[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 1 20:30:40 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0c583ae9 by Salvatore Bonaccorso at 2023-11-01T21:30:07+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12,7 +12,7 @@ CVE-2023-5627 (A vulnerability has been identified in NPort 6000 Series, making
 CVE-2023-5358 (Improper access control in Report log filters feature in Devolutions S ...)
 	NOT-FOR-US: Devolutions
 CVE-2023-4452 (A vulnerability has been identified in the EDR-810, EDR-G902, and EDR- ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2023-46931 (GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow  ...)
 	- gpac <unfixed>
 	NOTE: https://github.com/gpac/gpac/issues/2664
@@ -30,75 +30,75 @@ CVE-2023-46927 (GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-ove
 	NOTE: https://github.com/gpac/gpac/issues/2657
 	NOTE: https://github.com/gpac/gpac/commit/a7b467b151d9b54badbc4dd71e7a366b7c391817
 CVE-2023-46911 (There is a Cross Site Scripting (XSS) vulnerability in the choose_styl ...)
-	TODO: check
+	NOT-FOR-US: Jspxcms
 CVE-2023-46724 (Squid is a caching proxy for the Web. Due to an Improper Validation of ...)
 	TODO: check
 CVE-2023-46482 (SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attack ...)
-	TODO: check
+	NOT-FOR-US: wuzhicms
 CVE-2023-42750 (In gnss service, there is a possible out of bounds write due to a miss ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42655 (In sim service, there is a possible way to write permission usage reco ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42654 (In dm service, there is a possible missing permission check. This coul ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42653 (In faceid service, there is a possible out of bounds write due to a mi ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42652 (In engineermode, there is a possible missing permission check. This co ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42651 (In engineermode, there is a possible missing permission check. This co ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42650 (In engineermode, there is a possible missing permission check. This co ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42649 (In engineermode, there is a possible missing permission check. This co ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42648 (In engineermode, there is a possible missing permission check. This co ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42647 (In Ifaa service, there is a possible way to write permission usage rec ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42646 (In Ifaa service, there is a possible missing permission check. This co ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42645 (In sim service, there is a possible way to write permission usage reco ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42644 (In dm service, there is a possible missing permission check. This coul ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42643 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42642 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42641 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42640 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42639 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42638 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42637 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42636 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42635 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42634 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42633 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42632 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-42631 (In validationtools, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40062 (SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code E ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2023-40061 (Insecure job execution mechanism vulnerability.  This vulnerability ca ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2023-3972 (A vulnerability was found in insights-client. This security issue occu ...)
 	TODO: check
 CVE-2023-33228 (The SolarWinds Network Configuration Manager was susceptible to the Ex ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2023-33227 (The Network Configuration Manager was susceptible to a Directory Trave ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2023-33226 (The Network Configuration Manager was susceptible to a Directory Trave ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2023-46695
 	- python-django <not-affected> (Only an issue on windows)
 	NOTE: https://www.djangoproject.com/weblog/2023/nov/01/security-releases/
@@ -68596,7 +68596,7 @@ CVE-2023-20272
 CVE-2023-20271
 	RESERVED
 CVE-2023-20270 (A vulnerability in the interaction between the Server Message Block (S ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2023-20269 (A vulnerability in the remote access VPN feature of Cisco Adaptive Sec ...)
 	NOT-FOR-US: Cisco
 CVE-2023-20268 (A vulnerability in the packet processing functionality of Cisco access ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0c583ae972a61bc6b734695ad9c849448467510c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0c583ae972a61bc6b734695ad9c849448467510c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231101/7f66afef/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list