[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 17 20:30:41 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ca6ad1f8 by Salvatore Bonaccorso at 2023-11-17T21:29:05+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
 CVE-2023-6188 (A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a. It has been r ...)
-	TODO: check
+	NOT-FOR-US: GetSimpleCMS
 CVE-2023-6179 (Honeywell ProWatch, 4.5, including all Service Pack versions, contain  ...)
-	TODO: check
+	NOT-FOR-US: Honeywell ProWatch
 CVE-2023-5445 (An open redirect vulnerability in ePolicy Orchestrator prior to 5.10.0 ...)
-	TODO: check
+	NOT-FOR-US: ePolicy Orchestrator
 CVE-2023-5444 (A Cross Site Request Forgery vulnerability in ePolicy Orchestrator pri ...)
-	TODO: check
+	NOT-FOR-US: ePolicy Orchestrator
 CVE-2023-48185 (Directory Traversal vulnerability in TerraMaster v.s1.0 through v.2.29 ...)
-	TODO: check
+	NOT-FOR-US: TerraMaster
 CVE-2023-48029 (Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with ...)
-	TODO: check
+	NOT-FOR-US: Corebos
 CVE-2023-48025 (Liblisp through commit 4c65969 was discovered to contain a out-of-boun ...)
 	TODO: check
 CVE-2023-48024 (Liblisp through commit 4c65969 was discovered to contain a use-after-f ...)
 	TODO: check
 CVE-2023-47757 (Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-47073 (Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-47072 (Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-47071 (Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-47070 (Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-47069 (Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-47068 (Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-47067 (Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-47066 (Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-44355 (Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-44353 (Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-44352 (Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-44351 (Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-44350 (Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-44326 (Adobe Dimension versions 3.4.9 (and earlier) is affected by an out-of- ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-44325 (Adobe Animate versions 23.0.2 (and earlier) is affected by an out-of-b ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-44324 (Adobe FrameMaker versions 2022 and earlier are affected by an Improper ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-6020 (LFI in Ray's /static/ directory allows attackers to read any file on t ...)
 	NOT-FOR-US: Ray
 CVE-2023-6014 (An attacker is able to arbitrarily create an account in MLflow bypassi ...)
@@ -42269,7 +42269,7 @@ CVE-2023-26349 (Adobe Dimension versions 3.4.7 (and earlier) is affected by a Us
 CVE-2023-26348 (Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of- ...)
 	NOT-FOR-US: Adobe
 CVE-2023-26347 (Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-26346 (Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of- ...)
 	NOT-FOR-US: Adobe
 CVE-2023-26345 (Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of- ...)
@@ -57150,13 +57150,13 @@ CVE-2022-47577 (An issue was discovered in the endpoint protection agent in Zoho
 CVE-2022-4616 (The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to ...)
 	NOT-FOR-US: webserver in Delta DX-3021
 CVE-2023-22275 (Adobe RoboHelp Server versions 11.4 and earlier are affected by an Imp ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-22274 (Adobe RoboHelp Server versions 11.4 and earlier are affected by an Imp ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-22273 (Adobe RoboHelp Server versions 11.4 and earlier are affected by an Imp ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-22272 (Adobe RoboHelp Server versions 11.4 and earlier are affected by an Imp ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-22271 (Experience Manager versions 6.5.15.0 (and earlier) are affected by a W ...)
 	NOT-FOR-US: Adobe
 CVE-2023-22270
@@ -57164,7 +57164,7 @@ CVE-2023-22270
 CVE-2023-22269 (Experience Manager versions 6.5.15.0 (and earlier) are affected by a r ...)
 	NOT-FOR-US: Adobe
 CVE-2023-22268 (Adobe RoboHelp Server versions 11.4 and earlier are affected by an Imp ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2023-22267
 	RESERVED
 CVE-2023-22266 (Experience Manager versions 6.5.15.0 (and earlier) are affected by a U ...)
@@ -260993,9 +260993,9 @@ CVE-2020-11450 (Microstrategy Web 10.4 exposes the JVM configuration, CPU archit
 CVE-2020-11449 (An issue was discovered on Technicolor TC7337 8.89.17 devices. An atta ...)
 	NOT-FOR-US: Technicolor devices
 CVE-2020-11448 (An issue was discovered on Bell HomeHub 3000 SG48222070 devices. There ...)
-	TODO: check
+	NOT-FOR-US: Bell HomeHub 3000 SG48222070 devices
 CVE-2020-11447 (An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remot ...)
-	TODO: check
+	NOT-FOR-US: Bell HomeHub 3000 SG48222070 devices
 CVE-2020-11446 (ESET Antivirus and Antispyware Module module 1553 through 1560 allows  ...)
 	NOT-FOR-US: ESET
 CVE-2020-11445 (TP-Link cloud cameras through 2020-02-09 allow remote attackers to byp ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca6ad1f8904da56c2c8326cef9105271b7b2188f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca6ad1f8904da56c2c8326cef9105271b7b2188f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231117/91b69cb5/attachment.htm>

More information about the debian-security-tracker-commits mailing list