[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jan 12 10:07:28 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b6c3b8ce by Moritz Muehlenhoff at 2024-01-12T11:07:04+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,23 +7,23 @@ CVE-2023-5356
 CVE-2023-7028
 	- gitlab <unfixed>
 CVE-2024-23179 (An issue was discovered in the GlobalBlocking extension in MediaWiki b ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki extension GlobalBlocking
 CVE-2024-23178 (An issue was discovered in the Phonos extension in MediaWiki before 1. ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki extension Phonos
 CVE-2024-23177 (An issue was discovered in the WatchAnalytics extension in MediaWiki b ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki extension WatchAnalytics
 CVE-2024-23174 (An issue was discovered in the PageTriage extension in MediaWiki befor ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki extension PageTriage
 CVE-2024-23173 (An issue was discovered in the Cargo extension in MediaWiki before 1.3 ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki extension Cargo
 CVE-2024-23172 (An issue was discovered in the CheckUser extension in MediaWiki before ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki extension CheckUser
 CVE-2024-23171 (An issue was discovered in the CampaignEvents extension in MediaWiki b ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki extension CampaignEvents
 CVE-2024-22027 (Improper input validation vulnerability in WordPress Quiz Maker Plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-21982 (ONTAP versions 9.4 and higher are susceptible to a vulnerability  whic ...)
-	TODO: check
+	NOT-FOR-US: ONTAP
 CVE-2024-21617 (An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) co ...)
 	NOT-FOR-US: Juniper
 CVE-2024-21616 (An Improper Validation of Syntactic Correctness of Input vulnerability ...)
@@ -69,63 +69,63 @@ CVE-2024-21587 (An Improper Handling of Exceptional Conditions vulnerability in
 CVE-2024-21585 (An Improper Handling of Exceptional Conditions vulnerability in BGP se ...)
 	NOT-FOR-US: Juniper
 CVE-2024-21337 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-20675 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-0454 (ELAN Match-on-Chip FPR solution has design fault about potential risk  ...)
-	TODO: check
+	NOT-FOR-US: ELAN Match-on-Chip FPR
 CVE-2024-0426 (A vulnerability, which was classified as critical, has been found in F ...)
-	TODO: check
+	NOT-FOR-US: ForU CMS
 CVE-2024-0393
 	REJECTED
 CVE-2023-7226 (A vulnerability was found in meetyoucrop big-whale 1.1 and classified  ...)
-	TODO: check
+	NOT-FOR-US: meetyoucrop big-whale
 CVE-2023-6740 (Privilege escalation in jar_signature agent plugin in Checkmk before 2 ...)
-	TODO: check
+	- check-mk <removed>
 CVE-2023-6735 (Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17 ...)
-	TODO: check
+	- check-mk <removed>
 CVE-2023-6040 (An out-of-bounds access vulnerability involving netfilter was reported ...)
 	TODO: check
 CVE-2023-52339 (In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can  ...)
 	TODO: check
 CVE-2023-51350 (A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain  ...)
-	TODO: check
+	NOT-FOR-US: ujcms
 CVE-2023-50920 (An issue was discovered on GL.iNet devices before version 4.5.0. They  ...)
-	TODO: check
+	NOT-FOR-US: GL.iNet
 CVE-2023-50919 (An issue was discovered on GL.iNet devices before version 4.5.0. There ...)
-	TODO: check
+	NOT-FOR-US: GL.iNet
 CVE-2023-50129 (Missing encryption in the NFC tags of the Flient Smart Door Lock v1.0  ...)
-	TODO: check
+	NOT-FOR-US: Flient Smart Door Lock
 CVE-2023-50128 (The remote keyless system of the Hozard alarm system (alarmsystemen) v ...)
-	TODO: check
+	NOT-FOR-US: Hozard alarm system
 CVE-2023-50127 (Hozard alarm system (Alarmsysteem) v1.0 is vulnerable to Improper Auth ...)
-	TODO: check
+	NOT-FOR-US: Hozard alarm system
 CVE-2023-50126 (Missing encryption in the RFID tags of the Hozard alarm system (Alarms ...)
-	TODO: check
+	NOT-FOR-US: Hozard alarm system
 CVE-2023-50125 (A default engineer password set on the Hozard alarm system (Alarmsyste ...)
-	TODO: check
+	NOT-FOR-US: Hozard alarm system
 CVE-2023-50124 (Flient Smart Door Lock v1.0 is vulnerable to Use of Default Credential ...)
-	TODO: check
+	NOT-FOR-US: Flient Smart Door Lock
 CVE-2023-50123 (The number of attempts to bring the Hozard Alarm system (alarmsystemen ...)
-	TODO: check
+	NOT-FOR-US: Hozard alarm system
 CVE-2023-46474 (File Upload vulnerability PMB v.7.4.8 allows a remote attacker to exec ...)
-	TODO: check
+	NOT-FOR-US: PMB
 CVE-2023-40362 (An issue was discovered in CentralSquare Click2Gov Building Permit bef ...)
-	TODO: check
+	NOT-FOR-US: CentralSquare Click2Gov Building Permit
 CVE-2023-40250 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
-	TODO: check
+	NOT-FOR-US: Hancom
 CVE-2023-37117 (A heap-use-after-free vulnerability was found in live555 version 2023. ...)
 	TODO: check
 CVE-2023-36842 (An Improper Check for Unusual or Exceptional Conditions vulnerability  ...)
 	NOT-FOR-US: Juniper
 CVE-2023-34061 (Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are v ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2022-4961 (A vulnerability was found in Weitong Mall 1.0.0. It has been declared  ...)
-	TODO: check
+	NOT-FOR-US: Weitong Mall
 CVE-2022-4960 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: cloudfavorites
 CVE-2022-4959 (A vulnerability classified as problematic was found in qkmc-rk redbbs  ...)
-	TODO: check
+	NOT-FOR-US: qkmc-rk redbbs
 CVE-2022-48620 (uev (aka libuev) before 2.4.1 has a buffer overflow in epoll_wait if m ...)
 	TODO: check
 CVE-2022-48619 (An issue was discovered in drivers/input/input.c in the Linux kernel b ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6c3b8ce1252568e5c8cea192f6b1fe2776188a4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6c3b8ce1252568e5c8cea192f6b1fe2776188a4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240112/11d382e9/attachment.htm>

More information about the debian-security-tracker-commits mailing list