[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 13 Jul 2023 03:21:38 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b80b54e2 by Salvatore Bonaccorso at 2023-07-13T12:21:02+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,9 +7,9 @@ CVE-2023-3363 (An information disclosure issue in Gitlab CE/EE 
affecting all ver
 CVE-2023-3362 (An information disclosure issue in GitLab CE/EE affecting all 
versions ...)
        TODO: check
 CVE-2023-3343 (The User Registration plugin for WordPress is vulnerable to PHP 
Object ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-3342 (The User Registration plugin for WordPress is vulnerable to 
arbitrary  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-3319 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        TODO: check
 CVE-2023-38199 (coreruleset (aka OWASP ModSecurity Core Rule Set) through 
3.3.4 does n ...)
@@ -41,17 +41,17 @@ CVE-2023-37415 (Improper Input Validation vulnerability in 
Apache Software Found
 CVE-2023-35694 (In DMPixelLogger_ProcessDmCommand of DMPixelLogger.cpp, there 
is a pos ...)
        TODO: check
 CVE-2023-35693 (In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory 
corrupt ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2023-35691 (there is a possible out of bounds read due to a missing bounds 
check.  ...)
        TODO: check
 CVE-2023-35069 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        TODO: check
 CVE-2023-34137 (SonicWall GMS and Analytics CAS Web Services application use 
static va ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2023-34136 (Vulnerability in SonicWall GMS and Analytics allows 
unauthenticated at ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2023-34135 (Path Traversal vulnerability in SonicWall GMS and Analytics 
allows a r ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2023-34134 (Exposure of sensitive information to an unauthorized actor 
vulnerabili ...)
        TODO: check
 CVE-2023-34133 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
@@ -73,11 +73,11 @@ CVE-2023-34126 (Vulnerability in SonicWall GMS and 
Analytics allows an authentic
 CVE-2023-34125 (Path Traversal vulnerability in GMS and Analytics allows an 
authentica ...)
        TODO: check
 CVE-2023-34124 (The authentication mechanism in SonicWall GMS and Analytics 
Web Servic ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2023-34123 (Use of Hard-coded Cryptographic Key vulnerability in SonicWall 
GMS, So ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2023-33274 (The authentication mechanism in PowerShield SNMP Web Pro 1.1 
contains  ...)
-       TODO: check
+       NOT-FOR-US: PowerShield SNMP Web Pro
 CVE-2023-2957 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2023-2620 (An issue has been discovered in GitLab CE/EE affecting all 
versions st ...)
@@ -107,21 +107,21 @@ CVE-2023-3106 (A NULL pointer dereference vulnerability 
was found in netlink_dum
 CVE-2023-38069 (In JetBrains IntelliJ IDEA before 2023.1.4 license dialog 
could be sup ...)
        TODO: check
 CVE-2023-38068 (In JetBrains YouTrack before 2023.1.16597 captcha was not 
properly val ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2023-38067 (In JetBrains TeamCity before 2023.05.1 build parameters of the 
"passwo ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38066 (In JetBrains TeamCity before 2023.05.1 reflected XSS via the 
Referer h ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38065 (In JetBrains TeamCity before 2023.05.1 stored XSS while 
viewing the bu ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38064 (In JetBrains TeamCity before 2023.05.1 build chain parameters 
of the " ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38063 (In JetBrains TeamCity before 2023.05.1 stored XSS while 
running custom ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38062 (In JetBrains TeamCity before 2023.05.1 parameters of the 
"password" ty ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38061 (In JetBrains TeamCity before 2023.05.1 stored XSS when using a 
custom  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2023-38046 (A vulnerability exists in Palo Alto Networks PAN-OS software 
that enab ...)
        NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2023-37630 (Online Piggery Management System 1.0 is vulnerable to Cross 
Site Scrip ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b80b54e22f75cb0dcd87c41744c6062029147e9d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b80b54e22f75cb0dcd87c41744c6062029147e9d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to