[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sun, 16 Apr 2023 04:51:43 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a0db913d by Salvatore Bonaccorso at 2023-04-16T13:50:36+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2015-10103
 CVE-2015-10102
        RESERVED
 CVE-2015-10101 (A vulnerability classified as problematic was found in Google 
Analytic ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-2107 (A vulnerability, which was classified as critical, was found in 
IBOS 4 ...)
        NOT-FOR-US: IBOS
 CVE-2023-2106 (Weak Password Requirements in GitHub repository 
janeczku/calibre-web p ...)
@@ -2782,7 +2782,7 @@ CVE-2023-29599
 CVE-2023-29598 (lmxcms v1.4.1 was discovered to contain a SQL injection 
vulnerability  ...)
        NOT-FOR-US: lmxcms
 CVE-2023-29597 (bloofox v0.5.2 was discovered to contain a SQL injection 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: bloofox
 CVE-2023-29596
        RESERVED
 CVE-2023-29595
@@ -3105,13 +3105,13 @@ CVE-2023-29511
 CVE-2023-29510
        RESERVED
 CVE-2023-29509 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29508 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29507 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29506 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29505
        RESERVED
 CVE-2023-28393
@@ -4089,33 +4089,33 @@ CVE-2023-29216 (In Apache Linkis &lt;=1.3.1, because 
the parameters are not effe
 CVE-2023-29215 (In Apache Linkis &lt;=1.3.1, due to the lack of effective 
filtering of ...)
        NOT-FOR-US: Apache Linkis
 CVE-2023-29214 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29213
        RESERVED
 CVE-2023-29212 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29211 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29210 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29209 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29208 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29207 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29206 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29205 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29204 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29203 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29202 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29201 (XWiki Commons are technical libraries common to several other 
top leve ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2023-29200
        RESERVED
 CVE-2023-29199 (There exists a vulnerability in source code transformer 
(exception san ...)
@@ -8918,7 +8918,7 @@ CVE-2023-27814
 CVE-2023-27813
        RESERVED
 CVE-2023-27812 (bloofox v0.5.2 was discovered to contain an arbitrary file 
deletion vu ...)
-       TODO: check
+       NOT-FOR-US: bloofox
 CVE-2023-27811
        RESERVED
 CVE-2023-27810 (H3C Magic R100 R100V100R005.bin was discovered to contain a 
stack over ...)
@@ -9254,21 +9254,21 @@ CVE-2023-27656
 CVE-2023-27655 (xpdf v4.04 was discovered to contain a stack overflow in the 
component ...)
        TODO: check
 CVE-2023-27654 (An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: WHO
 CVE-2023-27653 (An issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: WHO
 CVE-2023-27652
        RESERVED
 CVE-2023-27651 (An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 
allows an  ...)
-       TODO: check
+       NOT-FOR-US: Ego Studio SuperClean
 CVE-2023-27650 (An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 
allows a ...)
        NOT-FOR-US: APUS Group Launcher
 CVE-2023-27649 (SQL injection vulnerability found in Trusted Tools Free Music 
v.2.1.0. ...)
-       TODO: check
+       NOT-FOR-US: Free Music
 CVE-2023-27648 (Directory Traversal vulnerability found in T-ME Studios Change 
Color o ...)
-       TODO: check
+       NOT-FOR-US: T-ME Studios Change Color of Keypad
 CVE-2023-27647 (An issue found in DUALSPACE Lock Master v.2.2.4 allows a local 
attacke ...)
-       TODO: check
+       NOT-FOR-US: DUALSPACE Lock Master
 CVE-2023-27646
        RESERVED
 CVE-2023-27645 (An issue found in POWERAMP audioplayer build 925 bundle play 
and build ...)
@@ -9276,7 +9276,7 @@ CVE-2023-27645 (An issue found in POWERAMP audioplayer 
build 925 bundle play and
 CVE-2023-27644
        RESERVED
 CVE-2023-27643 (An issue found in POWERAMP 925-bundle-play and Poweramp 
954-uni allows ...)
-       TODO: check
+       NOT-FOR-US: POWERAMP
 CVE-2023-27642
        RESERVED
 CVE-2023-27641 (The REPORT (after z but before a) parameter in wa.exe in 
L-Soft LISTSE ...)
@@ -9480,9 +9480,9 @@ CVE-2023-27574 (ShadowsocksX-NG 1.10.0 signs with 
com.apple.security.get-task-al
 CVE-2023-27573
        RESERVED
 CVE-2023-27572 (An issue was discovered in CommScope Arris DG3450 Cable 
Gateway AR01.0 ...)
-       TODO: check
+       NOT-FOR-US: CommScope Arris DG3450
 CVE-2023-27571 (An issue was discovered in DG3450 Cable Gateway 
AR01.02.056.18_041520_ ...)
-       TODO: check
+       NOT-FOR-US: DG3450 Cable Gateway
 CVE-2023-27570 (The eo_tags package before 1.4.19 for PrestaShop allows SQL 
injection  ...)
        NOT-FOR-US: PrestaShop
 CVE-2023-27569 (The eo_tags package before 1.3.0 for PrestaShop allows SQL 
injection v ...)
@@ -10640,7 +10640,7 @@ CVE-2023-27195
 CVE-2023-27194
        RESERVED
 CVE-2023-27193 (An issue found in DUALSPACE v.1.1.3 allows a local attacker to 
gain pr ...)
-       TODO: check
+       NOT-FOR-US: DUALSPACE
 CVE-2023-27192 (An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an 
attacker  ...)
        NOT-FOR-US: DUALSPACE Super Secuirty
 CVE-2023-27191 (An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an 
attacker  ...)
@@ -11089,7 +11089,7 @@ CVE-2023-26982 (Trudesk v1.2.6 was discovered to 
contain a stored cross-site scr
 CVE-2023-26981
        RESERVED
 CVE-2023-26980 (PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race 
Condition  ...)
-       TODO: check
+       NOT-FOR-US: PAX Technology PAX A920 Pro PayDroid
 CVE-2023-26979
        RESERVED
 CVE-2023-26978 (TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to 
contain a com ...)
@@ -11222,7 +11222,7 @@ CVE-2023-26920
 CVE-2023-26919 (delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to 
sandbox escap ...)
        NOT-FOR-US: delight-nashorn-sandbox
 CVE-2023-26918 (Diasoft File Replication Pro 7.5.0 allows attackers to 
escalate privil ...)
-       TODO: check
+       NOT-FOR-US: Diasoft File Replication Pro
 CVE-2023-26917 (libyang from v2.0.164 to v2.1.30 was discovered to contain a 
NULL poin ...)
        - libyang2 <unfixed>
        [bullseye] - libyang2 <no-dsa> (Minor issue)
@@ -11566,7 +11566,7 @@ CVE-2023-26758 (Sme.UP TOKYO V6R1M220406 was discovered 
to contain an arbitrary
 CVE-2023-26757
        RESERVED
 CVE-2023-26756 (The login page of Revive Adserver v5.4.1 is vulnerable to 
brute force  ...)
-       TODO: check
+       NOT-FOR-US: Revive Adserver
 CVE-2023-26755
        RESERVED
 CVE-2023-26754
@@ -11951,7 +11951,7 @@ CVE-2023-26561
 CVE-2023-26560
        RESERVED
 CVE-2023-26559 (A directory traversal vulnerability in Oxygen XML Web Author 
before 25 ...)
-       TODO: check
+       NOT-FOR-US: Oxygen XML Web Author
 CVE-2023-26558
        RESERVED
 CVE-2023-26557
@@ -12486,115 +12486,115 @@ CVE-2023-26427
 CVE-2023-26426 (Illustrator version 26.5.2 (and earlier) and 27.2.0 (and 
earlier) are  ...)
        NOT-FOR-US: Adobe
 CVE-2023-26425 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26424 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26423 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26422 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26421 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26420 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26419 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26418 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26417 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26416 (Adobe Substance 3D Designer version 12.4.0 (and earlier) is 
affected b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26415 (Adobe Substance 3D Designer version 12.4.0 (and earlier) is 
affected b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26414 (Adobe Substance 3D Designer version 12.4.0 (and earlier) is 
affected b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26413 (Adobe Substance 3D Designer version 12.4.0 (and earlier) is 
affected b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26412 (Adobe Substance 3D Designer version 12.4.0 (and earlier) is 
affected b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26411 (Adobe Substance 3D Designer version 12.4.0 (and earlier) is 
affected b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26410 (Adobe Substance 3D Designer version 12.4.0 (and earlier) is 
affected b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26409 (Adobe Substance 3D Designer version 12.4.0 (and earlier) is 
affected b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26408 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26407 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26406 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26405 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26404 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26403 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26402 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26401 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26400 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26399
        RESERVED
 CVE-2023-26398 (Adobe Substance 3D Designer version 12.4.0 (and earlier) is 
affected b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26397 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26396 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26395 (Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 
20.005.30 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26394 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26393 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26392 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26391 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26390 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26389 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26388 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26387 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26386 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26385 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26384 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26383 (Adobe Substance 3D Stager version 2.0.1 (and earlier) is 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26382 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26381 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26380 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26379 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26378 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26377 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26376 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26375 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26374 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26373 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26372 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26371 (Adobe Dimension version 3.4.8 (and earlier) is affected by an 
out-of-b ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2023-26370
        RESERVED
 CVE-2023-26369
@@ -12917,9 +12917,9 @@ CVE-2023-26266 (In AFL++ 4.05c, the CmpLog component 
uses the current working di
 CVE-2023-26265 (The Borg theme before 1.1.19 for Backdrop CMS does not 
sufficiently sa ...)
        - backdrop <itp> (bug #914257)
 CVE-2023-26264 (All versions of Talend Data Catalog before 8.0-20220907 are 
potentiall ...)
-       TODO: check
+       NOT-FOR-US: Talend Data Catalog
 CVE-2023-26263 (All versions of Talend Data Catalog before 8.0-20230110 are 
potentiall ...)
-       TODO: check
+       NOT-FOR-US: Talend Data Catalog
 CVE-2023-26262 (An issue was discovered in Sitecore XP/XM 10.3. As an 
authenticated Si ...)
        NOT-FOR-US: Sitecore
 CVE-2023-26261 (In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath 
injection lead ...)
@@ -15097,7 +15097,7 @@ CVE-2023-25599
 CVE-2023-25598
        RESERVED
 CVE-2023-25597 (A vulnerability in the web conferencing component of Mitel 
MiCollab th ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2023-25596 (A vulnerability exists in ClearPass Policy Manager that allows 
for an  ...)
        NOT-FOR-US: Aruba
 CVE-2023-25595 (A vulnerability exists in the ClearPass OnGuard Ubuntu agent 
that allo ...)
@@ -16846,7 +16846,7 @@ CVE-2023-24936
 CVE-2023-24935 (Microsoft Edge (Chromium-based) Spoofing Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2023-24934 (Microsoft Defender Security Feature Bypass Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2023-24933
        RESERVED
 CVE-2023-24932
@@ -17990,7 +17990,7 @@ CVE-2023-24547
 CVE-2023-24546
        RESERVED
 CVE-2023-24545 (On affected platforms running Arista CloudEOS an issue in the 
Software ...)
-       TODO: check
+       NOT-FOR-US: Arista
 CVE-2023-0517
        RESERVED
 CVE-2023-0516 (A vulnerability was found in SourceCodester Online Tours &amp; 
Travels ...)
@@ -18173,15 +18173,15 @@ CVE-2023-0494 (A vulnerability was found in X.Org. 
This issue occurs due to a da
 CVE-2022-4897 (The BackupBuddy WordPress plugin before 8.8.3 does not sanitise 
and es ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-24513 (On affected platforms running Arista CloudEOS an issue in the 
Software ...)
-       TODO: check
+       NOT-FOR-US: Arista
 CVE-2023-24512
        RESERVED
 CVE-2023-24511 (On affected platforms running Arista EOS with SNMP configured, 
a speci ...)
-       TODO: check
+       NOT-FOR-US: Arista
 CVE-2023-24510
        RESERVED
 CVE-2023-24509 (On affected modular platforms running Arista EOS equipped with 
both re ...)
-       TODO: check
+       NOT-FOR-US: Arista
 CVE-2023-24508 (Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and 
Nova 246  ...)
        NOT-FOR-US: Baicells
 CVE-2023-24507
@@ -22498,13 +22498,13 @@ CVE-2023-22953 (In ExpressionEngine before 7.2.6, 
remote code execution can be a
 CVE-2023-22952 (In SugarCRM before 12.0. Hotfix 91155, a crafted request can 
inject cu ...)
        NOT-FOR-US: SugarCRM
 CVE-2023-22951 (An issue was discovered in TigerGraph Enterprise Free Edition 
3.x. It  ...)
-       TODO: check
+       NOT-FOR-US: TigerGraph Enterprise Free Edition
 CVE-2023-22950 (An issue was discovered in TigerGraph Enterprise Free Edition 
3.x. Dat ...)
-       TODO: check
+       NOT-FOR-US: TigerGraph Enterprise Free Edition
 CVE-2023-22949 (An issue was discovered in TigerGraph Enterprise Free Edition 
3.x. The ...)
-       TODO: check
+       NOT-FOR-US: TigerGraph Enterprise Free Edition
 CVE-2023-22948 (An issue was discovered in TigerGraph Enterprise Free Edition 
3.x. The ...)
-       TODO: check
+       NOT-FOR-US: TigerGraph Enterprise Free Edition
 CVE-2023-22947 (** DISPUTED ** Insecure folder permissions in the Windows 
installation ...)
        - shibboleth-sp <not-affected> (Windows-specific)
 CVE-2023-22946



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0db913d826804e980db8650c7cc86b059572967

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0db913d826804e980db8650c7cc86b059572967
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to