[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Oct 8 09:33:44 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3abea8a4 by Salvatore Bonaccorso at 2023-10-08T10:33:13+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,51 +1,51 @@
 CVE-2023-40654 (In FW-PackageManager, there is a possible missing permission check. Th ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40653 (In FW-PackageManager, there is a possible missing permission check. Th ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40652 (In jpg driver, there is a possible out of bounds write due to improper ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40651 (In urild service, there is a possible out of bounds write due to a mis ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40650 (In Telecom service, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40649 (In Messaging, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40648 (In Messaging, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40647 (In Messaging, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40646 (In Messaging, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40645 (In Messaging, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40644 (In Messaging, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40643 (In Messaging, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40642 (In Messaging, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40641 (In Messaging, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40640 (In SoundRecorder service, there is a possible missing permission check ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40639 (In SoundRecorder service, there is a possible missing permission check ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40638 (In Telecom service, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40637 (In telecom service, there is a possible missing permission check. This ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40636 (In telecom service, there is a possible way to write permission usage  ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40635 (In linkturbo, there is a possible missing permission check. This could ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40634 (In phasechecksercer, there is a possible missing permission check. Thi ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40633 (In phasecheckserver, there is a possible missing permission check. Thi ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40632 (In jpg driver, there is a possible use after free due to a logic error ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-40631 (In Dialer, there is a possible missing permission check. This could le ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2023-5182 (Sensitive data could be exposed in logs of subiquity version 23.09.1 a ...)
 	TODO: check
 CVE-2023-45322 (libxml2 through 2.11.5 has a use-after-free that can only occur after  ...)
@@ -60,13 +60,13 @@ CVE-2023-45322 (libxml2 through 2.11.5 has a use-after-free that can only occur
 CVE-2023-45199 (Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can ...)
 	TODO: check
 CVE-2023-44860 (An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker t ...)
-	TODO: check
+	NOT-FOR-US: NETIS SYSTEMS
 CVE-2023-44061 (File Upload vulnerability in Simple and Nice Shopping Cart Script v.1. ...)
-	TODO: check
+	NOT-FOR-US: File Upload vulnerability in Simple and Nice Shopping Cart Script
 CVE-2023-43615 (Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.)
 	TODO: check
 CVE-2023-36123 (Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 ...)
-	TODO: check
+	NOT-FOR-US: Hex-Dragon Plain Craft Launcher 2
 CVE-2023-5452 (Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-i ...)
 	- snipe-it <itp> (bug #1005172)
 CVE-2023-5214 (In Puppet Bolt versions prior to 3.27.4, a path to escalate privileges ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3abea8a4883dd02d43767d91255748a66c758dc8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3abea8a4883dd02d43767d91255748a66c758dc8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231008/931225e7/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list