[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 12 Dec 2023 08:04:35 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c8ce34c4 by Salvatore Bonaccorso at 2023-12-12T17:04:07+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2023-6727 (Mattermost fails to perform correct authorization checks when 
creating ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2023-6593 (Client side permission bypass in Devolutions Remote Desktop 
Manager 20 ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2023-6547 (Mattermost fails to validate team membership when a user 
attempts to a ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2023-6193 (quiche v. 0.15.0 through 0.19.0 was discovered to be vulnerable 
to unb ...)
@@ -40,53 +40,53 @@ CVE-2023-49874 (Mattermost fails to check whether a user is 
a guest when updatin
 CVE-2023-49809 (Mattermost fails to handle a null request body in the /add 
endpoint, a ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2023-49713 (Denial-of-service (DoS) vulnerability exists in NetBIOS 
service of HMI ...)
-       TODO: check
+       NOT-FOR-US: NetBIOS service of HMI GC-A2 series
 CVE-2023-49695 (OS command injection vulnerability in WRC-X3000GSN v1.0.2, 
WRC-X3000GS ...)
-       TODO: check
+       NOT-FOR-US: Elecom
 CVE-2023-49692 (A vulnerability has been identified in RUGGEDCOM RM1224 
LTE(4G) EU (Al ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-49691 (A vulnerability has been identified in RUGGEDCOM RM1224 
LTE(4G) EU (Al ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-49607 (Mattermost fails to validate the type of the "reminder" body 
request p ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2023-49563 (Cross Site Scripting (XSS) in Voltronic Power SNMP Web Pro 
v.1.1 allow ...)
-       TODO: check
+       NOT-FOR-US: Voltronic Power SNMP Web Pro
 CVE-2023-49143 (Denial-of-service (DoS) vulnerability exists in rfe service of 
HMI GC- ...)
        TODO: check
 CVE-2023-49140 (Denial-of-service (DoS) vulnerability exists in commplex-link 
service  ...)
        TODO: check
 CVE-2023-48677 (Local privilege escalation due to DLL hijacking vulnerability. 
The fol ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2023-48431 (A vulnerability has been identified in SINEC INS (All versions 
< V1.0  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-48430 (A vulnerability has been identified in SINEC INS (All versions 
< V1.0  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-48429 (A vulnerability has been identified in SINEC INS (All versions 
< V1.0  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-48428 (A vulnerability has been identified in SINEC INS (All versions 
< V1.0  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-48427 (A vulnerability has been identified in SINEC INS (All versions 
< V1.0  ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-46701 (Mattermost fails to perform authorization checks in the  
/plugins/play ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2023-46456 (In GL.iNET GL-AR300M routers with firmware 3.216 it is 
possible to inj ...)
-       TODO: check
+       NOT-FOR-US: GL.iNET GL-AR300M routers
 CVE-2023-46455 (In GL.iNET GL-AR300M routers with firmware v4.3.7 it is 
possible to wr ...)
-       TODO: check
+       NOT-FOR-US: GL.iNET GL-AR300M routers
 CVE-2023-46454 (In GL.iNET GL-AR300M routers with firmware v4.3.7, it is 
possible to i ...)
-       TODO: check
+       NOT-FOR-US: GL.iNET GL-AR300M routers
 CVE-2023-46285 (A vulnerability has been identified in Opcenter Quality (All 
versions) ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-46284 (A vulnerability has been identified in Opcenter Quality (All 
versions) ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-46283 (A vulnerability has been identified in Opcenter Quality (All 
versions) ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-46282 (A vulnerability has been identified in Opcenter Quality (All 
versions) ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-46281 (A vulnerability has been identified in Opcenter Quality (All 
versions) ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-46156 (Affected devices improperly handle specially crafted packets 
sent to p ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2023-45847 (Mattermost fails to to check the length when setting the title 
in a ru ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2023-45316 (Mattermost fails to validate if a relative path is passed in 
/plugins/ ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8ce34c47c650b6d7a690bbb8dc897d917be7773

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8ce34c47c650b6d7a690bbb8dc897d917be7773
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to