[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 14 Aug 2023 10:28:05 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fd37ad0c by Salvatore Bonaccorso at 2023-08-14T19:27:31+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8,9 +8,9 @@ CVE-2023-40303 (GNU inetutils through 2.4 may allow privilege 
escalation because
 CVE-2023-40296 (async-sockets-cpp through 0.3.1 has a stack-based buffer 
overflow in R ...)
        TODO: check
 CVE-2023-40295 (libboron in Boron 2.0.8 has a heap-based buffer overflow in 
ur_strInit ...)
-       TODO: check
+       NOT-FOR-US: libboron
 CVE-2023-40294 (libboron in Boron 2.0.8 has a heap-based buffer overflow in 
ur_parseBl ...)
-       TODO: check
+       NOT-FOR-US: libboron
 CVE-2023-40293 (Harman Infotainment 20190525031613 and later allows command 
injection  ...)
        NOT-FOR-US: Harman Infotainment
 CVE-2023-40292 (Harman Infotainment 20190525031613 and later discloses the IP 
address  ...)
@@ -23,79 +23,79 @@ CVE-2023-40283 (An issue was discovered in 
l2cap_sock_release in net/bluetooth/l
 CVE-2023-40274 (An issue was discovered in zola 0.13.0 through 0.17.2. The 
custom impl ...)
        TODO: check
 CVE-2023-3267 (When adding a remote backup location, an authenticated user can 
pass a ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2023-3266 (A non-feature complete authentication mechanism exists in the 
producti ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2023-3265 (An authentication bypass exists on CyberPower PowerPanel 
Enterprise by ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2023-3264 (The Dataprobe iBoot PDU running firmware version 1.43.03312023 
or earl ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2023-3263 (The Dataprobe iBoot PDU running firmware version 1.43.03312023 
or earl ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2023-3262 (The Dataprobe iBoot PDU running firmware version 1.43.03312023 
or earl ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2023-3261 (When adding a remote backup location, an authenticated user can 
pass a ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2023-3260 (When adding a remote backup location, an authenticated user can 
pass a ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2023-3259 (The Dataprobe iBoot PDU running firmware version 1.43.03312023 
or earl ...)
-       TODO: check
+       NOT-FOR-US: Trellix
 CVE-2023-39406 (Permission control vulnerability in the XLayout component. 
Successful  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39405 (Vulnerability of out-of-bounds parameter read/write in the 
Wi-Fi modul ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39404 (Vulnerability of input parameter verification in certain APIs 
in the w ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39403 (Parameter verification vulnerability in the installd module. 
Successfu ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39402 (Parameter verification vulnerability in the installd module. 
Successfu ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39401 (Parameter verification vulnerability in the installd module. 
Successfu ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39400 (Parameter verification vulnerability in the installd module. 
Successfu ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39399 (Parameter verification vulnerability in the installd module. 
Successfu ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39398 (Parameter verification vulnerability in the installd module. 
Successfu ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39397 (Input parameter verification vulnerability in the 
communication system ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39396 (Deserialization vulnerability in the input module. Successful 
exploita ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39395 (Mismatch vulnerability in the serialization process in the 
communicati ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39394 (Vulnerability of API privilege escalation in the wifienhance 
module. S ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39393 (Vulnerability of insecure signatures in the 
ServiceWifiResources modul ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39392 (Vulnerability of insecure signatures in the OsuLogin module. 
Successfu ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39391 (Vulnerability of system file information leakage in the USB 
Service mo ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39390 (Vulnerability of input parameter verification in certain APIs 
in the w ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39389 (Vulnerability of input parameters being not strictly verified 
in the P ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39388 (Vulnerability of input parameters being not strictly verified 
in the P ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39387 (Vulnerability of permission control in the window management 
module. S ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39386 (Vulnerability of input parameters being not strictly verified 
in the P ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39385 (Vulnerability of configuration defects in the media module of 
certain  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39384 (Vulnerability of incomplete permission verification in the 
input metho ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39383 (Vulnerability of input parameters being not strictly verified 
in the A ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39382 (Input verification vulnerability in the audio module. 
Successful explo ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39381 (Input verification vulnerability in the storage module. 
Successful exp ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-39380 (Permission control vulnerability in the audio module. 
Successful explo ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2021-46895 (Vulnerability of defects introduced in the design process in 
the Multi ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2023-4265 (Potential buffer overflow vulnerabilities in the following 
locations:  ...)
        NOT-FOR-US: zephyr-rtos
 CVE-2023-4293 (The Premium Packages - Sell Digital Products Securely plugin 
for WordP ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd37ad0c8a45cfe728cf8ebb0b6f460c728f676c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd37ad0c8a45cfe728cf8ebb0b6f460c728f676c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to