[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 27 13:54:08 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
98d3ce7b by Salvatore Bonaccorso at 2023-07-27T14:53:36+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12292,7 +12292,7 @@ CVE-2023-30369 (Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow.)
 CVE-2023-30368 (Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWe ...)
 	NOT-FOR-US: Tenda
 CVE-2023-30367 (mRemoteNG configuration files can be stored in an encrypted state on d ...)
-	TODO: check
+	NOT-FOR-US: mRemoteNG
 CVE-2023-30366
 	RESERVED
 CVE-2023-30365
@@ -19587,11 +19587,11 @@ CVE-2023-28016 (Host Header Injection vulnerability in the HCL BigFix OSD Bare M
 CVE-2023-28015 (The HCL Domino AppDev Pack IAM service is susceptible to a User Accoun ...)
 	NOT-FOR-US: HCL
 CVE-2023-28014 (HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An a ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2023-28013 (HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An a ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2023-28012 (HCL BigFix Mobile is vulnerable to a command injection attack. An auth ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2023-28011
 	RESERVED
 CVE-2023-28010
@@ -42232,15 +42232,15 @@ CVE-2022-46904 (Insufficient processing of user input in WebSoft HCM 2021.2.3.32
 CVE-2022-46903 (Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allo ...)
 	NOT-FOR-US: WebSoft HCM
 CVE-2022-46902 (An issue was discovered in Vocera Report Server and Voice Server 5.x t ...)
-	TODO: check
+	NOT-FOR-US: Vocera Report Server and Voice Server
 CVE-2022-46901 (An issue was discovered in Vocera Report Server and Voice Server 5.x t ...)
-	TODO: check
+	NOT-FOR-US: Vocera Report Server and Voice Server
 CVE-2022-46900 (An issue was discovered in Vocera Report Server and Voice Server 5.x t ...)
-	TODO: check
+	NOT-FOR-US: Vocera Report Server and Voice Server
 CVE-2022-46899 (An issue was discovered in Vocera Report Server and Voice Server 5.x t ...)
-	TODO: check
+	NOT-FOR-US: Vocera Report Server and Voice Server
 CVE-2022-46898 (An issue was discovered in Vocera Report Server and Voice Server 5.x t ...)
-	TODO: check
+	NOT-FOR-US: Vocera Report Server and Voice Server
 CVE-2022-46897
 	RESERVED
 CVE-2022-46896
@@ -50300,7 +50300,7 @@ CVE-2023-20893 (The VMware vCenter Server contains a use-after-free vulnerabilit
 CVE-2023-20892 (The vCenter Server contains a heap overflow vulnerability due to the u ...)
 	NOT-FOR-US: VMware
 CVE-2023-20891 (The VMware Tanzu Application Service for VMs and Isolation Segment con ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2023-20890
 	RESERVED
 CVE-2023-20889 (Aria Operations for Networks contains an information disclosure vulner ...)
@@ -54275,13 +54275,13 @@ CVE-2022-43715
 CVE-2022-43714
 	RESERVED
 CVE-2022-43713 (Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 ...)
-	TODO: check
+	NOT-FOR-US: GX Software XperienCentral
 CVE-2022-43712 (POST requests to /web/mvc in GX Software XperienCentral version 10.36. ...)
-	TODO: check
+	NOT-FOR-US: GX Software XperienCentral
 CVE-2022-43711 (Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 ...)
-	TODO: check
+	NOT-FOR-US: GX Software XperienCentral
 CVE-2022-43710 (Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 ...)
-	TODO: check
+	NOT-FOR-US: GX Software XperienCentral
 CVE-2022-43709 (MyBB 1.8.31 has a SQL injection vulnerability in the Admin CP's Users  ...)
 	NOT-FOR-US: MyBB
 CVE-2022-43708 (MyBB 1.8.31 has a (issue 2 of 2) cross-site scripting (XSS) vulnerabil ...)
@@ -186582,7 +186582,7 @@ CVE-2020-35700 (A second-order SQL injection issue in Widgets/TopDevicesControll
 CVE-2020-35699
 	RESERVED
 CVE-2020-35698 (Thinkific Thinkific Online Course Creation Platform 1.0 is affected by ...)
-	TODO: check
+	NOT-FOR-US: Thinkific Thinkific Online Course Creation Platform
 CVE-2020-35697
 	RESERVED
 CVE-2020-35696



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d3ce7b3dced2f0c306ddea1213428658571e83

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98d3ce7b3dced2f0c306ddea1213428658571e83
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230727/f0c6b4eb/attachment.htm>

More information about the debian-security-tracker-commits mailing list