[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Mar 29 15:43:24 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
245fb834 by Salvatore Bonaccorso at 2023-03-29T16:42:34+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -67,31 +67,31 @@ CVE-2023-1688
 CVE-2023-1687
 	RESERVED
 CVE-2023-1686 (A vulnerability was found in SourceCodester Young Entrepreneur E-Negos ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Young Entrepreneur E-Negosyo System
 CVE-2023-1685 (A vulnerability was found in HadSky up to 7.11.8. It has been declared ...)
 	TODO: check
 CVE-2023-1684 (A vulnerability was found in HadSky 7.7.16. It has been classified as  ...)
 	TODO: check
 CVE-2023-1683 (A vulnerability was found in Xunrui CMS 4.61 and classified as problem ...)
-	TODO: check
+	NOT-FOR-US: Xunrui CMS
 CVE-2023-1682 (A vulnerability has been found in Xunrui CMS 4.61 and classified as pr ...)
-	TODO: check
+	NOT-FOR-US: Xunrui CMS
 CVE-2023-1681 (A vulnerability, which was classified as problematic, was found in Xun ...)
-	TODO: check
+	NOT-FOR-US: Xunrui CMS
 CVE-2023-1680
 	RESERVED
 CVE-2023-1679 (A vulnerability classified as critical was found in DriverGenius 9.70. ...)
-	TODO: check
+	NOT-FOR-US: DriverGenius
 CVE-2023-1678 (A vulnerability classified as critical has been found in DriverGenius  ...)
-	TODO: check
+	NOT-FOR-US: DriverGenius
 CVE-2023-1677 (A vulnerability was found in DriverGenius 9.70.0.346. It has been rate ...)
-	TODO: check
+	NOT-FOR-US: DriverGenius
 CVE-2023-1676 (A vulnerability was found in DriverGenius 9.70.0.346. It has been decl ...)
-	TODO: check
+	NOT-FOR-US: DriverGenius
 CVE-2023-1675 (A vulnerability was found in SourceCodester School Registration and Fe ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester School Registration and Fee System
 CVE-2023-1674 (A vulnerability was found in SourceCodester School Registration and Fe ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester School Registration and Fee System
 CVE-2023-1673
 	RESERVED
 CVE-2023-28936
@@ -805,17 +805,17 @@ CVE-2023-28725 (General Bytes Crypto Application Server (CAS) 20230120, as distr
 CVE-2023-28723
 	RESERVED
 CVE-2023-28718 (Osprey Pump Controller version 1.01 allows users to perform certain ac ...)
-	TODO: check
+	NOT-FOR-US: Osprey Pump Controller
 CVE-2023-28714
 	RESERVED
 CVE-2023-28712 (Osprey Pump Controller version 1.01 contains an unauthenticated comman ...)
-	TODO: check
+	NOT-FOR-US: Osprey Pump Controller
 CVE-2023-28710
 	RESERVED
 CVE-2023-28654 (Osprey Pump Controller version 1.01 has a hidden administrative accoun ...)
-	TODO: check
+	NOT-FOR-US: Osprey Pump Controller
 CVE-2023-28648 (Osprey Pump Controller version 1.01 inputs passed to a GET parameter a ...)
-	TODO: check
+	NOT-FOR-US: Osprey Pump Controller
 CVE-2023-28411
 	RESERVED
 CVE-2023-28410
@@ -827,19 +827,19 @@ CVE-2023-28403
 CVE-2023-28401
 	RESERVED
 CVE-2023-28398 (Osprey Pump Controller version 1.01 could allow an unauthenticated use ...)
-	TODO: check
+	NOT-FOR-US: Osprey Pump Controller
 CVE-2023-28395 (Osprey Pump Controller version 1.01 is vulnerable to a weak session to ...)
-	TODO: check
+	NOT-FOR-US: Osprey Pump Controller
 CVE-2023-28385
 	RESERVED
 CVE-2023-28376
 	RESERVED
 CVE-2023-28375 (Osprey Pump Controller version 1.01 is vulnerable to an unauthenticate ...)
-	TODO: check
+	NOT-FOR-US: Osprey Pump Controller
 CVE-2023-27886 (Osprey Pump Controller version 1.01 is vulnerable to an unauthenticate ...)
-	TODO: check
+	NOT-FOR-US: Osprey Pump Controller
 CVE-2023-27394 (Osprey Pump Controller version 1.01 is vulnerable an unauthenticated O ...)
-	TODO: check
+	NOT-FOR-US: Osprey Pump Controller
 CVE-2023-25071
 	RESERVED
 CVE-2023-1554
@@ -1123,11 +1123,11 @@ CVE-2023-1520
 CVE-2023-1519
 	RESERVED
 CVE-2023-1518 (CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: CP Plus KVMS Pro
 CVE-2023-1517 (Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore  ...)
 	NOT-FOR-US: pimcore
 CVE-2023-1516 (RoboDK versions 5.5.3 and prior contain an insecure permission assignm ...)
-	TODO: check
+	NOT-FOR-US: RoboDK
 CVE-2023-1515 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
 	NOT-FOR-US: pimcore
 CVE-2023-1514



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/245fb834e9641d69e1cf3b61d55a42344a412d59

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/245fb834e9641d69e1cf3b61d55a42344a412d59
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230329/99c42199/attachment.htm>


More information about the debian-security-tracker-commits mailing list