[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 15 09:27:41 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ebd52e54 by Salvatore Bonaccorso at 2023-11-15T10:27:17+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -85,11 +85,11 @@ CVE-2023-47125 (TYPO3 is an open source PHP based web content management system
 CVE-2023-46672 (An issue was identified by Elastic whereby sensitive information is re ...)
 	TODO: check
 CVE-2023-46582 (SQL injection vulnerability in Inventory Management v.1.0 allows a loc ...)
-	TODO: check
+	NOT-FOR-US: Inventory Management
 CVE-2023-46581 (SQL injection vulnerability in Inventory Management v.1.0 allows a loc ...)
-	TODO: check
+	NOT-FOR-US: Inventory Management
 CVE-2023-46580 (Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0  ...)
-	TODO: check
+	NOT-FOR-US: Inventory Management
 CVE-2023-46132 (Hyperledger Fabric is an open source permissioned distributed ledger f ...)
 	TODO: check
 CVE-2023-46121 (yt-dlp is a youtube-dl fork with additional features and fixes. The Ge ...)
@@ -98,61 +98,61 @@ CVE-2023-46121 (yt-dlp is a youtube-dl fork with additional features and fixes.
 	NOTE: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-3ch3-jhc6-5r8x
 	NOTE: https://github.com/yt-dlp/yt-dlp/commit/f04b5bedad7b281bee9814686bba1762bae092eb
 CVE-2023-46026 (Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul  ...)
-	TODO: check
+	NOT-FOR-US: phpgurukul
 CVE-2023-46025 (SQL Injection vulnerability in teacher-info.php in phpgurukul Teacher  ...)
-	TODO: check
+	NOT-FOR-US: phpgurukul
 CVE-2023-46024 (SQL Injection vulnerability in index.php in phpgurukul Teacher Subject ...)
-	TODO: check
+	NOT-FOR-US: phpgurukul
 CVE-2023-46023 (SQL injection vulnerability in addTask.php in Code-Projects Simple Tas ...)
-	TODO: check
+	NOT-FOR-US: Code-Projects Simple Task List
 CVE-2023-46022 (SQL Injection vulnerability in delete.php in Code-Projects Blood Bank  ...)
-	TODO: check
+	NOT-FOR-US: Code-Projects Blood Bank
 CVE-2023-45627 (An authenticated Denial-of-Service (DoS) vulnerability exists in the C ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45626 (An authenticated vulnerability has been identified allowing an attacke ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45625 (Multiple authenticated command injection vulnerabilities exist in the  ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45624 (An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45623 (Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the W ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45622 (Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the B ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45621 (Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the C ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45620 (Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the C ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45619 (There is an arbitrary file deletion vulnerability in the RSSI service  ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45618 (There are arbitrary file deletion vulnerabilities in the AirWave clien ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45617 (There are arbitrary file deletion vulnerabilities in the CLI service a ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45616 (There is a buffer overflow vulnerability in the underlying AirWave cli ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45615 (There are buffer overflow vulnerabilities in the underlying CLI servic ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-45614 (There are buffer overflow vulnerabilities in the underlying CLI servic ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2023-43979 (ETS Soft ybc_blog before v4.4.0 was discovered to contain a SQL inject ...)
 	TODO: check
 CVE-2023-43591 (Improper privilege management  in Zoom Rooms for macOS before version  ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-43590 (Link following  in Zoom Rooms for macOS before version 5.16.0 may allo ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-43588 (Insufficient control flow management in some Zoom clients may allow an ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-43582 (Improper authorization in some Zoom clients may allow an authorized us ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2023-41718 (When a particular process flow is initiated, an attacker may be able t ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2023-41597 (EyouCms v1.6.2 was discovered to contain a reflected cross-site script ...)
 	TODO: check
 CVE-2023-41570 (MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect acc ...)
-	TODO: check
+	NOT-FOR-US: MikroTik
 CVE-2023-40923 (MyPrestaModules ordersexport before v5.0 was discovered to contain mul ...)
-	TODO: check
+	NOT-FOR-US: MyPrestaModules ordersexport
 CVE-2023-39537 (AMI AptioV contains a vulnerability in BIOS where an Attacker may use  ...)
 	TODO: check
 CVE-2023-39536 (AMI AptioV contains a vulnerability in BIOS where an Attacker may use  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebd52e54372af0589b1fc0e0f8ed2bcb6929add8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ebd52e54372af0589b1fc0e0f8ed2bcb6929add8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231115/06406244/attachment.htm>

More information about the debian-security-tracker-commits mailing list