[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue May 2 09:21:43 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4a993036 by Salvatore Bonaccorso at 2023-05-02T10:21:14+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2022-48483 (3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthentica ...)
- TODO: check
+ NOT-FOR-US: 3CX
CVE-2022-48482 (3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows all ...)
- TODO: check
+ NOT-FOR-US: 3CX
CVE-2014-125100 (A vulnerability classified as problematic was found in BestWebSoft Job ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2013-10026 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-2451 (A vulnerability was found in SourceCodester Online DJ Management Syste ...)
NOT-FOR-US: SourceCodester Online DJ Management System
CVE-2018-25085 (A vulnerability classified as problematic was found in Responsive Menu ...)
@@ -863,7 +863,7 @@ CVE-2023-31044
CVE-2023-31043 (EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs un ...)
NOT-FOR-US: EnterpriseDB
CVE-2023-2247 (In affected versions of Octopus Deploy it is possible to unmask variab ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2023-31042
RESERVED
CVE-2023-31041
@@ -2103,7 +2103,7 @@ CVE-2023-30641
CVE-2023-30640
RESERVED
CVE-2023-30639 (Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored ...)
- TODO: check
+ NOT-FOR-US: Archer
CVE-2023-30638 (Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 befor ...)
NOT-FOR-US: Unify
CVE-2023-30637 (Baidu braft 1.1.2 has a memory leak related to use of the new operator ...)
@@ -4534,7 +4534,7 @@ CVE-2023-29639 (Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog,
CVE-2023-29638 (Cross Site Scripting (XSS) vulnerability in WinterChenS my-site before ...)
NOT-FOR-US: WinterChenS my-site
CVE-2023-29637 (Cross Site Scripting (XSS) vulnerability in Qbian61 forum-java, allows ...)
- TODO: check
+ NOT-FOR-US: Qbian61 forum-java
CVE-2023-29636 (Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows ...)
NOT-FOR-US: ZHENFENG13 My-Blog
CVE-2023-29635 (File upload vulnerability in Antabot White-Jotter v0.2.2, allows remot ...)
@@ -12759,7 +12759,7 @@ CVE-2023-27110
CVE-2023-27109
RESERVED
CVE-2023-27108 (An issue was discovered in KaiOS 3.0. The pre-installed Communications ...)
- TODO: check
+ NOT-FOR-US: KaiOS
CVE-2023-27107 (Incorrect access control in the runReport function of MyQ Solution Pri ...)
NOT-FOR-US: MyQ Solution
CVE-2023-27106
@@ -13017,7 +13017,7 @@ CVE-2023-26989
CVE-2023-26988
RESERVED
CVE-2023-26987 (An issue discovered in Konga 0.14.9 allows remote attackers to manipul ...)
- TODO: check
+ NOT-FOR-US: Konga
CVE-2023-26986 (An issue in China Mobile OA Mailbox PC v2.9.23 allows remote attackers ...)
NOT-FOR-US: China Mobile OA Mailbox PC
CVE-2023-26985
@@ -32901,9 +32901,9 @@ CVE-2023-21668
CVE-2023-21667
RESERVED
CVE-2023-21666 (Memory Corruption in Graphics while accessing a buffer allocated throu ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-21665 (Memory corruption in Graphics while importing a file.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-21664
RESERVED
CVE-2023-21663
@@ -32949,7 +32949,7 @@ CVE-2023-21644
CVE-2023-21643
RESERVED
CVE-2023-21642 (Memory corruption in HAB Memory management due to broad system privile ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-21641
RESERVED
CVE-2023-21640
@@ -53242,13 +53242,13 @@ CVE-2022-40510
CVE-2022-40509
RESERVED
CVE-2022-40508 (Transient DOS due to reachable assertion in Modem while processing con ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-40507
RESERVED
CVE-2022-40506
RESERVED
CVE-2022-40505 (Information disclosure due to buffer over-read in Modem while parsing ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-40504 (Transient DOS due to reachable assertion in Modem when UE received Dow ...)
TODO: check
CVE-2022-40503 (Information disclosure due to buffer over-read in Bluetooth Host while ...)
@@ -72848,9 +72848,9 @@ CVE-2022-33307
CVE-2022-33306 (Transient DOS due to buffer over-read in WLAN while processing an inco ...)
NOT-FOR-US: Qualcomm
CVE-2022-33305 (Transient DOS due to NULL pointer dereference in Modem while sending i ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33304 (Transient DOS due to NULL pointer dereference in Modem while performin ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33303
RESERVED
CVE-2022-33302 (Memory corruption due to improper validation of array index in User Id ...)
@@ -72874,7 +72874,7 @@ CVE-2022-33294 (Transient DOS in Modem due to NULL pointer dereference while rec
CVE-2022-33293
RESERVED
CVE-2022-33292 (Memory corruption in Qualcomm IPC due to use after free while receivin ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33291 (Information disclosure in Modem due to buffer over-read while receivin ...)
NOT-FOR-US: Qualcomm
CVE-2022-33290 (Transient DOS in Bluetooth HOST due to null pointer dereference when a ...)
@@ -72896,7 +72896,7 @@ CVE-2022-33283 (Information disclosure due to buffer over-read in WLAN while WLA
CVE-2022-33282 (Memory corruption in Automotive Multimedia due to integer overflow to ...)
NOT-FOR-US: Qualcomm
CVE-2022-33281 (Memory corruption due to improper validation of array index in compute ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33280 (Memory corruption due to access of uninitialized pointer in Bluetooth ...)
NOT-FOR-US: Qualcomm
CVE-2022-33279 (Memory corruption due to stack based buffer overflow in WLAN having in ...)
@@ -94933,7 +94933,7 @@ CVE-2022-25715 (Memory corruption in display driver due to incorrect type castin
CVE-2022-25714
RESERVED
CVE-2022-25713 (Memory corruption in Automotive due to Improper Restriction of Operati ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-25712 (Memory corruption in camera due to buffer copy without checking size o ...)
NOT-FOR-US: Snapdragon
CVE-2022-25711 (Memory corruption in camera due to improper validation of array index ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a9930365ebe75081b8cf2e39516ad945760dcf5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a9930365ebe75081b8cf2e39516ad945760dcf5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230502/f5c85d2f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list