[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 26 Sep 2023 13:20:44 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2018856d by Salvatore Bonaccorso at 2023-09-26T22:19:57+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,67 +3,67 @@ CVE-2023-5197 (A use-after-free vulnerability in the Linux 
kernel's netfilter: n
 CVE-2023-5157 (A vulnerability was found in MariaDB. An OpenVAS port scan on 
ports 33 ...)
        TODO: check
 CVE-2023-4264 (Potential buffer overflow vulnerabilities n the Zephyr 
Bluetooth subsy ...)
-       TODO: check
+       NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-4262 (Possible buffer overflow in Zephyr mgmt subsystem when asserts 
are dis ...)
-       TODO: check
+       NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-4260 (Potential off-by-one buffer overflow vulnerability in the 
Zephyr fuse  ...)
-       TODO: check
+       NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-4065 (A flaw was found in Red Hat AMQ Broker Operator, where it 
displayed a  ...)
        TODO: check
 CVE-2023-44172 (SeaCMS V12.9 was discovered to contain an arbitrary file write 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2023-44171 (SeaCMS V12.9 was discovered to contain an arbitrary file write 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2023-44170 (SeaCMS V12.9 was discovered to contain an arbitrary file write 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2023-44169 (SeaCMS V12.9 was discovered to contain an arbitrary file write 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2023-43857 (Dreamer CMS v4.1.3 was discovered to contain a stored 
cross-site scrip ...)
-       TODO: check
+       NOT-FOR-US: Dreamer CMS
 CVE-2023-43856 (Dreamer CMS v4.1.3 was discovered to contain an arbitrary file 
read vu ...)
-       TODO: check
+       NOT-FOR-US: Dreamer CMS
 CVE-2023-43775 (Denial-of-service vulnerability in the web server of the Eaton 
SMP SG- ...)
-       TODO: check
+       NOT-FOR-US: Eaton
 CVE-2023-43646 (get-func-name is a module to retrieve a function's name 
securely and c ...)
        TODO: check
 CVE-2023-43614 (Cross-site scripting vulnerability in Order Data Edit page of 
Welcart  ...)
-       TODO: check
+       NOT-FOR-US: Welcart e-Commerce
 CVE-2023-43610 (SQL injection vulnerability in Order Data Edit page of Welcart 
e-Comme ...)
-       TODO: check
+       NOT-FOR-US: Welcart e-Commerce
 CVE-2023-43493 (SQL injection vulnerability in Item List page of Welcart 
e-Commerce ve ...)
-       TODO: check
+       NOT-FOR-US: Welcart e-Commerce
 CVE-2023-43484 (Cross-site scripting vulnerability in Item List page of 
Welcart e-Comm ...)
-       TODO: check
+       NOT-FOR-US: Welcart e-Commerce
 CVE-2023-43234 (DedeBIZ v6.2.11 was discovered to contain multiple remote code 
executi ...)
-       TODO: check
+       NOT-FOR-US: DedeBIZ
 CVE-2023-43222 (SeaCMS v12.8 has an arbitrary code writing vulnerability in 
the /jxz7g ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2023-43216 (SeaCMS V12.9 was discovered to contain an arbitrary file write 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2023-42460 (Vyper is a Pythonic Smart Contract Language for the EVM. The 
`_abi_dec ...)
-       TODO: check
+       NOT-FOR-US: Vyper
 CVE-2023-41962 (Cross-site scripting vulnerability in Credit Card Payment 
Setup page o ...)
-       TODO: check
+       NOT-FOR-US: Welcart e-Commerce
 CVE-2023-41904 (Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass 
(for Au ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2023-41233 (Cross-site scripting vulnerability in Item List page 
registration proc ...)
-       TODO: check
+       NOT-FOR-US: Welcart e-Commerce
 CVE-2023-40532 (Path traversal vulnerability in Welcart e-Commerce versions 
2.7 to 2.8 ...)
-       TODO: check
+       NOT-FOR-US: Welcart e-Commerce
 CVE-2023-40219 (Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with 
editor or ...)
-       TODO: check
+       NOT-FOR-US: Welcart e-Commerce
 CVE-2023-39378 (SiberianCMS - CWE-89: Improper Neutralization of Special 
Elements used ...)
-       TODO: check
+       NOT-FOR-US: SiberianCMS
 CVE-2023-39377 (SiberianCMS - CWE-434: Unrestricted Upload of File with 
Dangerous Type ...)
-       TODO: check
+       NOT-FOR-US: SiberianCMS
 CVE-2023-39376 (SiberianCMS - CWE-284 Improper Access Control Authorized user 
may disa ...)
-       TODO: check
+       NOT-FOR-US: SiberianCMS
 CVE-2023-39375 (SiberianCMS - CWE-274: Improper Handling of Insufficient 
Privileges)
-       TODO: check
+       NOT-FOR-US: SiberianCMS
 CVE-2023-39347 (Cilium is a networking, observability, and security solution 
with an e ...)
        TODO: check
 CVE-2023-34043 (VMware Aria Operations contains a local privilege escalation 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2023-32541 (A use-after-free vulnerability exists in the footerr 
functionality of  ...)
        TODO: check
 CVE-2023-5176



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2018856d64af0fe9e0141cd7ec5d19811e594810

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2018856d64af0fe9e0141cd7ec5d19811e594810
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to