[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Fri, 05 May 2023 01:23:38 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
259e3bfc by Salvatore Bonaccorso at 2023-05-05T10:23:06+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2023-32235 (Ghost before 5.42.1 allows remote attackers to read arbitrary 
files wi ...)
-       TODO: check
+       NOT-FOR-US: Ghost CMS
 CVE-2023-31415 (Kibana version 8.7.0 contains an arbitrary code execution 
flaw. An att ...)
        - kibana <itp> (bug #700337)
 CVE-2023-31414 (Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code 
executio ...)
@@ -7,11 +7,11 @@ CVE-2023-31414 (Kibana versions 8.0.0 through 8.7.0 contain 
an arbitrary code ex
 CVE-2023-31413 (Filebeat versions through 7.17.9 and 8.6.2 have a flaw in 
httpjson inp ...)
        TODO: check
 CVE-2023-2535 (Sensitive information exposure in the Web Frontend of KNIME 
Business H ...)
-       TODO: check
+       NOT-FOR-US: KNIME
 CVE-2023-2531 (Improper Restriction of Excessive Authentication Attempts in 
GitHub re ...)
        TODO: check
 CVE-2017-20183 (A vulnerability was found in External Media without Import 
Plugin up t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2524 (A vulnerability classified as critical has been found in 
Control iD RH ...)
        NOT-FOR-US: Control iD RHiD
 CVE-2023-2523 (A vulnerability was found in Weaver E-Office 9.5. It has been 
rated as ...)
@@ -3125,7 +3125,7 @@ CVE-2023-30401
 CVE-2023-30400
        RESERVED
 CVE-2023-30399 (Insecure permissions in the settings page of GARO Wallbox 
GLB/GTB/GTC  ...)
-       TODO: check
+       NOT-FOR-US: GARO Wallbox GLB/GTB/GTC
 CVE-2023-30398
        RESERVED
 CVE-2023-30397
@@ -3267,7 +3267,7 @@ CVE-2023-30330
 CVE-2023-30329
        RESERVED
 CVE-2023-30328 (An issue in the helper tool of Mailbutler GmbH Shimo VPN 
Client for ma ...)
-       TODO: check
+       NOT-FOR-US: Mailbutler GmbH Shimo VPN Client
 CVE-2023-30327
        RESERVED
 CVE-2023-30326
@@ -3362,7 +3362,7 @@ CVE-2023-30284
 CVE-2023-30283
        RESERVED
 CVE-2023-30282 (PrestaShop scexportcustomers <= 3.6.1 is vulnerable to 
Incorrect Acces ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop scexportcustomers
 CVE-2023-30281
        RESERVED
 CVE-2023-30280 (Buffer Overflow vulnerability found in Netgear R6900 
v.1.0.2.26, R6700 ...)
@@ -3683,7 +3683,7 @@ CVE-2023-30124
 CVE-2023-30123 (wuzhicms v4.1.0 is vulnerable to Cross Site Scripting (XSS) in 
the Mem ...)
        NOT-FOR-US: wuzhicms
 CVE-2023-30122 (An arbitrary file upload vulnerability in the component 
/admin/ajax.ph ...)
-       TODO: check
+       NOT-FOR-US: Online Food Ordering System
 CVE-2023-30121
        RESERVED
 CVE-2023-30120
@@ -3741,13 +3741,13 @@ CVE-2023-30095 (A stored cross-site scripting (XSS) 
vulnerability in TotalJS mes
 CVE-2023-30094 (A stored cross-site scripting (XSS) vulnerability in TotalJS 
Flow v10  ...)
        NOT-FOR-US: TotalJS
 CVE-2023-30093 (An arbitrary file upload vulnerability in Open Networking 
Foundation O ...)
-       TODO: check
+       NOT-FOR-US: Open Network Operating System (ONOS)
 CVE-2023-30092
        RESERVED
 CVE-2023-30091
        RESERVED
 CVE-2023-30090 (Semcms Shop v4.2 was discovered to contain an arbitrary file 
uplaod vu ...)
-       TODO: check
+       NOT-FOR-US: Semcms Shop
 CVE-2023-30089
        RESERVED
 CVE-2023-30088
@@ -9997,7 +9997,7 @@ CVE-2023-28070 (Alienware Command Center Application, 
versions 5.5.43.0 and prio
 CVE-2023-28069 (Dell Streaming Data Platform prior to 1.4 contains Open 
Redirect vulne ...)
        NOT-FOR-US: Dell
 CVE-2023-28068 (Dell Command Monitor, versions 10.9 and prior, contains an 
improper fo ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2023-28067
        RESERVED
 CVE-2023-28066
@@ -18016,7 +18016,7 @@ CVE-2023-25291
 CVE-2023-25290
        RESERVED
 CVE-2023-25289 (Directory Traversal vulnerability in virtualreception Digital 
Receptie ...)
-       TODO: check
+       NOT-FOR-US: virtualreception Digital Receptie
 CVE-2023-25288
        RESERVED
 CVE-2023-25287
@@ -30886,7 +30886,7 @@ CVE-2022-38469 (An unauthorized user with network 
access and the decryption key
 CVE-2021-4245 (A vulnerability classified as problematic has been found in 
chbrown rf ...)
        NOT-FOR-US: rfc6902
 CVE-2022-47449 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
RexTheme ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-47448
        RESERVED
 CVE-2022-47447
@@ -30916,7 +30916,7 @@ CVE-2022-47436
 CVE-2022-47435 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Oliv ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-47434 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in PB S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-47433 (Unauth. Reflected Cross-Site Scripting vulnerability in Daniel 
Powney  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-47432
@@ -37026,61 +37026,61 @@ CVE-2023-21513
 CVE-2023-21512
        RESERVED
 CVE-2023-21511 (Out-of-bounds Read vulnerability while processing 
CMD_COLDWALLET_BTC_S ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21510 (Out-of-bounds Read vulnerability while processing 
BC_TUI_CMD_UPDATE_SC ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21509 (Out-of-bounds Write vulnerability while processing 
BC_TUI_CMD_UPDATE_S ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21508 (Out-of-bounds Write vulnerability while processing 
BC_TUI_CMD_SEND_RES ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21507 (Out-of-bounds Read vulnerability while processing 
BC_TUI_CMD_SEND_RESO ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21506 (Out-of-bounds Write vulnerability while processing 
BC_TUI_CMD_SEND_RES ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21505 (Improper access control in Samsung Core Service prior to 
version 2.1.0 ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21504 (Potential buffer overflow vulnerability in 
mm_Plmncoordination.c in Sh ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21503 (Potential buffer overflow vulnerability in 
mm_LteInterRatManagement.c  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21502 (Improper input validation vulnerability in FactoryTest 
application pri ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21501 (Improper input validation vulnerability in mPOS fiserve 
trustlet prior ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21500 (Double free validation vulnerability in setPinPadImages in 
mPOS TUI tr ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21499 (Out-of-bounds write vulnerability in 
TA_Communication_mpos_encrypt_pin ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21498 (Improper input validation vulnerability in setPartnerTAInfo in 
mPOS TU ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21497 (Use of externally-controlled format string vulnerability in 
mPOS TUI t ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21496 (Active Debug Code vulnerability in ActivityManagerService 
prior to SMR ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21495 (Improper access control vulnerability in Knox Enrollment 
Service prior ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21494 (Potential buffer overflow vulnerability in auth api in 
mm_Authenticati ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21493 (Improper access control vulnerability in SemShareFileProvider 
prior to ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21492 (Kernel pointers are printed in the log file prior to SMR 
May-2023 Rele ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21491 (Improper access control vulnerability in ThemeManager prior to 
SMR May ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21490 (Improper access control in GearManagerStub prior to SMR 
May-2023 Relea ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21489 (Heap out-of-bounds write vulnerability in bootloader prior to 
SMR May- ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21488 (Improper access control vulnerablility in Tips prior to SMR 
May-2023 R ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21487 (Improper access control vulnerability in Telephony framework 
prior to  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21486 (Improper export of android application components 
vulnerability in Ima ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21485 (Improper export of android application components 
vulnerability in Vid ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21484 (Improper access control vulnerability in AppLock prior to SMR 
May-2023 ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2023-21483
        RESERVED
 CVE-2023-21482



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/259e3bfcda73f6bc4e6e27f82276042ab56858fe

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/259e3bfcda73f6bc4e6e27f82276042ab56858fe
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to