[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 31 Aug 2023 14:40:27 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e3ff3232 by Salvatore Bonaccorso at 2023-08-31T23:39:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,41 +15,41 @@ CVE-2023-4678 (Divide By Zero in GitHub repository 
gpac/gpac prior to 2.3-DEV.)
        NOTE: 
https://github.com/gpac/gpac/commit/4607052c482a51dbdacfe1ade10645c181d07b07
        NOTE: https://huntr.dev/bounties/688a4a01-8c18-469d-8cbe-a2e79e80c877
 CVE-2023-41748 (Remote command execution due to improper input validation. The 
followi ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2023-41747 (Sensitive information disclosure due to improper input 
validation. The ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2023-41746 (Remote command execution due to improper input validation. The 
followi ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2023-41745 (Sensitive information disclosure due to excessive collection 
of system ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2023-41744 (Local privilege escalation due to unrestricted loading of 
unsigned lib ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2023-41743 (Local privilege escalation due to insecure driver 
communication port p ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2023-41742 (Excessive attack surface due to binding to an unrestricted IP 
address. ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2023-41741 (Exposure of sensitive information to an unauthorized actor 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2023-41740 (Improper limitation of a pathname to a restricted directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2023-41739 (Uncontrolled resource consumption vulnerability in File 
Functionality  ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2023-41738 (Improper neutralization of special elements used in an OS 
command ('OS ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2023-41717 (Inappropriate file type control in Zscaler Proxy versions 
3.6.1.25 and ...)
        TODO: check
 CVE-2023-41642 (Multiple reflected cross-site scripting (XSS) vulnerabilities 
in the E ...)
-       TODO: check
+       NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41640 (An improper error handling vulnerability in the component 
ErroreNonGes ...)
-       TODO: check
+       NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41638 (An arbitrary file upload vulnerability in the Gestione 
Documentale mod ...)
-       TODO: check
+       NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41637 (An arbitrary file upload vulnerability in the Carica immagine 
function ...)
-       TODO: check
+       NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41636 (A SQL injection vulnerability in the Data Richiesta dal 
parameter of G ...)
-       TODO: check
+       NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41635 (A XML External Entity (XXE) vulnerability in the 
VerifichePeriodiche.a ...)
-       TODO: check
+       NOT-FOR-US: GruppoSCAI RealGimm
 CVE-2023-41045 (Graylog is a free and open log management platform. Graylog 
makes use  ...)
        TODO: check
 CVE-2023-41044 (Graylog is a free and open log management platform. A partial 
path tra ...)
@@ -67,9 +67,9 @@ CVE-2023-39351 (FreeRDP is a free implementation of the 
Remote Desktop Protocol
 CVE-2023-39350 (FreeRDP is a free implementation of the Remote Desktop 
Protocol (RDP), ...)
        TODO: check
 CVE-2023-34392 (A Missing Authentication for Critical Function vulnerability 
in the Sc ...)
-       TODO: check
+       NOT-FOR-US: Schweitzer Engineering Laboratories SEL-5037 SEL Grid 
Configurator
 CVE-2023-34391 (Insecure Inherited Permissions vulnerability in Schweitzer 
Engineering ...)
-       TODO: check
+       NOT-FOR-US: Schweitzer Engineering Laboratories SEL-5033 AcSELerator 
RTAC Software
 CVE-2023-33835 (IBM Security Verify Information Queue 10.0.4 and 10.0.5 could 
allow a  ...)
        NOT-FOR-US: IBM
 CVE-2023-33834 (IBM Security Verify Information Queue 10.0.4 and 10.0.5 could 
allow a  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3ff3232f24d7dcc7f7fd53ecc7dad527c4c155f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3ff3232f24d7dcc7f7fd53ecc7dad527c4c155f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to