[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Feb 16 05:22:10 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
88efec03 by Salvatore Bonaccorso at 2024-02-16T06:21:44+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -44633,7 +44633,7 @@ CVE-2023-29152 (By changing the filename parameter in the request, an attacker c
CVE-2023-28822
RESERVED
CVE-2023-28745 (Uncontrolled search path in Intel(R) QSFP+ Configuration Utility softw ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-28737 (Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integr ...)
NOT-FOR-US: Intel
CVE-2023-28719
@@ -46401,13 +46401,13 @@ CVE-2023-29504 (Uncontrolled search path element in some Intel(R) RealSense(TM)
CVE-2023-29500 (Exposure of sensitive information to an unauthorized actor in BIOS fir ...)
NOT-FOR-US: Intel
CVE-2023-29162 (Improper buffer restrictions in some Intel(R) C++ Compiler Classic bef ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-28740 (Uncontrolled search path element in some Intel(R) QAT drivers for Wind ...)
NOT-FOR-US: Intel
CVE-2023-28722 (Improper buffer restrictions for some Intel NUC BIOS firmware before v ...)
NOT-FOR-US: Intel
CVE-2023-28407 (Uncontrolled search path in some Intel(R) XTU software before version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-28388 (Uncontrolled search path element in some Intel(R) Chipset Device Softw ...)
NOT-FOR-US: Intel
CVE-2023-27885
@@ -49342,7 +49342,7 @@ CVE-2023-28823 (Uncontrolled search path in some Intel(R) oneAPI Toolkit and com
CVE-2023-28741 (Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version ...)
NOT-FOR-US: Intel
CVE-2023-28715 (Improper access control in some Intel(R) oneAPI Toolkit and component ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-28397 (Improper access control in some Intel(R) Aptio* V UEFI Firmware Integr ...)
NOT-FOR-US: Intel
CVE-2023-28396 (Improper access control in firmware for some Intel(R) Thunderbol(TM) C ...)
@@ -51279,7 +51279,7 @@ CVE-2023-28940
CVE-2023-28939
RESERVED
CVE-2023-28739 (Incorrect default permissions in some Intel(R) Chipset Driver Software ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-28738 (Improper input validation for some Intel NUC BIOS firmware before vers ...)
NOT-FOR-US: Intel
CVE-2023-28721
@@ -54493,7 +54493,7 @@ CVE-2023-28080 (PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hija
CVE-2023-28079 (PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains Insecure File ...)
NOT-FOR-US: PowerPath
CVE-2023-28078 (Dell OS10 Networking Switches running 10.5.2.x and above contain a vul ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-28077 (Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 cont ...)
NOT-FOR-US: Dell
CVE-2023-28076 (CloudLink 7.1.2 and all prior versions contain a broken or risky crypt ...)
@@ -54832,7 +54832,7 @@ CVE-2023-27977 (A CWE-345: Insufficient Verification of Data Authenticity vulner
CVE-2023-27976 (A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists t ...)
NOT-FOR-US: Schneider
CVE-2023-27975 (CWE-522: Insufficiently Protected Credentials vulnerability exists tha ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2023-27974 (Bitwarden through 2023.2.1 offers password auto-fill when the second-l ...)
NOT-FOR-US: Bitwarden
CVE-2023-27973 (Certain HP LaserJet Pro print products are potentially vulnerable to H ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88efec030b8d9bd147d2ba4a9a0f0ef2349874d3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88efec030b8d9bd147d2ba4a9a0f0ef2349874d3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240216/e6cb8199/attachment.htm>
More information about the debian-security-tracker-commits
mailing list