[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 11 09:50:44 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
815d9a46 by Salvatore Bonaccorso at 2024-01-11T10:49:59+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -252,27 +252,27 @@ CVE-2023-51195
 CVE-2023-50916 (Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposu ...)
 	NOT-FOR-US: Kyocera Device Manager
 CVE-2023-50172 (A recovery notification bypass vulnerability exists in the userRecover ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-50120 (MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to ...)
 	- gpac <unfixed>
 	NOTE: https://github.com/gpac/gpac/issues/2698
 	NOTE: https://github.com/gpac/gpac/commit/b655955b840ccd7c7198bb15375aa510e76208eb
 CVE-2023-49864 (An information disclosure vulnerability exists in the aVideoEncoderRec ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-49863 (An information disclosure vulnerability exists in the aVideoEncoderRec ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-49862 (An information disclosure vulnerability exists in the aVideoEncoderRec ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-49810 (A login attempt restriction bypass vulnerability exists in the checkLo ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-49738 (An information disclosure vulnerability exists in the image404Raw.php  ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-49715 (A unrestricted php file upload vulnerability exists in the import.json ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-49599 (An insufficient entropy vulnerability exists in the salt generation fu ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-49589 (An insufficient entropy vulnerability exists in the userRecoverPass.ph ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-49471 (Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus B ...)
 	NOT-FOR-US: karlomikus Bar Assistant
 CVE-2023-49427 (Buffer Overflow vulnerability in Tenda AX12 V22.03.01.46, allows remot ...)
@@ -282,9 +282,9 @@ CVE-2023-49394 (Zentao versions 4.1.3 and before has a URL redirect vulnerabilit
 CVE-2023-48783 (AnAuthorization Bypass Through User-Controlled Key vulnerability [CWE- ...)
 	NOT-FOR-US: PortiPortal
 CVE-2023-48730 (A cross-site scripting (xss) vulnerability exists in the navbarMenuAnd ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-48728 (A cross-site scripting (xss) vulnerability exists in the functiongetOp ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-48266 (The vulnerability allows an unauthenticated remote attacker to perform ...)
 	NOT-FOR-US: Bosch
 CVE-2023-48265 (The vulnerability allows an unauthenticated remote attacker to perform ...)
@@ -336,11 +336,11 @@ CVE-2023-48243 (The vulnerability allows a remote attacker to upload arbitrary f
 CVE-2023-48242 (The vulnerability allows an authenticated remote attacker to download  ...)
 	NOT-FOR-US: Bosch
 CVE-2023-47862 (A local file inclusion vulnerability exists in the getLanguageFromBrow ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-47861 (A cross-site scripting (xss) vulnerability exists in the channelBody.p ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-47171 (An information disclosure vulnerability exists in the aVideoEncoder.js ...)
-	TODO: check
+	NOT-FOR-US: WWBN AVideo
 CVE-2023-46712 (A improper access control in Fortinet FortiPortal version 7.0.0 throug ...)
 	NOT-FOR-US: FortiGuard
 CVE-2023-45139 (fontTools is a library for manipulating fonts, written in Python. The  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/815d9a468689d26b9fc598a255c19c06b027038a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/815d9a468689d26b9fc598a255c19c06b027038a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240111/1a60bf5f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list