[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 06 Dec 2023 12:25:31 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7bd8f54a by Salvatore Bonaccorso at 2023-12-06T21:24:55+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,63 +1,63 @@
 CVE-2023-6514 (The Bluetooth module of some Huawei Smart Screen products has 
an ident ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-6459 (Mattermost is grouping calls inthe /metrics endpoint by id and 
reports ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2023-6458 (Mattermost webapp fails to validateroute parameters 
in/<TEAM_NAME>/cha ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2023-6393 (A flaw was found in the Quarkus Cache Runtime. When request 
processing ...)
-       TODO: check
+       NOT-FOR-US: Quarkus
 CVE-2023-6288 (Code injection in Remote Desktop Manager 2023.3.9.3 and earlier 
on mac ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2023-6273 (Permission management vulnerability in the module for disabling 
Sound  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49248 (Vulnerability of unauthorized file access in the Settings app. 
Success ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49247 (Permission verification vulnerability in distributed 
scenarios. Succes ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49246 (Unauthorized access vulnerability in the card management 
module. Succe ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49245 (Unauthorized access vulnerability in the Huawei Share module. 
Successf ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49244 (Permission management vulnerability in the multi-user module. 
Successf ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49243 (Vulnerability of unauthorized access to email attachments in 
the email ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49242 (Free broadcast vulnerability in the running management module. 
Success ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49241 (API permission control vulnerability in the network management 
module. ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49240 (Unauthorized access vulnerability in the launcher module. 
Successful e ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49239 (Unauthorized access vulnerability in the card management 
module. Succe ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-49096 (Jellyfin is a Free Software Media System for managing and 
streaming me ...)
        - jellyfin <itp> (bug #994189)
 CVE-2023-48859 (TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a 
post-authenticatio ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2023-48123 (An issue in Netgate pfSense Plus v.23.05.1 and before and 
pfSense CE v ...)
-       TODO: check
+       NOT-FOR-US: Netgate pfSense Plus
 CVE-2023-46773 (Permission management vulnerability in the PMS module. 
Successful expl ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-46751 (An issue was discovered in the function 
gdev_prn_open_printer_seekable ...)
        TODO: check
 CVE-2023-46688 (Open redirect vulnerability in Pleasanter 1.3.47.0 and earlier 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Pleasanter
 CVE-2023-45210 (Pleasanter 1.3.47.0 and earlier contains an improper access 
control vu ...)
-       TODO: check
+       NOT-FOR-US: Pleasanter
 CVE-2023-44113 (Vulnerability of missing permission verification for APIs in 
the Desig ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-44099 (Vulnerability of data verification errors in the kernel 
module. Succes ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39539 (AMI AptioV contains a vulnerability in BIOS where a User may 
cause an  ...)
-       TODO: check
+       NOT-FOR-US: AMI AptioV
 CVE-2023-39538 (AMI AptioV contains a vulnerability in BIOS where a User may 
cause an  ...)
-       TODO: check
+       NOT-FOR-US: AMI AptioV
 CVE-2023-36655 (The login REST API in ProLion CryptoSpike 3.0.15P2 (when LDAP 
or Activ ...)
-       TODO: check
+       NOT-FOR-US: ProLion CryptoSpike
 CVE-2023-34439 (Pleasanter 1.3.47.0 and earlier contains a stored cross-site 
scripting ...)
-       TODO: check
+       NOT-FOR-US: Pleasanter
 CVE-2023-32268 (Exposure of Proxy Administrator Credentials  An authenticated 
administ ...)
-       TODO: check
+       NOT-FOR-US: Microfocus
 CVE-2023-46218 [curl: cookie mixed case PSL bypass]
        - curl <unfixed> (bug #1057646)
        NOTE: Introduced by: 
https://github.com/curl/curl/commit/e77b5b7453c1e8ccd7ec0816890d98e2f392e465 
(curl-7_46_0)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7bd8f54aada77e2f071786ca17f06070727a613b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7bd8f54aada77e2f071786ca17f06070727a613b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to