[Git][security-tracker-team/security-tracker][master] Process some new NFUs

Salvatore Bonaccorso (@carnil) Tue, 19 Dec 2023 12:20:36 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d02ae3ba by Salvatore Bonaccorso at 2023-12-19T21:19:55+01:00
Process some new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2023-6945 (A vulnerability has been found in SourceCodester Online Student 
Manage ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Online Student Management System
 CVE-2023-6932 (A use-after-free vulnerability in the Linux kernel's ipv4: igmp 
compon ...)
        TODO: check
 CVE-2023-6931 (A heap out-of-bounds write vulnerability in the Linux kernel's 
Perform ...)
        TODO: check
 CVE-2023-6913 (A session hijacking vulnerability has been detected in the Imou 
Life a ...)
-       TODO: check
+       NOT-FOR-US: Imou Life application
 CVE-2023-6730 (Deserialization of Untrusted Data in GitHub repository 
huggingface/tra ...)
        TODO: check
 CVE-2023-6711 (Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 
60870-5-104 th ...)
-       TODO: check
+       NOT-FOR-US: Hitachi
 CVE-2023-6280 (An XXE (XML External Entity) vulnerability has been detected in 
52Nort ...)
-       TODO: check
+       NOT-FOR-US: 52North WPS
 CVE-2023-50376 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50272 (A potential security vulnerability has been identified in HPE 
Integrat ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2023-49706 (Defective request context handling in Self Service in LinOTP 
3.x befor ...)
        TODO: check
 CVE-2023-49489 (Reflective Cross Site Scripting (XSS) vulnerability in 
KodeExplorer ve ...)
@@ -35,7 +35,7 @@ CVE-2023-46264 (An unrestricted upload of file with dangerous 
type vulnerability
 CVE-2023-46263 (An unrestricted upload of file with dangerous type 
vulnerability exist ...)
        TODO: check
 CVE-2023-46262 (An unauthenticated attacked could send a specifically crafted 
web requ ...)
-       TODO: check
+       NOT-FOR-US: Ivanti
 CVE-2023-46261 (An attacker sending specially crafted data packets to the 
Mobile Devic ...)
        TODO: check
 CVE-2023-46260 (An attacker sending specially crafted data packets to the 
Mobile Devic ...)
@@ -63,11 +63,11 @@ CVE-2023-46217 (An attacker sending specially crafted data 
packets to the Mobile
 CVE-2023-46216 (An attacker sending specially crafted data packets to the 
Mobile Devic ...)
        TODO: check
 CVE-2023-45105 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-44991 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-44983 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-43870 (When installing the Net2 software a root certificate is 
installed into ...)
        TODO: check
 CVE-2023-43826 (Apache Guacamole 1.5.3 and older do not consistently ensure 
that value ...)
@@ -77,17 +77,17 @@ CVE-2023-41727 (An attacker sending specially crafted data 
packets to the Mobile
 CVE-2023-41648 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in S ...)
        TODO: check
 CVE-2023-40602 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in D ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38481 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-38478 (URL Redirection to Untrusted Site ('Open Redirect') 
vulnerability in C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-37390 (Deserialization of Untrusted Data vulnerability in Themesflat 
Themesfl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34382 (Deserialization of Untrusted Data vulnerability in weDevs 
Dokan \u2013 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-34027 (Deserialization of Untrusted Data vulnerability in Rajnish 
Arora Recen ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2019-25158 (A vulnerability has been found in pedroetb tts-api up to 2.1.4 
and cla ...)
        TODO: check
 CVE-2023-50762 (When processing a PGP/MIME payload that contains digitally 
signed text ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d02ae3ba3cb524f9b5562d1265350112ab9ed638

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d02ae3ba3cb524f9b5562d1265350112ab9ed638
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some new NFUs

Reply via email to