[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 1 13:31:32 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ac09fbc3 by Salvatore Bonaccorso at 2024-08-01T14:31:02+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -103534,7 +103534,7 @@ CVE-2023-1579 (Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_ge
 CVE-2023-1578 (SQL Injection in GitHub repository pimcore/pimcore prior to 10.5.19.)
 	NOT-FOR-US: pimcore
 CVE-2023-1577 (A path hijacking vulnerability was reported in Lenovo Driver Manager p ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2023-1576
 	REJECTED
 CVE-2023-1575 (The Mega Main Menu plugin for WordPress is vulnerable to Stored Cross- ...)
@@ -133663,11 +133663,11 @@ CVE-2022-45437 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2022-45436 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: Pandora FMS
 CVE-2022-4003 (A denial-of-service vulnerability could allow an authenticated user to ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2022-4002 (A command injection vulnerability could allow an authenticated user to ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2022-4001 (An authentication bypass vulnerability could allow an attacker to acce ...)
-	TODO: check
+	NOT-FOR-US: Motorola
 CVE-2022-4000 (The WooCommerce Shipping WordPress plugin through 1.2.11 does not sani ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-3999 (The DPD Baltic Shipping WordPress plugin before 1.2.57 does not have a ...)
@@ -399359,9 +399359,9 @@ CVE-2019-6200 (An out-of-bounds read was addressed with improved input validatio
 CVE-2019-6199
 	RESERVED
 CVE-2019-6198 (A vulnerability was reported in Lenovo PC Manager prior to version2.8. ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2019-6197 (A vulnerability was reported in Lenovo PC Manager prior to version 2.8 ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2019-6196 (A symbolic link vulnerability in some Lenovo installation packages, pr ...)
 	NOT-FOR-US: Lenovo
 CVE-2019-6195 (An authorization bypass exists in Lenovo XClarity Controller (XCC) ver ...)
@@ -512294,7 +512294,7 @@ CVE-2017-3774 (A stack overflow vulnerability was discovered within the web admi
 CVE-2017-3773
 	REJECTED
 CVE-2017-3772 (A vulnerability was reported in Lenovo PC Manager versions prior to 2. ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2017-3771 (System boot process is not adequately secured In Lenovo E95 and ThinkC ...)
 	NOT-FOR-US: Lenovo
 CVE-2017-3770 (Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac09fbc3148aa3e4a28d75141e24a8e22fb07fe6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac09fbc3148aa3e4a28d75141e24a8e22fb07fe6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240801/3dab5c5a/attachment.htm>

More information about the debian-security-tracker-commits mailing list