757 (Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected b ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-43756 (Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected b ...)
 	NOT-FOR-US: Adobe
 CVE-2021-43755 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20c85db5e82828197fba9d76ea0f507da7ca5f15

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20c85db5e82828197fba9d76ea0f507da7ca5f15
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230714/67480a0a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list