[Git][security-tracker-team/security-tracker][master] Process new NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 16 08:22:25 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d177658f by Salvatore Bonaccorso at 2024-01-16T09:22:01+01:00
Process new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,57 +1,57 @@
 CVE-2024-22428 (Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Inco ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-22362 (Drupal contains a vulnerability with improper handling of structural e ...)
 	TODO: check
 CVE-2024-21674 (This High severity Remote Code Execution (RCE) vulnerability was intro ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Confluence Data Center and Server
 CVE-2024-21673 (This High severity Remote Code Execution (RCE) vulnerability was intro ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Confluence Data Center and Server
 CVE-2024-21672 (This High severity Remote Code Execution (RCE) vulnerability was intro ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Confluence Data Center and Server
 CVE-2023-7206 (In Horner Automation Cscape versions 9.90 SP10 and prior, local attack ...)
 	TODO: check
 CVE-2023-6457 (Incorrect Default Permissions vulnerability in Hitachi Tuning Manager  ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2023-52113 (launchAnyWhere vulnerability in the ActivityManagerService module. Suc ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-52112 (Unauthorized file access vulnerability in the wallpaper service module ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-52111 (Authorization vulnerability in the BootLoader module. Successful explo ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-52110 (The sensor module has an out-of-bounds access vulnerability.Successful ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-52109 (Vulnerability of trust relationships being inaccurate in distributed s ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-51810 (SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixe ...)
-	TODO: check
+	NOT-FOR-US: StackIdeas EasyDiscuss
 CVE-2023-51282 (An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain ...)
-	TODO: check
+	NOT-FOR-US: mingSoft MCMS
 CVE-2023-51257 (An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and be ...)
 	TODO: check
 CVE-2023-51059 (An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 an ...)
-	TODO: check
+	NOT-FOR-US: MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway
 CVE-2023-4566 (Vulnerability of trust relationships being inaccurate in distributed s ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-49107 (Generation of Error Message Containing Sensitive Information vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2023-49106 (Missing Password Field Masking vulnerability in Hitachi Device Manager ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2023-48104 (Alinto SOGo 5.8.0 is vulnerable to HTML Injection.)
 	TODO: check
 CVE-2023-47460 (SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a rem ...)
-	TODO: check
+	NOT-FOR-US: Knovos Discovery
 CVE-2023-47459 (An issue in Knovos Discovery v.22.67.0 allows a remote attacker to obt ...)
-	TODO: check
+	NOT-FOR-US: Knovos Discovery
 CVE-2023-44117 (Vulnerability of trust relationships being inaccurate in distributed s ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-44112 (Out-of-bounds access vulnerability in the device authentication module ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2023-43449 (An issue in HummerRisk HummerRisk v.1.10 thru 1.4.1 allows an authenti ...)
-	TODO: check
+	NOT-FOR-US: HummerRisk
 CVE-2023-41619 (Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XS ...)
-	TODO: check
+	NOT-FOR-US: Emlog Pro
 CVE-2011-10005 (A vulnerability, which was classified as critical, was found in EasyFT ...)
-	TODO: check
+	NOT-FOR-US: EasyFTP
 CVE-2024-22207 (fastify-swagger-ui is a Fastify plugin for serving Swagger UI.  Prior  ...)
 	TODO: check
 CVE-2024-20721 (Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are a ...)
@@ -65316,9 +65316,9 @@ CVE-2023-22529
 CVE-2023-22528
 	RESERVED
 CVE-2023-22527 (Summary of Vulnerability A template injection vulnerability on older v ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Confluence Data Center and Server
 CVE-2023-22526 (This High severity RCE (Remote Code Execution) vulnerability was intro ...)
-	TODO: check
+	NOT-FOR-US: Atlassian Confluence Data Center
 CVE-2023-22525
 	RESERVED
 CVE-2023-22524 (Certain versions of the Atlassian Companion App for MacOS were affecte ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d177658ff8a20a3730b38da734e4d60e8d84c932

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d177658ff8a20a3730b38da734e4d60e8d84c932
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240116/3324eb7b/attachment.htm>

More information about the debian-security-tracker-commits mailing list