[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 06 Feb 2023 13:02:10 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
005711b1 by Salvatore Bonaccorso at 2023-02-06T22:01:26+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -604,7 +604,7 @@ CVE-2023-0687 (A vulnerability was found in GNU C Library 
2.38. It has been decl
        NOTE: 
https://patchwork.sourceware.org/project/glibc/patch/[email protected]/
        TODO: check
 CVE-2023-0686 (A vulnerability was found in SourceCodester Online Eyewear Shop 
1.0. I ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Online Eyewear Shop
 CVE-2023-0685
        RESERVED
 CVE-2023-0684
@@ -618,7 +618,7 @@ CVE-2023-0681
 CVE-2023-0680
        RESERVED
 CVE-2023-0679 (A vulnerability was found in SourceCodester Canteen Management 
System  ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Canteen Management System
 CVE-2022-48316
        RESERVED
 CVE-2022-48315
@@ -648,7 +648,7 @@ CVE-2023-25194
 CVE-2022-4902 (A vulnerability classified as problematic has been found in eXo 
Chat A ...)
        TODO: check
 CVE-2020-36660 (A vulnerability was found in paxswill EVE Ship Replacement 
Program 0.1 ...)
-       TODO: check
+       NOT-FOR-US: paxswill EVE Ship Replacement Program
 CVE-2017-20177
        RESERVED
 CVE-2015-10073
@@ -3295,29 +3295,29 @@ CVE-2023-24204
 CVE-2023-24203
        RESERVED
 CVE-2023-24202 (Raffle Draw System v1.0 was discovered to contain a local file 
inclusi ...)
-       TODO: check
+       NOT-FOR-US: Raffle Draw System
 CVE-2023-24201 (Raffle Draw System v1.0 was discovered to contain a SQL 
injection vuln ...)
-       TODO: check
+       NOT-FOR-US: Raffle Draw System
 CVE-2023-24200 (Raffle Draw System v1.0 was discovered to contain a SQL 
injection vuln ...)
-       TODO: check
+       NOT-FOR-US: Raffle Draw System
 CVE-2023-24199 (Raffle Draw System v1.0 was discovered to contain a SQL 
injection vuln ...)
-       TODO: check
+       NOT-FOR-US: Raffle Draw System
 CVE-2023-24198 (Raffle Draw System v1.0 was discovered to contain multiple SQL 
injecti ...)
-       TODO: check
+       NOT-FOR-US: Raffle Draw System
 CVE-2023-24197 (Online Food Ordering System v2 was discovered to contain a SQL 
injecti ...)
-       TODO: check
+       NOT-FOR-US: Online Food Ordering System
 CVE-2023-24196
        RESERVED
 CVE-2023-24195 (Online Food Ordering System v2 was discovered to contain a 
cross-site  ...)
-       TODO: check
+       NOT-FOR-US: Online Food Ordering System
 CVE-2023-24194 (Online Food Ordering System v2 was discovered to contain a 
cross-site  ...)
-       TODO: check
+       NOT-FOR-US: Online Food Ordering System
 CVE-2023-24193
        RESERVED
 CVE-2023-24192 (Online Food Ordering System v2 was discovered to contain a 
cross-site  ...)
-       TODO: check
+       NOT-FOR-US: Online Food Ordering System
 CVE-2023-24191 (Online Food Ordering System v2 was discovered to contain a 
cross-site  ...)
-       TODO: check
+       NOT-FOR-US: Online Food Ordering System
 CVE-2023-24190
        RESERVED
 CVE-2023-24189
@@ -4110,7 +4110,7 @@ CVE-2023-0402 (The Social Warfare plugin for WordPress is 
vulnerable to authoriz
 CVE-2023-0401
        RESERVED
 CVE-2023-0400 (The protection bypass vulnerability in DLP for Windows 11.9.x 
is addre ...)
-       TODO: check
+       NOT-FOR-US: DLP for Windows
 CVE-2023-0399
        RESERVED
 CVE-2023-0398 (Cross-Site Request Forgery (CSRF) in GitHub repository 
modoboa/modoboa ...)
@@ -7057,9 +7057,9 @@ CVE-2023-0126 (Pre-authentication path traversal 
vulnerability in SMA1000 firmwa
 CVE-2023-0125 (A vulnerability was found in Control iD Panel. It has been 
declared as ...)
        NOT-FOR-US: Control iD Panel
 CVE-2023-0124 (Delta Electronics DOPSoft versions 4.00.16.22 and prior are 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics DOPSoft
 CVE-2023-0123 (Delta Electronics DOPSoft versions 4.00.16.22 and prior are 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics DOPSoft
 CVE-2022-48251 (** DISPUTED ** The AES instructions on the ARMv8 platform do 
not have  ...)
        NOT-FOR-US: ARM hardware design issue
 CVE-2021-46871 (tag.ex in Phoenix Phoenix.HTML (aka phoenix_html) before 3.0.4 
allows  ...)
@@ -8883,9 +8883,9 @@ CVE-2022-48167
 CVE-2022-48166
        RESERVED
 CVE-2022-48165 (An access control issue in the component 
/cgi-bin/ExportLogs.sh of Wav ...)
-       TODO: check
+       NOT-FOR-US: Wavlink
 CVE-2022-48164 (An access control issue in the component 
/cgi-bin/ExportLogs.sh of Wav ...)
-       TODO: check
+       NOT-FOR-US: Wavlink
 CVE-2022-48163
        RESERVED
 CVE-2022-48162
@@ -8933,7 +8933,7 @@ CVE-2022-48142
 CVE-2022-48141
        RESERVED
 CVE-2022-48140 (DedeCMS v5.7.97 was discovered to contain a cross-site 
scripting (XSS) ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2022-48139
        RESERVED
 CVE-2022-48138
@@ -9049,13 +9049,13 @@ CVE-2022-48084
 CVE-2022-48083
        RESERVED
 CVE-2022-48082 (Easyone CRM v5.50.02 was discovered to contain a SQL Injection 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Easyone CRM
 CVE-2022-48081
        RESERVED
 CVE-2022-48080
        RESERVED
 CVE-2022-48079 (Monnai aaPanel host system v1.5 contains an access control 
issue which ...)
-       TODO: check
+       NOT-FOR-US: Monnai aaPanel host system
 CVE-2022-48078 (pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was 
discovered t ...)
        TODO: check
 CVE-2022-48077
@@ -9175,7 +9175,7 @@ CVE-2022-48021 (A vulnerability in Zammad v5.3.0 allows 
attackers to execute arb
 CVE-2022-48020
        RESERVED
 CVE-2022-48019 (The components wfshbr64.sys and wfshbr32.sys in Another Eden 
before v3 ...)
-       TODO: check
+       NOT-FOR-US: Another Eden
 CVE-2022-48018
        RESERVED
 CVE-2022-48017
@@ -10134,7 +10134,7 @@ CVE-2022-46733 (Sewio&#8217;s Real-Time Location System 
(RTLS) Studio version 2.
 CVE-2022-46658
        RESERVED
 CVE-2022-4634 (All versions prior to Delta Electronic&#8217;s CNCSoft version 
1.01.34 ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2022-4633 (A vulnerability was found in Auto Upload Images up to 3.3.0 and 
classi ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-4632 (A vulnerability has been found in Auto Upload Images up to 
3.3.0 and c ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/005711b1641fec81a38bf30c5fa75ae853309f83

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/005711b1641fec81a38bf30c5fa75ae853309f83
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to