[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Tue, 13 Jun 2023 13:31:32 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e5409a29 by Salvatore Bonaccorso at 2023-06-13T22:18:27+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
 CVE-2023-3224 (Code Injection in GitHub repository nuxt/nuxt prior to 3.5.3.)
-       TODO: check
+       NOT-FOR-US: Nuxt
 CVE-2023-3218 (Race Condition within a Thread in GitHub repository 
it-novum/openitcoc ...)
        TODO: check
 CVE-2023-3050 (Reliance on Cookies without Validation and Integrity Checking 
in a Sec ...)
-       TODO: check
+       NOT-FOR-US: TMT Lockcell
 CVE-2023-3049 (Unrestricted Upload of File with Dangerous Type vulnerability 
in TMT L ...)
-       TODO: check
+       NOT-FOR-US: TMT Lockcell
 CVE-2023-3048 (Authorization Bypass Through User-Controlled Key vulnerability 
in TMT  ...)
-       TODO: check
+       NOT-FOR-US: TMT Lockcell
 CVE-2023-3047 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: TMT Lockcell
 CVE-2023-35064 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: Satos Satos Mobile
 CVE-2023-34965 (SSPanel-Uim 2023.3 does not restrict access to the /link/ 
interface wh ...)
        TODO: check
 CVE-2023-34249 (benjjvi/PyBB is an open source bulletin board. Prior to commit 
dcaeccd ...)
-       TODO: check
+       NOT-FOR-US: benjjvi/PyBB
 CVE-2023-34247 (Keystone is a content management system for Node.JS. There is 
an open  ...)
-       TODO: check
+       NOT-FOR-US: Keystone CMS
 CVE-2023-34122 (Improper input validation  in the installer for Zoom for 
Windows clien ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2023-34121 (Improper input validation  in the Zoom for Windows, Zoom 
Rooms, Zoom V ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2023-34120 (Improper privilege management in Zoom for Windows, Zoom Rooms 
for Wind ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2023-34115 (Buffer copy without checking size of input  in Zoom Meeting 
SDK  befor ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2023-34114 (Exposure of resource to wrong sphere in Zoom for Windows and 
Zoom for  ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2023-34113 (Insufficient verification of data authenticity  in Zoom for 
Windows cl ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2023-33921 (A vulnerability has been identified in CP-8031 MASTER MODULE 
(All vers ...)
        TODO: check
 CVE-2023-33920 (A vulnerability has been identified in CP-8031 MASTER MODULE 
(All vers ...)
@@ -37,27 +37,27 @@ CVE-2023-33920 (A vulnerability has been identified in 
CP-8031 MASTER MODULE (Al
 CVE-2023-33919 (A vulnerability has been identified in CP-8031 MASTER MODULE 
(All vers ...)
        TODO: check
 CVE-2023-33695 (Hutool v5.8.17 and below was discovered to contain an 
information disc ...)
-       TODO: check
+       NOT-FOR-US: Hutool
 CVE-2023-33621 (GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin 
authentication ...)
-       TODO: check
+       NOT-FOR-US: GL.iNET GL-AR750S-Ext firmware
 CVE-2023-33620 (GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure 
protocol in its ...)
-       TODO: check
+       NOT-FOR-US: GL.iNET GL-AR750S-Ext firmware
 CVE-2023-33568 (An issue in Dolibarr v16.0.0 to v16.0.5 allows unauthenticated 
attacke ...)
        TODO: check
 CVE-2023-33305 (A loop with unreachable exit condition ('infinite loop') in 
Fortinet F ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2023-33124 (A vulnerability has been identified in JT2Go (All versions < 
V14.2.0.3 ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-33123 (A vulnerability has been identified in JT2Go (All versions < 
V14.2.0.3 ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-33122 (A vulnerability has been identified in JT2Go (All versions < 
V14.2.0.3 ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-33121 (A vulnerability has been identified in JT2Go (All versions < 
V14.2.0.3 ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-32548 (OS command injection vulnerability exists in WPS Office 
version 10.8.0 ...)
        TODO: check
 CVE-2023-32546 (Code injection vulnerability exists in Chatwork Desktop 
Application (M ...)
-       TODO: check
+       NOT-FOR-US: Chatwork Desktop Application
 CVE-2023-31541 (A unrestricted file upload vulnerability was discovered in the 
\u2018B ...)
        TODO: check
 CVE-2023-31439 (An issue was discovered in systemd 253. An attacker can modify 
the con ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5409a29378f21c1ce55f0e9fc64afc4df2ab6d8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5409a29378f21c1ce55f0e9fc64afc4df2ab6d8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to