[Git][security-tracker-team/security-tracker][master] NFUs

Mon, 10 Jul 2023 01:47:02 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ad97d35c by Moritz Muehlenhoff at 2023-07-10T10:46:30+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2023-3568 (Improper Input Validation in GitHub repository 
fossbilling/fossbilling ...)
-       TODO: check
+       NOT-FOR-US: fossbilling
 CVE-2023-37288 (SmartBPM.NET component has a vulnerability of path traversal 
within it ...)
-       TODO: check
+       NOT-FOR-US: SmartBPM.NET
 CVE-2023-37287 (SmartBPM.NET has a vulnerability of using hard-coded 
authentication ke ...)
-       TODO: check
+       NOT-FOR-US: SmartBPM.NET
 CVE-2023-37286 (SmartSoft SmartBPM.NET has a vulnerability of using hard-coded 
machine ...)
-       TODO: check
+       NOT-FOR-US: SmartBPM.NET
 CVE-2021-4406 (An administrator is able to execute commands as root via the 
alerts ma ...)
-       TODO: check
+       NOT-FOR-US: QuantaStor
 CVE-2023-3045 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        NOT-FOR-US: Tise Technology Parking Web Report
 CVE-2023-36935
@@ -7651,7 +7651,7 @@ CVE-2023-2235 (A use-after-free vulnerability in the 
Linux Kernel Performance Ev
        [buster] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/fd0815f632c24878e325821943edccc7fde947a2 (6.3-rc3)
 CVE-2023-2234 (Union variant confusion allows any malicious BT controller to 
execute  ...)
-       TODO: check
+       NOT-FOR-US: Zephyr
 CVE-2023-2233
        RESERVED
 CVE-2023-2232 (An issue has been discovered in GitLab affecting all versions 
starting ...)
@@ -9465,7 +9465,7 @@ CVE-2023-30444 (IBM Watson Machine Learning on Cloud Pak 
for Data 4.0 and 4.5 is
 CVE-2023-30443
        RESERVED
 CVE-2023-30442 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect 
Server) 11.1 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-30441 (IBM Runtime Environment, Java Technology Edition IBMJCEPlus 
and JSSE 8 ...)
        NOT-FOR-US: IBM
 CVE-2023-30440 (IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 
through FW9 ...)
@@ -9487,7 +9487,7 @@ CVE-2023-30433
 CVE-2023-30432
        RESERVED
 CVE-2023-30431 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect 
Server) 10.5 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-30430
        RESERVED
 CVE-2015-10100 (A vulnerability, which was classified as critical, has been 
found in D ...)
@@ -12484,7 +12484,7 @@ CVE-2023-29258
 CVE-2023-29257 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect 
Server) 10.5 ...)
        NOT-FOR-US: IBM
 CVE-2023-29256 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect 
Server) 10.5 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-29255 (IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect 
Server) 10.5 ...)
        NOT-FOR-US: IBM
 CVE-2023-29254
@@ -13475,17 +13475,17 @@ CVE-2021-46879 (An issue was discovered in Treasure 
Data Fluent Bit 1.7.1, a wro
 CVE-2021-46878 (An issue was discovered in Treasure Data Fluent Bit 1.7.1, 
erroneous p ...)
        NOT-FOR-US: Treasure Data Fluent Bit
 CVE-2023-28958 (IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is 
potentially  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-28957
        RESERVED
 CVE-2023-28956 (IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 
8.1.17.2 ma ...)
        NOT-FOR-US: IBM
 CVE-2023-28955 (IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 could 
allow an  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-28954
        RESERVED
 CVE-2023-28953 (IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an 
attacker ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-28952
        RESERVED
 CVE-2023-28951
@@ -18371,7 +18371,7 @@ CVE-2023-27560 (Math/PrimeField.php in phpseclib 3.x 
before 3.0.19 has an infini
 CVE-2023-27559 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect 
Server) 10.5 ...)
        NOT-FOR-US: IBM
 CVE-2023-27558 (IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a 
privile ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-27557 (IBM Counter Fraud Management for Safer Payments 6.1.0.00 
through 6.1.1 ...)
        NOT-FOR-US: IBM
 CVE-2023-27556 (IBM Counter Fraud Management for Safer Payments 6.1.0.00, 
6.2.0.00, 6. ...)
@@ -18407,7 +18407,7 @@ CVE-2023-27542
 CVE-2023-27541
        RESERVED
 CVE-2023-27540 (IBM Watson CP4D Data Stores 4.6.0 does not properly allocate 
resources ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-1165 (A vulnerability was found in Zhong Bang CRMEB Java 1.3.4. It 
has been  ...)
        NOT-FOR-US: Zhong Bang CRMEB Java
 CVE-2023-1164 (A vulnerability was found in KylinSoft kylin-activation and 
classified ...)
@@ -30350,7 +30350,7 @@ CVE-2023-23489 (The Easy Digital Downloads WordPress 
Plugin, versions 3.1.0.2 &
 CVE-2023-23488 (The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is 
affecte ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-23487 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect 
Server) 11.1 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-23486
        RESERVED
 CVE-2023-23485



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad97d35c098a7be1c8df5c676e0bb8637a956d58

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad97d35c098a7be1c8df5c676e0bb8637a956d58
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to