[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a0ac1c94 by Salvatore Bonaccorso at 2023-11-23T21:28:24+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2023-6118 (: Path Traversal: '/../filedir' vulnerability in Neutron IP Camera all ...)
-	TODO: check
+	NOT-FOR-US: Neutron IP Camera
 CVE-2023-5972 (A null pointer dereference flaw was found in the nft_inner.c functiona ...)
 	TODO: check
 CVE-2023-4677 (Cron log backup files contain administrator session IDs. It is trivial ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS Console
 CVE-2023-4595 (An information exposure vulnerability has been found, the exploitation ...)
 	TODO: check
 CVE-2023-4594 (Stored XSS vulnerability. This vulnerability could allow an attacker t ...)
@@ -11,41 +11,41 @@ CVE-2023-4594 (Stored XSS vulnerability. This vulnerability could allow an attac
 CVE-2023-4593 (Path traversal vulnerability whose exploitation could allow an authent ...)
 	TODO: check
 CVE-2023-4406 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: KC Group E-Commerce Software
 CVE-2023-49210 (The openssl (aka node-openssl) NPM package through 2.0.0 was character ...)
-	TODO: check
+	NOT-FOR-US: malicious node module
 CVE-2023-49208 (scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible b ...)
 	TODO: check
 CVE-2023-41812 (Unrestricted Upload of File with Dangerous Type vulnerability in Pando ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41811 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41810 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41808 (Improper Privilege Management vulnerability in Pandora FMS on all allo ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41807 (Improper Privilege Management vulnerability in Pandora FMS on all allo ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41806 (Improper Privilege Management vulnerability in Pandora FMS on all allo ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41792 (Cross-Site Request Forgery (CSRF) vulnerability in Pandora FMS on all  ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41791 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41790 (Uncontrolled Search Path Element vulnerability in Pandora FMS on all a ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41789 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41788 (Unrestricted Upload of File with Dangerous Type vulnerability in Pando ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41787 (Uncontrolled Search Path Element vulnerability in Pandora FMS on all a ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-41786 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Pandora FMS
 CVE-2023-3631 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Medart Health Services Medart Notification Panel
 CVE-2023-3377 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Veribilim Software Computer Veribase
 CVE-2023-33202 (Bouncy Castle for Java before 1.73 contains a potential Denial of Serv ...)
 	TODO: check
 CVE-2023-43123 (On unix-like systems, the temporary directory is shared between all us ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0ac1c9481e131d92dcee58b06ad42afe51312ce

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0ac1c9481e131d92dcee58b06ad42afe51312ce
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231123/18a9fada/attachment.htm>