[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 24 21:40:02 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1e3fc4d3 by Salvatore Bonaccorso at 2023-07-24T22:39:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,13 +6,13 @@ CVE-2023-3863 (A use-after-free flaw was found in nfc_llcp_find_local in net/nfc
 CVE-2023-3344 (The Auto Location for WP Job Manager via Google WordPress plugin befor ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-3324 (A vulnerability exists by allowing low-privileged users to read and up ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2023-3323 (A vulnerability exists by allowing low-privileged users to read and up ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2023-3322 (A vulnerability exists by allowing low-privileged users to read and up ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2023-3321 (A vulnerability exists by allowing low-privileged users to read and up ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2023-3248 (The All-in-one Floating Contact Form WordPress plugin before 2.1.2 doe ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-38060 (Improper Input Validation vulnerability in the ContentType parameter f ...)
@@ -24,7 +24,7 @@ CVE-2023-38057 (An improper input validation vulnerability in OTRS Survey module
 CVE-2023-38056 (Improper Neutralization of commands allowed to be executed via OTRS Sy ...)
 	TODO: check
 CVE-2023-37613 (A cross-site scripting (XSS) vulnerability in Assembly Software Trialw ...)
-	TODO: check
+	NOT-FOR-US: Assembly Software Trialworks
 CVE-2023-2761 (The User Activity Log WordPress plugin before 1.6.3 does not properly  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-3862 (A vulnerability was found in Travelmate Travelable Trek Management Sol ...)
@@ -24597,9 +24597,9 @@ CVE-2023-26080
 CVE-2023-26079
 	RESERVED
 CVE-2023-26078 (Privilege escalation vulnerability was discovered in Atera Agent 1.8.4 ...)
-	TODO: check
+	NOT-FOR-US: Atera Agent
 CVE-2023-26077 (Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a D ...)
-	TODO: check
+	NOT-FOR-US: Atera Agent
 CVE-2023-26076 (An issue was discovered in Samsung Mobile Chipset and Baseband Modem C ...)
 	NOT-FOR-US: Samsung
 CVE-2023-26075 (An issue was discovered in Samsung Mobile Chipset and Baseband Modem C ...)
@@ -91299,7 +91299,7 @@ CVE-2022-30282
 CVE-2022-30281
 	RESERVED
 CVE-2022-30280 (/SecurityManagement/html/createuser.jsf in Nokia NetAct 22 allows CSRF ...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2022-30279 (An issue was discovered in Stormshield Network Security (SNS) 4.3.x be ...)
 	NOT-FOR-US: Stormshield Network Security (SNS)
 CVE-2022-30278 (A vulnerability in Black Duck Hub\u2019s embedded MadCap Flare documen ...)
@@ -95473,15 +95473,15 @@ CVE-2022-28869 (A vulnerability affecting F-Secure SAFE browser was discovered.
 CVE-2022-28868 (An Address bar spoofing vulnerability was discovered in Safe Browser f ...)
 	NOT-FOR-US: F-Secure
 CVE-2022-28867 (An issue was discovered in Nokia NetAct 22 through the Administration  ...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2022-28866 (Multiple Improper Access Control was discovered in Nokia AirFrame BMC  ...)
 	NOT-FOR-US: Nokia AirFrame BMC Web GUI
 CVE-2022-28865 (An issue was discovered in Nokia NetAct 22 through the Site Configurat ...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2022-28864 (An issue was discovered in Nokia NetAct 22 through the Administration  ...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2022-28863 (An issue was discovered in Nokia NetAct 22. A remote user, authenticat ...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2022-28862 (In Archibus Web Central before 26.2, multiple SQL Injection vulnerabil ...)
 	NOT-FOR-US: ARCHIBUS Web Central
 CVE-2022-28861 (The server in Citilog 8.0 allows an attacker (in a man in the middle p ...)
@@ -139706,7 +139706,7 @@ CVE-2021-39423
 CVE-2021-39422
 	RESERVED
 CVE-2021-39421 (A cross-site scripting (XSS) vulnerability in SeedDMS v6.0.15 allows a ...)
-	TODO: check
+	NOT-FOR-US: SeedDMS
 CVE-2021-39420 (Multiple Cross Site Scripting (XSS) vulnerabilities exist in VFront 0. ...)
 	NOT-FOR-US: VFront
 CVE-2021-39419



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e3fc4d3ab4bbd32cbe75e9b5d946167d2d6f00a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e3fc4d3ab4bbd32cbe75e9b5d946167d2d6f00a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230724/e560197f/attachment.htm>


More information about the debian-security-tracker-commits mailing list