[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 22 Sep 2023 01:37:18 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ccdffa51 by Salvatore Bonaccorso at 2023-09-22T10:36:30+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2023-5068 (Delta Electronics DIAScreen may write past the end of an 
allocated  bu ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2023-4774 (The WP-Matomo Integration (WP-Piwik) plugin for WordPress is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: WP-Matomo Integration (WP-Piwik) plugin for WordPress
 CVE-2023-4716 (The Media Library Assistant plugin for WordPress is vulnerable 
to Stor ...)
-       TODO: check
+       NOT-FOR-US: Media Library Assistant plugin for WordPress
 CVE-2023-43784 (Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields 
that are ...)
-       TODO: check
+       NOT-FOR-US: Plesk Onyx
 CVE-2023-43783 (Cadence through 0.9.2 2023-08-21 uses an Insecure 
/tmp/cadence-wineasi ...)
        TODO: check
 CVE-2023-43782 (Cadence through 0.9.2 2023-08-21 uses an Insecure 
/tmp/.cadence-aloop- ...)
@@ -13,41 +13,41 @@ CVE-2023-43782 (Cadence through 0.9.2 2023-08-21 uses an 
Insecure /tmp/.cadence-
 CVE-2023-43771 (In nqptp-message-handlers.c in nqptp before 1.2.3, crafted 
packets rec ...)
        TODO: check
 CVE-2023-43767 (Certain WithSecure products allow Denial of Service via the 
aepack arc ...)
-       TODO: check
+       NOT-FOR-US: WithSecure
 CVE-2023-43766 (Certain WithSecure products allow Local privilege escalation 
via the l ...)
-       TODO: check
+       NOT-FOR-US: WithSecure
 CVE-2023-43765 (Certain WithSecure products allow Denial of Service in the 
aeelf compo ...)
-       TODO: check
+       NOT-FOR-US: WithSecure
 CVE-2023-43764 (Certain WithSecure products allow Unauthenticated Remote Code 
Executio ...)
-       TODO: check
+       NOT-FOR-US: WithSecure
 CVE-2023-43763 (Certain WithSecure products allow XSS via an unvalidated 
parameter in  ...)
-       TODO: check
+       NOT-FOR-US: WithSecure
 CVE-2023-43762 (Certain WithSecure products allow Unauthenticated Remote Code 
Executio ...)
-       TODO: check
+       NOT-FOR-US: WithSecure
 CVE-2023-43761 (Certain WithSecure products allow Denial of Service (infinite 
loop). T ...)
-       TODO: check
+       NOT-FOR-US: WithSecure
 CVE-2023-43760 (Certain WithSecure products allow Denial of Service via a 
fuzzed PE32  ...)
-       TODO: check
+       NOT-FOR-US: WithSecure
 CVE-2023-43128 (D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 
is vulner ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2023-42261 (Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable 
to Insec ...)
-       TODO: check
+       NOT-FOR-US: Mobile Security Framework (MobSF)
 CVE-2023-41616 (A reflected cross-site scripting (XSS) vulnerability in the 
Search Stu ...)
-       TODO: check
+       NOT-FOR-US: Student Management System
 CVE-2023-41614 (A stored cross-site scripting (XSS) vulnerability in the Add 
Animal De ...)
-       TODO: check
+       NOT-FOR-US: Zoo Management System
 CVE-2023-38344 (An issue was discovered in Ivanti Endpoint Manager before 2022 
SU4. A  ...)
-       TODO: check
+       NOT-FOR-US: Ivanti
 CVE-2023-38343 (An XXE (XML external entity injection) vulnerability exists in 
the CSE ...)
-       TODO: check
+       NOT-FOR-US: Ivanti
 CVE-2023-31719 (FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin.)
-       TODO: check
+       NOT-FOR-US: FUXA
 CVE-2023-31718 (FUXA <= 1.1.12 is vulnerable to Local via Inclusion via 
/api/download.)
-       TODO: check
+       NOT-FOR-US: FUXA
 CVE-2023-31717 (A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration 
of confid ...)
-       TODO: check
+       NOT-FOR-US: FUXA
 CVE-2023-31716 (FUXA <= 1.1.12 has a Local File Inclusion vulnerability via 
file=fuxa. ...)
-       TODO: check
+       NOT-FOR-US: FUXA
 CVE-2023-5002
        - pgadmin4 <itp> (bug #834129)
 CVE-2023-3629



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccdffa51d40f8c40301caeb688310b9ad7e0155a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccdffa51d40f8c40301caeb688310b9ad7e0155a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to