[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Mar 4 20:21:59 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f788af44 by Salvatore Bonaccorso at 2024-03-04T21:20:22+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,87 +1,87 @@
 CVE-2024-2167
 	REJECTED
 CVE-2024-2048 (Vault and Vault Enterprise (\u201cVault\u201d) TLS certificate auth me ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Vault
 CVE-2024-27889 (Multiple SQL Injection vulnerabilities exist in the reporting applicat ...)
-	TODO: check
+	NOT-FOR-US: Arista
 CVE-2024-27694 (FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CS ...)
-	TODO: check
+	NOT-FOR-US: FlyCms
 CVE-2024-27684 (A Cross-site scripting (XSS) vulnerability in dlapn.cgi, dldongle.cgi, ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-27680 (Flusity-CMS v2.33 is vulnerable to Cross Site Scripting (XSS) in the " ...)
-	TODO: check
+	NOT-FOR-US: Flusity-CMS
 CVE-2024-27668 (Flusity-CMS v2.33 is affected by: Cross Site Scripting (XSS) in 'Custo ...)
-	TODO: check
+	NOT-FOR-US: Flusity-CMS
 CVE-2024-27199 (In JetBrains TeamCity before 2023.11.4 path traversal allowing to perf ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2024-27198 (In JetBrains TeamCity before 2023.11.4 authentication bypass allowing  ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2024-24901 (Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient lo ...)
-	TODO: check
+	NOT-FOR-US: Dell PowerScale OneFS
 CVE-2024-22463 (Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken ...)
-	TODO: check
+	NOT-FOR-US: Dell PowerScale OneFS
 CVE-2024-22452 (Dell Display and Peripheral Manager for macOS prior to 1.3 contains an ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-1788
 	REJECTED
 CVE-2024-0686
 	REJECTED
 CVE-2024-0156 (Dell Digital Delivery, versions prior to 5.0.86.0, contain a Buffer Ov ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-0155 (Dell Digital Delivery, versions prior to 5.0.86.0, contain a Use After ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2023-6241 (Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm ...)
 	TODO: check
 CVE-2023-6143 (Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm ...)
 	TODO: check
 CVE-2023-6068 (On affected 7130 Series FPGA platforms running MOS and recent versions ...)
-	TODO: check
+	NOT-FOR-US: Arista
 CVE-2023-5451 (Forcepoint  NGFW Security Management Center Management Server has SMC  ...)
-	TODO: check
+	NOT-FOR-US: Forcepoint
 CVE-2023-43553 (Memory corruption while parsing beacon/probe response frame when AP se ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43552 (Memory corruption while processing MBSSID beacon containing several su ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43550 (Memory corruption while processing a QMI request for allocating memory ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43549 (Memory corruption while processing TPC target power table in FTM TPC.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43548 (Memory corruption while parsing qcp clip with invalid chunk data size.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43547 (Memory corruption while invoking IOCTLs calls in Automotive Multimedia ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43546 (Memory corruption while invoking HGSL IOCTL context create.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43541 (Memory corruption while invoking the SubmitCommands call on Gfx engine ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43540 (Memory corruption while processing the IOCTL FM HCI WRITE request.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43539 (Transient DOS while processing an improperly formatted 802.11az Fine T ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-38362 (IBM CICS TX Advanced 10.1 could disclose sensitive information to a re ...)
 	NOT-FOR-US: IBM
 CVE-2023-38360 (IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
 CVE-2023-33105 (Transient DOS in WLAN Host and Firmware when large number of open auth ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33104 (Transient DOS while processing PDU Release command with a parameter PD ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33103 (Transient DOS while processing CAG info IE received from NW.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33096 (Transient DOS while processing DL NAS Transport message, as specified  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33095 (Transient DOS while processing multiple payload container type with in ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33090 (Transient DOS while processing channel information for speaker protect ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33086 (Transient DOS while processing multiple IKEV2 Informational Request to ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33084 (Transient DOS while processing IE fragments from server during DTLS ha ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33078 (Information Disclosure while processing IOCTL request in FastRPC.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33066 (Memory corruption in Audio while processing RT proxy port register dri ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-32331 (IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow  ...)
 	NOT-FOR-US: IBM
 CVE-2021-47108 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
@@ -57610,7 +57610,7 @@ CVE-2023-28584 (Transient DOS in WLAN Host when a mobile station receives invali
 CVE-2023-28583 (Memory corruption when IPv6 prefix timer object`s lifetime expires whi ...)
 	NOT-FOR-US: Qualcomm
 CVE-2023-28582 (Memory corruption in Data Modem while verifying hello-verify message d ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-28581 (Memory corruption in WLAN Firmware while parsing receieved GTK Keys in ...)
 	NOT-FOR-US: Qualcomm
 CVE-2023-28580 (Memory corruption in WLAN Host while setting the PMK length in PMK len ...)
@@ -57618,7 +57618,7 @@ CVE-2023-28580 (Memory corruption in WLAN Host while setting the PMK length in P
 CVE-2023-28579 (Memory Corruption in WLAN Host while deserializing the input PMK bytes ...)
 	NOT-FOR-US: Qualcomm
 CVE-2023-28578 (Memory corruption in Core Services while executing the command for rem ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-28577 (In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no ch ...)
 	NOT-FOR-US: Qualcomm
 CVE-2023-28576 (The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f788af445eee92bc4ae46dbe87912b4da3cc70ee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f788af445eee92bc4ae46dbe87912b4da3cc70ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240304/d08e764e/attachment.htm>

More information about the debian-security-tracker-commits mailing list