[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 4 20:33:28 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c03a94fc by Salvatore Bonaccorso at 2024-01-04T21:33:02+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2024-21625 (SideQuest is a place to get virtual reality applications for Oculus Qu ...)
-	TODO: check
+	NOT-FOR-US: SideQuest
 CVE-2023-7044 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-6992 (Cloudflare version of zlib library was found to be vulnerable to memor ...)
 	TODO: check
 CVE-2023-6551 (As a simple library, class.upload.php does not perform an in-depth che ...)
-	TODO: check
+	NOT-FOR-US: class.upload.php library
 CVE-2023-6270 (A flaw was found in the ATA over Ethernet (AoE) driver in the Linux ke ...)
 	- linux <unfixed>
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-CAN-22236
@@ -14,45 +14,45 @@ CVE-2023-5619
 CVE-2023-5442
 	REJECTED
 CVE-2023-51812 (Tenda AX3 v16.03.12.11 was discovered to contain a remote code executi ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2023-51154 (Jizhicms v2.5 was discovered to contain an arbitrary file download vul ...)
-	TODO: check
+	NOT-FOR-US: Jizhicms
 CVE-2023-50867 (Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Inje ...)
-	TODO: check
+	NOT-FOR-US: Travel Website
 CVE-2023-50866 (Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Inje ...)
-	TODO: check
+	NOT-FOR-US: Travel Website
 CVE-2023-50865 (Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Inje ...)
-	TODO: check
+	NOT-FOR-US: Travel Website
 CVE-2023-50864 (Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Inje ...)
-	TODO: check
+	NOT-FOR-US: Travel Website
 CVE-2023-50863 (Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Inje ...)
-	TODO: check
+	NOT-FOR-US: Travel Website
 CVE-2023-50862 (Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Inje ...)
-	TODO: check
+	NOT-FOR-US: Travel Website
 CVE-2023-50760 (Online Notice Board System v1.0 is vulnerable to an Insecure File Uplo ...)
-	TODO: check
+	NOT-FOR-US: Online Notice Board System
 CVE-2023-50753 (Online Notice Board System v1.0 is vulnerable to multiple Unauthentica ...)
-	TODO: check
+	NOT-FOR-US: Online Notice Board System
 CVE-2023-50752 (Online Notice Board System v1.0 is vulnerable to multiple Unauthentica ...)
-	TODO: check
+	NOT-FOR-US: Online Notice Board System
 CVE-2023-50743 (Online Notice Board System v1.0 is vulnerable to multiple Unauthentica ...)
-	TODO: check
+	NOT-FOR-US: Online Notice Board System
 CVE-2023-49666 (Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL In ...)
-	TODO: check
+	NOT-FOR-US: Billing Software
 CVE-2023-49665 (Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL In ...)
-	TODO: check
+	NOT-FOR-US: Billing Software
 CVE-2023-49658 (Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL In ...)
-	TODO: check
+	NOT-FOR-US: Billing Software
 CVE-2023-49639 (Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL In ...)
-	TODO: check
+	NOT-FOR-US: Billing Software
 CVE-2023-49633 (Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL In ...)
-	TODO: check
+	NOT-FOR-US: Billing Software
 CVE-2023-49625 (Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL In ...)
-	TODO: check
+	NOT-FOR-US: Billing Software
 CVE-2023-49624 (Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL In ...)
-	TODO: check
+	NOT-FOR-US: Billing Software
 CVE-2023-49622 (Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL In ...)
-	TODO: check
+	NOT-FOR-US: Billing Software
 CVE-2023-3726 (OCSInventory allow stored email template with special characters that  ...)
 	TODO: check
 CVE-2024-21634 (Amazon Ion is a Java implementation of the Ion data notation. Prior to ...)
@@ -146207,7 +146207,7 @@ CVE-2021-45467 (In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.
 CVE-2021-45466 (In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107,  ...)
 	NOT-FOR-US: CentOS Web Panel
 CVE-2021-45465 (A vulnerability has been identified in syngo fastView (All versions).  ...)
-	TODO: check
+	NOT-FOR-US: syngo fastView
 CVE-2021-4160 (There is a carry propagation bug in the MIPS32 and MIPS64 squaring pro ...)
 	{DSA-5103-1}
 	- openssl 1.1.1m-1
@@ -160598,7 +160598,7 @@ CVE-2021-42030
 CVE-2021-42029 (A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 ...)
 	NOT-FOR-US: Siemens
 CVE-2021-42028 (A vulnerability has been identified in syngo fastView (All versions).  ...)
-	TODO: check
+	NOT-FOR-US: syngo fastView
 CVE-2021-42027 (A vulnerability has been identified in SINUMERIK Edge (All versions <  ...)
 	NOT-FOR-US: Siemens
 CVE-2021-42026 (A vulnerability has been identified in Mendix Applications using Mendi ...)
@@ -164949,7 +164949,7 @@ CVE-2021-40369 (A carefully crafted plugin link invocation could trigger an XSS
 CVE-2021-40368 (A vulnerability has been identified in  SIMATIC S7-400 CPU 412-1 DP V7 ...)
 	NOT-FOR-US: Siemens
 CVE-2021-40367 (A vulnerability has been identified in syngo fastView (All versions).  ...)
-	TODO: check
+	NOT-FOR-US: syngo fastView
 CVE-2021-40366 (A vulnerability has been identified in Climatix POL909 (AWB module) (A ...)
 	NOT-FOR-US: Siemens
 CVE-2021-40365 (Affected devices don't process correctly certain special crafted packe ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c03a94fcb0576d377cacfce5c0790e8e2843890e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c03a94fcb0576d377cacfce5c0790e8e2843890e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240104/b5e19464/attachment.htm>

More information about the debian-security-tracker-commits mailing list