[Git][security-tracker-team/security-tracker][master] Process new NFUs

Salvatore Bonaccorso (@carnil) Tue, 28 Nov 2023 12:21:58 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7666a459 by Salvatore Bonaccorso at 2023-11-28T21:21:24+01:00
Process new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,43 +1,43 @@
 CVE-2023-6359 (A Cross-Site Scripting (XSS) vulnerability has been found in 
Alumne LM ...)
-       TODO: check
+       NOT-FOR-US: Alumne LMS
 CVE-2023-6239 (Improperly calculated effective permissions in M-Files Server 
versions ...)
-       TODO: check
+       NOT-FOR-US: M-Files
 CVE-2023-6201 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
-       TODO: check
+       NOT-FOR-US: Univera Computer System Panorama
 CVE-2023-6151 (Improper Privilege Management vulnerability in ESKOM Computer 
e-munici ...)
-       TODO: check
+       NOT-FOR-US: ESKOM Computer e-municipality module
 CVE-2023-6150 (Improper Privilege Management vulnerability in ESKOM Computer 
e-munici ...)
-       TODO: check
+       NOT-FOR-US: ESKOM Computer e-municipality module
 CVE-2023-49314 (Asana Desktop 2.1.0 on macOS allows code injection because of 
specific ...)
-       TODO: check
+       NOT-FOR-US: Asana Desktop
 CVE-2023-49313 (A dylib injection vulnerability in XMachOViewer 0.04 allows 
attackers  ...)
-       TODO: check
+       NOT-FOR-US: XMachOViewer
 CVE-2023-49078 (raptor-web is a CMS for game server communities that can be 
used to ho ...)
-       TODO: check
+       NOT-FOR-US: raptor-web CMS
 CVE-2023-49062 (Katran could disclose non-initialized kernel memory as part of 
an IP h ...)
        TODO: check
 CVE-2023-48848 (An arbitrary file read vulnerability in ureport v2.2.9 allows 
a remote ...)
        TODO: check
 CVE-2023-48121 (An authentication bypass vulnerability in the Direct 
Connection Module ...)
-       TODO: check
+       NOT-FOR-US: Direct Connection Module in Ezviz
 CVE-2023-48042 (Amazzing Filter for Prestashop through 3.2.2 is vulnerable to 
Cross-Si ...)
-       TODO: check
+       NOT-FOR-US: Amazzing Filter for Prestashop
 CVE-2023-45539 (HAProxy before 2.8.2 accepts # as part of the URI component, 
which mig ...)
        TODO: check
 CVE-2023-45286 (A race condition in go-resty can result in HTTP request body 
disclosur ...)
        TODO: check
 CVE-2023-42505 (An authenticated user with read permissions on database 
connections me ...)
-       TODO: check
+       NOT-FOR-US: Apache Superset
 CVE-2023-42504 (An authenticated malicious user could initiate multiple 
concurrent req ...)
-       TODO: check
+       NOT-FOR-US: Apache Superset
 CVE-2023-42502 (An authenticated attacker with update datasets permission 
could change ...)
-       TODO: check
+       NOT-FOR-US: Apache Superset
 CVE-2023-42004 (IBM Security Guardium 11.3, 11.4, and 11.5 is potentially 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2023-41264 (Netwrix Usercube before 6.0.215, in certain misconfigured 
on-premises  ...)
-       TODO: check
+       NOT-FOR-US: Netwrix Usercube
 CVE-2023-40056 (SQL Injection Remote Code Vulnerability was found in the 
SolarWinds Pl ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2023-34055 (In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 
3.1.0-3.1.5,  ...)
        TODO: check
 CVE-2023-46589 (Improper Input Validation vulnerability in Apache 
Tomcat.Tomcat from 1 ...)
@@ -61,7 +61,7 @@ CVE-2023-6219 (The BookingPress plugin for WordPress is 
vulnerable to arbitrary
 CVE-2023-5960 (An improper privilege management vulnerability in the hotspot 
feature  ...)
        NOT-FOR-US: Zyxel
 CVE-2023-5885 (The discontinued FFS Colibri product allows a remote user to 
access fi ...)
-       TODO: check
+       NOT-FOR-US: FFS Colibri
 CVE-2023-5797 (An improper privilege management vulnerability in the debug CLI 
comman ...)
        NOT-FOR-US: Zyxel
 CVE-2023-5773
@@ -35043,7 +35043,7 @@ CVE-2023-29062
 CVE-2023-29061
        RESERVED
 CVE-2023-29060 (The FACSChorus\xe2\u201e\xa2 workstation operating system does 
not res ...)
-       TODO: check
+       NOT-FOR-US: facschorus
 CVE-2023-1764 (Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 
10.9.5 ...)
        NOT-FOR-US: Canon
 CVE-2023-1763 (Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 
10.9.5 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7666a459a59807df6676c79010648ff79088d6fc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7666a459a59807df6676c79010648ff79088d6fc
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process new NFUs

Reply via email to