[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 06 Jul 2023 13:49:14 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
421f75c5 by Salvatore Bonaccorso at 2023-07-06T22:48:35+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2023-3531 (Cross-site Scripting (XSS) - Stored in GitHub repository 
nilsteampassn ...)
        TODO: check
 CVE-2023-3529 (A vulnerability classified as problematic has been found in 
Rotem Dyna ...)
-       TODO: check
+       NOT-FOR-US: Rotem Dynamics Rotem CRM
 CVE-2023-3528 (A vulnerability was found in ThinuTech ThinuCMS 1.5. It has 
been rated ...)
-       TODO: check
+       NOT-FOR-US: ThinuTech ThinuCMS
 CVE-2023-3523 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 
2.2.2.)
        TODO: check
 CVE-2023-3456 (Vulnerability of kernel raw address leakage in the  hang 
detector modu ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-37454 (An issue was discovered in the Linux kernel through 6.4.2. A 
crafted U ...)
        - linux <unfixed>
 CVE-2023-37453 (An issue was discovered in the USB subsystem in the Linux 
kernel throu ...)
@@ -15,43 +15,43 @@ CVE-2023-37453 (An issue was discovered in the USB 
subsystem in the Linux kernel
 CVE-2023-37260 (league/oauth2-server is an implementation of an OAuth 2.0 
authorizatio ...)
        TODO: check
 CVE-2023-37245 (Buffer overflow vulnerability in the modem pinctrl module. 
Successful  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-37242 (Vulnerability of commands from the modem being intercepted in 
the atcm ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-37241 (Input verification vulnerability in the WMS API. Successful 
exploitati ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-37240 (Vulnerability of missing input length verification in the  
distributed ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-37239 (Format string vulnerability in the  distributed file system. 
Attackers ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-37238 (Vulnerability of apps' permission to access a certain API 
being incomp ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-37136 (A stored cross-site scripting (XSS) vulnerability in the Basic 
Website ...)
-       TODO: check
+       NOT-FOR-US: EyouCMS
 CVE-2023-37135 (A stored cross-site scripting (XSS) vulnerability in the Image 
Upload  ...)
-       TODO: check
+       NOT-FOR-US: EyouCMS
 CVE-2023-37134 (A stored cross-site scripting (XSS) vulnerability in the Basic 
Informa ...)
-       TODO: check
+       NOT-FOR-US: EyouCMS
 CVE-2023-37133 (A stored cross-site scripting (XSS) vulnerability in the 
Column manage ...)
-       TODO: check
+       NOT-FOR-US: EyouCMS
 CVE-2023-37132 (A stored cross-site scripting (XSS) vulnerability in the 
custom variab ...)
-       TODO: check
+       NOT-FOR-US: EyouCMS
 CVE-2023-37131 (A Cross-Site Request Forgery (CSRF) in the component 
/public/admin/pro ...)
-       TODO: check
+       NOT-FOR-US: YznCMS
 CVE-2023-37125 (A stored cross-site scripting (XSS) vulnerability in the 
Management Cu ...)
-       TODO: check
+       NOT-FOR-US: SEACMS
 CVE-2023-37124 (A stored cross-site scripting (XSS) vulnerability in the Site 
Setup mo ...)
-       TODO: check
+       NOT-FOR-US: SEACMS
 CVE-2023-37122 (A stored cross-site scripting (XSS) vulnerability in Bagecms 
v3.1.0 al ...)
-       TODO: check
+       NOT-FOR-US: Bagecms
 CVE-2023-36995 (TravianZ through 8.3.4 allows XSS via the Alliance tag/name, 
the stati ...)
-       TODO: check
+       NOT-FOR-US: TravianZ
 CVE-2023-36970 (A Cross-site scripting (XSS) vulnerability in CMS Made Simple 
v2.2.17  ...)
-       TODO: check
+       NOT-FOR-US: CMS Made Simple
 CVE-2023-36969 (CMS Made Simple v2.2.17 is vulnerable to Remote Command 
Execution via  ...)
-       TODO: check
+       NOT-FOR-US: CMS Made Simple
 CVE-2023-36968 (A SQL Injection vulnerability detected in Food Ordering System 
v1.0 al ...)
-       TODO: check
+       NOT-FOR-US: Food Ordering System
 CVE-2023-36830 (SQLFluff is a SQL linter. Prior to version 2.1.2, in 
environments wher ...)
        TODO: check
 CVE-2023-36823 (Sanitize is an allowlist-based HTML and CSS sanitizer. Using 
carefully ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/421f75c5c7c798dba54921f38c034fa13f9610f9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/421f75c5c7c798dba54921f38c034fa13f9610f9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to