[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 26 21:20:36 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2018856d by Salvatore Bonaccorso at 2023-09-26T22:19:57+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,67 +3,67 @@ CVE-2023-5197 (A use-after-free vulnerability in the Linux kernel's netfilter: n
 CVE-2023-5157 (A vulnerability was found in MariaDB. An OpenVAS port scan on ports 33 ...)
 	TODO: check
 CVE-2023-4264 (Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsy ...)
-	TODO: check
+	NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-4262 (Possible buffer overflow in Zephyr mgmt subsystem when asserts are dis ...)
-	TODO: check
+	NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-4260 (Potential off-by-one buffer overflow vulnerability in the Zephyr fuse  ...)
-	TODO: check
+	NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-4065 (A flaw was found in Red Hat AMQ Broker Operator, where it displayed a  ...)
 	TODO: check
 CVE-2023-44172 (SeaCMS V12.9 was discovered to contain an arbitrary file write vulnera ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2023-44171 (SeaCMS V12.9 was discovered to contain an arbitrary file write vulnera ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2023-44170 (SeaCMS V12.9 was discovered to contain an arbitrary file write vulnera ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2023-44169 (SeaCMS V12.9 was discovered to contain an arbitrary file write vulnera ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2023-43857 (Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scrip ...)
-	TODO: check
+	NOT-FOR-US: Dreamer CMS
 CVE-2023-43856 (Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vu ...)
-	TODO: check
+	NOT-FOR-US: Dreamer CMS
 CVE-2023-43775 (Denial-of-service vulnerability in the web server of the Eaton SMP SG- ...)
-	TODO: check
+	NOT-FOR-US: Eaton
 CVE-2023-43646 (get-func-name is a module to retrieve a function's name securely and c ...)
 	TODO: check
 CVE-2023-43614 (Cross-site scripting vulnerability in Order Data Edit page of Welcart  ...)
-	TODO: check
+	NOT-FOR-US: Welcart e-Commerce
 CVE-2023-43610 (SQL injection vulnerability in Order Data Edit page of Welcart e-Comme ...)
-	TODO: check
+	NOT-FOR-US: Welcart e-Commerce
 CVE-2023-43493 (SQL injection vulnerability in Item List page of Welcart e-Commerce ve ...)
-	TODO: check
+	NOT-FOR-US: Welcart e-Commerce
 CVE-2023-43484 (Cross-site scripting vulnerability in Item List page of Welcart e-Comm ...)
-	TODO: check
+	NOT-FOR-US: Welcart e-Commerce
 CVE-2023-43234 (DedeBIZ v6.2.11 was discovered to contain multiple remote code executi ...)
-	TODO: check
+	NOT-FOR-US: DedeBIZ
 CVE-2023-43222 (SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2023-43216 (SeaCMS V12.9 was discovered to contain an arbitrary file write vulnera ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2023-42460 (Vyper is a Pythonic Smart Contract Language for the EVM. The `_abi_dec ...)
-	TODO: check
+	NOT-FOR-US: Vyper
 CVE-2023-41962 (Cross-site scripting vulnerability in Credit Card Payment Setup page o ...)
-	TODO: check
+	NOT-FOR-US: Welcart e-Commerce
 CVE-2023-41904 (Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass (for Au ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2023-41233 (Cross-site scripting vulnerability in Item List page registration proc ...)
-	TODO: check
+	NOT-FOR-US: Welcart e-Commerce
 CVE-2023-40532 (Path traversal vulnerability in Welcart e-Commerce versions 2.7 to 2.8 ...)
-	TODO: check
+	NOT-FOR-US: Welcart e-Commerce
 CVE-2023-40219 (Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or ...)
-	TODO: check
+	NOT-FOR-US: Welcart e-Commerce
 CVE-2023-39378 (SiberianCMS - CWE-89: Improper Neutralization of Special Elements used ...)
-	TODO: check
+	NOT-FOR-US: SiberianCMS
 CVE-2023-39377 (SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type ...)
-	TODO: check
+	NOT-FOR-US: SiberianCMS
 CVE-2023-39376 (SiberianCMS - CWE-284 Improper Access Control Authorized user may disa ...)
-	TODO: check
+	NOT-FOR-US: SiberianCMS
 CVE-2023-39375 (SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges)
-	TODO: check
+	NOT-FOR-US: SiberianCMS
 CVE-2023-39347 (Cilium is a networking, observability, and security solution with an e ...)
 	TODO: check
 CVE-2023-34043 (VMware Aria Operations contains a local privilege escalation vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2023-32541 (A use-after-free vulnerability exists in the footerr functionality of  ...)
 	TODO: check
 CVE-2023-5176



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2018856d64af0fe9e0141cd7ec5d19811e594810

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2018856d64af0fe9e0141cd7ec5d19811e594810
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230926/3e39c68d/attachment.htm>

More information about the debian-security-tracker-commits mailing list