[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jul 21 06:05:52 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
905af2b8 by Salvatore Bonaccorso at 2023-07-21T07:05:10+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4,79 +4,79 @@ CVE-2023-3812 [net: tun: fix bugs for oversize packet when napi frags enabled]
 	[buster] - linux 4.19.269-1
 	NOTE: https://git.kernel.org/linus/363a5328f4b0517e59572118ccfb7c626d81dca9 (6.1-rc4)
 CVE-2023-3794 (A vulnerability classified as problematic has been found in Bug Finder ...)
-	TODO: check
+	NOT-FOR-US: Bug Finder ChainCity Real Estate Investment Platform
 CVE-2023-3793 (A vulnerability was found in Weaver e-cology. It has been rated as cri ...)
-	TODO: check
+	NOT-FOR-US: Weaver e-cology
 CVE-2023-3792 (A vulnerability was found in Beijing Netcon NS-ASG 6.3. It has been cl ...)
-	TODO: check
+	NOT-FOR-US: Beijing Netcon NS-ASG
 CVE-2023-3791 (A vulnerability was found in IBOS OA 4.5.5 and classified as critical. ...)
-	TODO: check
+	NOT-FOR-US: IBOS OA
 CVE-2023-3790 (A vulnerability has been found in Boom CMS 8.0.7 and classified as pro ...)
-	TODO: check
+	NOT-FOR-US: Boom CMS
 CVE-2023-3789 (A vulnerability, which was classified as problematic, was found in Pau ...)
-	TODO: check
+	NOT-FOR-US: PaulPrinting CMS
 CVE-2023-3788 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: ActiveITzone Active Super Shop CMS
 CVE-2023-3787 (A vulnerability classified as problematic was found in Codecanyon Tiva ...)
-	TODO: check
+	NOT-FOR-US: Codecanyon Tiva Events Calender
 CVE-2023-3786 (A vulnerability classified as problematic has been found in Aures Kome ...)
-	TODO: check
+	NOT-FOR-US: Aures Komet
 CVE-2023-3785 (A vulnerability was found in PaulPrinting CMS 2018. It has been rated  ...)
-	TODO: check
+	NOT-FOR-US: PaulPrinting CMS
 CVE-2023-38617 (Office Suite Premium Version v10.9.1.42602 was discovered to contain a ...)
-	TODO: check
+	NOT-FOR-US: Office Suite Premium
 CVE-2023-38523 (The web interface on multiple Samsung Harman AMX N-Series devices allo ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2023-38335 (Omnis Studio 10.22.00 has incorrect access control. It advertises a fe ...)
-	TODO: check
+	NOT-FOR-US: Omnis Studio
 CVE-2023-38334 (Omnis Studio 10.22.00 has incorrect access control. It advertises an i ...)
-	TODO: check
+	NOT-FOR-US: Omnis Studio
 CVE-2023-38203 (Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier)  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-37728 (Icewarp Icearp v10.2.1 was discovered to contain a cross-site scriptin ...)
-	TODO: check
+	NOT-FOR-US: Icewarp Icearp
 CVE-2023-37650 (A Cross-Site Request Forgery (CSRF) in the Admin portal of Cockpit CMS ...)
-	TODO: check
+	NOT-FOR-US: Cockpit CMS
 CVE-2023-37649 (Incorrect access control in the component /models/Content of Cockpit C ...)
-	TODO: check
+	NOT-FOR-US: Cockpit CMS
 CVE-2023-37602 (An arbitrary file upload vulnerability in the component /workplace#!ex ...)
-	TODO: check
+	NOT-FOR-US: Alkacon OpenCMS
 CVE-2023-37601 (Office Suite Premium v10.9.1.42602 was discovered to contain a local f ...)
-	TODO: check
+	NOT-FOR-US: Office Suite Premium
 CVE-2023-37600 (Office Suite Premium Version v10.9.1.42602 was discovered to contain a ...)
-	TODO: check
+	NOT-FOR-US: Office Suite Premium
 CVE-2023-37471 (Open Access Management (OpenAM) is an access management solution that  ...)
-	TODO: check
+	NOT-FOR-US: Open Access Management (OpenAM)
 CVE-2023-37290 (InfoDoc Document On-line Submission and Approval System lacks sufficie ...)
-	TODO: check
+	NOT-FOR-US: InfoDoc Document On-line Submission and Approval System
 CVE-2023-37165 (Millhouse-Project v1.414 was discovered to contain a remote code execu ...)
-	TODO: check
+	NOT-FOR-US: Millhouse-Project
 CVE-2023-37164 (Diafan CMS v6.0 was discovered to contain a reflected cross-site scrip ...)
-	TODO: check
+	NOT-FOR-US: Diafan CMS
 CVE-2023-34625 (ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication B ...)
-	TODO: check
+	NOT-FOR-US: ShowMojo MojoBox Digital Lockbox
 CVE-2023-32483 (Wyse Management Suite versions prior to 4.0 contain a sensitive inform ...)
-	TODO: check
+	NOT-FOR-US: Wyse Management Suite
 CVE-2023-32482 (Wyse Management Suite versions prior to 4.0 contain an improper author ...)
-	TODO: check
+	NOT-FOR-US: Wyse Management Suite
 CVE-2023-32481 (Wyse Management Suite versions prior to 4.0 contain a denial-of-servic ...)
-	TODO: check
+	NOT-FOR-US: Wyse Management Suite
 CVE-2023-32476 (Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vuln ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-32455 (Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-32447 (Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-32446 (Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-32265 (A potential security vulnerability has been identified in the Enterpri ...)
 	NOT-FOR-US: Micro Focus
 CVE-2023-31753 (SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an ...)
-	TODO: check
+	NOT-FOR-US: eNdonesia
 CVE-2023-31462 (An issue was discovered in SteelSeries GG 36.0.0. An attacker can chan ...)
-	TODO: check
+	NOT-FOR-US: SteelSeries
 CVE-2023-31461 (Attackers can exploit an open API listener on SteelSeries GG 36.0.0 to ...)
-	TODO: check
+	NOT-FOR-US: SteelSeries
 CVE-2023-37450
 	- webkit2gtk <unfixed>
 	- wpewebkit <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/905af2b89053d9d16d6313dd8d852e6c2980c4f3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/905af2b89053d9d16d6313dd8d852e6c2980c4f3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230721/c20eeccc/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list