[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 5 21:22:05 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
94125b7a by Salvatore Bonaccorso at 2023-09-05T22:21:50+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,33 +3,33 @@ CVE-2023-4781 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
 CVE-2023-4778 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.)
 	TODO: check
 CVE-2023-4531 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Mestav Software E-commerce Software
 CVE-2023-4480 (Due to an out-of-date dependency in the \u201cFusion File Manager\u201 ...)
 	TODO: check
 CVE-2023-4178 (Authentication Bypass by Spoofing vulnerability in Neutron Neutron Sma ...)
-	TODO: check
+	NOT-FOR-US: Neutron Smart VMS
 CVE-2023-4034 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Digita Information Technology Smartrise Document Management System
 CVE-2023-41317 (The Apollo Router is a configurable, high-performance graph router wri ...)
 	TODO: check
 CVE-2023-41108 (TEF portal 2023-07-17 is vulnerable to authenticated remote code execu ...)
-	TODO: check
+	NOT-FOR-US: TEF portal
 CVE-2023-41107 (TEF portal 2023-07-17 is vulnerable to a persistent cross site scripti ...)
-	TODO: check
+	NOT-FOR-US: TEF portal
 CVE-2023-41012 (An issue in China Mobile Communications China Mobile Intelligent Home  ...)
-	TODO: check
+	NOT-FOR-US: China Mobile Communications China Mobile Intelligent Home Gateway 
 CVE-2023-41009 (File Upload vulnerability in adlered bolo-solo v.2.6 allows a remote a ...)
 	TODO: check
 CVE-2023-40918 (KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unautho ...)
-	TODO: check
+	NOT-FOR-US: KnowStreaming
 CVE-2023-3616 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Mava Software Hotel Management System
 CVE-2023-3375 (Unrestricted Upload of File with Dangerous Type vulnerability in Bookr ...)
-	TODO: check
+	NOT-FOR-US: Bookreen
 CVE-2023-3374 (Incomplete List of Disallowed Inputs vulnerability in Bookreen allows  ...)
-	TODO: check
+	NOT-FOR-US: Bookreen
 CVE-2023-39681 (Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) ...)
-	TODO: check
+	NOT-FOR-US: Cuppa CMS
 CVE-2023-39654 (abupy up to v0.4.0 was discovered to contain a SQL injection vulnerabi ...)
 	TODO: check
 CVE-2023-39598 (Cross Site Scripting vulnerability in IceWarp Corporation WebClient v. ...)
@@ -143515,7 +143515,7 @@ CVE-2021-40548
 CVE-2021-40547
 	RESERVED
 CVE-2021-40546 (Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2021-40545
 	RESERVED
 CVE-2021-40544



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94125b7aaa22ffeae157c4972ab23569cc129ac0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94125b7aaa22ffeae157c4972ab23569cc129ac0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230905/47a729c0/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list