[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Mar 11 20:17:00 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f0d74f05 by Salvatore Bonaccorso at 2023-03-11T21:16:44+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -827,13 +827,13 @@ CVE-2023-27855
CVE-2023-27854
RESERVED
CVE-2023-25947 (The bundle management subsystem within OpenHarmony-v3.1.4 and prior ve ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2023-25076
RESERVED
CVE-2023-24465 (Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior vers ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2023-1246 (Files or Directories Accessible to External Parties vulnerability in S ...)
- TODO: check
+ NOT-FOR-US: Saysis Starcities
CVE-2023-1245 (Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/ans ...)
NOT-FOR-US: Answer
CVE-2023-1244 (Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/ans ...)
@@ -985,7 +985,7 @@ CVE-2023-1200 (A vulnerability was found in ehuacui bbs. It has been declared as
CVE-2023-1199
RESERVED
CVE-2023-1198 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: Saysis Starcities
CVE-2023-1197 (Cross-site Scripting (XSS) - Stored in GitHub repository uvdesk/commun ...)
NOT-FOR-US: UVdesk
CVE-2023-1196
@@ -1628,7 +1628,7 @@ CVE-2023-27579
CVE-2023-27578
RESERVED
CVE-2023-27577 (flarum is a forum software package for building communities. In versio ...)
- TODO: check
+ NOT-FOR-US: Flarum
CVE-2023-27576
RESERVED
CVE-2023-27575
@@ -1810,7 +1810,7 @@ CVE-2023-27534
CVE-2023-27533
RESERVED
CVE-2023-27532 (Vulnerability in Veeam Backup & Replication component allows encry ...)
- TODO: check
+ NOT-FOR-US: Veeam
CVE-2023-27531
RESERVED
CVE-2023-27530 (A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2. ...)
@@ -2424,7 +2424,7 @@ CVE-2023-1093
CVE-2023-1092
RESERVED
CVE-2023-1091 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: Alpata Licensed Warehousing Automation System
CVE-2023-1090
RESERVED
CVE-2023-1089
@@ -7087,7 +7087,7 @@ CVE-2023-0748 (Open Redirect in GitHub repository btcpayserver/btcpayserver prio
CVE-2023-0747 (Cross-site Scripting (XSS) - Stored in GitHub repository btcpayserver/ ...)
NOT-FOR-US: btcpayserver
CVE-2023-0746 (The help page in GigaVUE-FM, when using GigaVUE-OS software version 5. ...)
- TODO: check
+ NOT-FOR-US: GigaVUE-FM
CVE-2023-0745 (Relative Path Traversal vulnerability in YugaByte, Inc. Yugabyte Manag ...)
- yugabyte-db <itp> (bug #989673)
CVE-2022-48321 (Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe2 ...)
@@ -15655,9 +15655,9 @@ CVE-2023-22634
CVE-2023-22633
RESERVED
CVE-2023-22436 (The kernel subsystem function check_permission_for_set_tokenid within ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2023-22301 (The kernel subsystem hmdfs within OpenHarmony-v3.1.5 and prior version ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2023-22291
RESERVED
CVE-2023-0091 (A flaw was found in Keycloak, where it did not properly check client t ...)
@@ -15673,7 +15673,7 @@ CVE-2023-0085 (The Metform Elementor Contact Form Builder plugin for WordPress i
CVE-2023-0084 (The Metform Elementor Contact Form Builder plugin for WordPress is vul ...)
NOT-FOR-US: Metform Elementor Contact Form Builder plugin for WordPress
CVE-2023-0083 (The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior vers ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2023-0082 (The ExactMetrics WordPress plugin before 7.12.1 does not validate and ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0081 (The MonsterInsights WordPress plugin before 8.12.1 does not validate a ...)
@@ -30116,7 +30116,7 @@ CVE-2022-44576 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2022-44575 (A vulnerability has been identified in PLM Help Server V4.2 (All versi ...)
NOT-FOR-US: Siemens
CVE-2022-44574 (An improper authentication vulnerability exists in Avalanche version 6 ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2022-44573
RESERVED
CVE-2022-44572 (A denial of service vulnerability in the multipart parsing component o ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0d74f0525a1420c10ff5b12486428f18cb9cc29
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0d74f0525a1420c10ff5b12486428f18cb9cc29
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230311/318605b9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list