[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 07 Aug 2023 13:29:51 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
eeb8a314 by Salvatore Bonaccorso at 2023-08-07T22:29:15+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,11 +3,11 @@ CVE-2023-4205 (An out-of-bounds memory access flaw was found 
in the Linux kernel
        NOTE: https://www.spinics.net/lists/kernel/msg4876594.html
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2228101
 CVE-2023-4201 (A vulnerability was found in SourceCodester Inventory 
Management Syste ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Inventory Management System
 CVE-2023-4200 (A vulnerability has been found in SourceCodester Inventory 
Management  ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Inventory Management System
 CVE-2023-4199 (A vulnerability, which was classified as critical, was found in 
Source ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Inventory Management System
 CVE-2023-3896 (Divide By Zero in vim/vim from9.0.1367-1 to9.0.1367-3)
        - vim <unfixed>
        NOTE: https://github.com/vim/vim/issues/12528
@@ -25,9 +25,9 @@ CVE-2023-3492 (The WP Shopping Pages WordPress plugin through 
1.14 does not have
 CVE-2023-3365 (The MultiParcels Shipping For WooCommerce WordPress plugin 
before 1.14 ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-39550 (Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 
v0.4.0. ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-39524 (PrestaShop is an open source e-commerce web application. Prior 
to vers ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2023-39520 (Cryptomator encrypts data being stored on cloud 
infrastructure. The MS ...)
        TODO: check
 CVE-2023-39363 (Vyer is a Pythonic Smart Contract Language for the Ethereum 
Virtual Ma ...)
@@ -59,35 +59,35 @@ CVE-2023-38930 (Tenda AC7 V1.0,V15.03.06.44, F1203 
V2.0.1.6, AC5 V1.0,V15.03.06.
 CVE-2023-38929 (Tenda 4G300 v1.01.42 was discovered to contain a stack 
overflow via th ...)
        NOT-FOR-US: Tenda
 CVE-2023-38928 (Netgear R7100LG 1.0.0.78 was discovered to contain a command 
injection ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-38926 (Netgear EX6200 v1.0.3.94 was discovered to contain a buffer 
overflow v ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-38925 (Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 
were disc ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-38924 (Netgear DGN3500 1.1.00.37 was discovered to contain a buffer 
overflow  ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-38922 (Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 
v0.4.0. ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-38921 (Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to 
contain ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-38704 (`import-in-the-middle` is a module loading interceptor 
specifically fo ...)
        TODO: check
 CVE-2023-38591 (Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple 
buffer o ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-38412 (Netgear R6900P v1.3.3.154 was discovered to contain multiple 
buffer ov ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-38392 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Hiroaki  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38157 (Microsoft Edge (Chromium-based) Security Feature Bypass 
Vulnerability)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2023-38045 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: Joomla advcomsys.com oneVote component
 CVE-2023-38044 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2023-36499 (Netgear XR300 v1.0.3.78 was discovered to contain multiple 
buffer over ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2023-36220 (Directory Traversal vulnerability in Textpattern CMS v4.8.8 
allows a r ...)
-       TODO: check
+       NOT-FOR-US: Textpattern CMS
 CVE-2023-36054 (lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 
1.20.2 an ...)
        TODO: check
 CVE-2023-34477 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
@@ -95,7 +95,7 @@ CVE-2023-34477 (Improper Neutralization of Special Elements 
used in an SQL Comma
 CVE-2023-34476 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2023-32783 (The event analysis component in Zoho ManageEngine ADAudit Plus 
7.1.1 a ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2023-32090 (Pega platform clients who are using versions 6.1 through 7.3.1 
may be  ...)
        TODO: check
 CVE-2023-2843 (The MultiParcels Shipping For WooCommerce WordPress plugin 
before 1.14 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eeb8a31434c3974d700b7fe02d97b413ac4a6032

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eeb8a31434c3974d700b7fe02d97b413ac4a6032
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to