[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 24 Jul 2023 13:40:11 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1e3fc4d3 by Salvatore Bonaccorso at 2023-07-24T22:39:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,13 +6,13 @@ CVE-2023-3863 (A use-after-free flaw was found in 
nfc_llcp_find_local in net/nfc
 CVE-2023-3344 (The Auto Location for WP Job Manager via Google WordPress 
plugin befor ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-3324 (A vulnerability exists by allowing low-privileged users to read 
and up ...)
-       TODO: check
+       NOT-FOR-US: ABB
 CVE-2023-3323 (A vulnerability exists by allowing low-privileged users to read 
and up ...)
-       TODO: check
+       NOT-FOR-US: ABB
 CVE-2023-3322 (A vulnerability exists by allowing low-privileged users to read 
and up ...)
-       TODO: check
+       NOT-FOR-US: ABB
 CVE-2023-3321 (A vulnerability exists by allowing low-privileged users to read 
and up ...)
-       TODO: check
+       NOT-FOR-US: ABB
 CVE-2023-3248 (The All-in-one Floating Contact Form WordPress plugin before 
2.1.2 doe ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-38060 (Improper Input Validation vulnerability in the ContentType 
parameter f ...)
@@ -24,7 +24,7 @@ CVE-2023-38057 (An improper input validation vulnerability in 
OTRS Survey module
 CVE-2023-38056 (Improper Neutralization of commands allowed to be executed via 
OTRS Sy ...)
        TODO: check
 CVE-2023-37613 (A cross-site scripting (XSS) vulnerability in Assembly 
Software Trialw ...)
-       TODO: check
+       NOT-FOR-US: Assembly Software Trialworks
 CVE-2023-2761 (The User Activity Log WordPress plugin before 1.6.3 does not 
properly  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-3862 (A vulnerability was found in Travelmate Travelable Trek 
Management Sol ...)
@@ -24597,9 +24597,9 @@ CVE-2023-26080
 CVE-2023-26079
        RESERVED
 CVE-2023-26078 (Privilege escalation vulnerability was discovered in Atera 
Agent 1.8.4 ...)
-       TODO: check
+       NOT-FOR-US: Atera Agent
 CVE-2023-26077 (Atera Agent through 1.8.3.6 on Windows Creates a Temporary 
File in a D ...)
-       TODO: check
+       NOT-FOR-US: Atera Agent
 CVE-2023-26076 (An issue was discovered in Samsung Mobile Chipset and Baseband 
Modem C ...)
        NOT-FOR-US: Samsung
 CVE-2023-26075 (An issue was discovered in Samsung Mobile Chipset and Baseband 
Modem C ...)
@@ -91299,7 +91299,7 @@ CVE-2022-30282
 CVE-2022-30281
        RESERVED
 CVE-2022-30280 (/SecurityManagement/html/createuser.jsf in Nokia NetAct 22 
allows CSRF ...)
-       TODO: check
+       NOT-FOR-US: Nokia
 CVE-2022-30279 (An issue was discovered in Stormshield Network Security (SNS) 
4.3.x be ...)
        NOT-FOR-US: Stormshield Network Security (SNS)
 CVE-2022-30278 (A vulnerability in Black Duck Hub\u2019s embedded MadCap Flare 
documen ...)
@@ -95473,15 +95473,15 @@ CVE-2022-28869 (A vulnerability affecting F-Secure 
SAFE browser was discovered.
 CVE-2022-28868 (An Address bar spoofing vulnerability was discovered in Safe 
Browser f ...)
        NOT-FOR-US: F-Secure
 CVE-2022-28867 (An issue was discovered in Nokia NetAct 22 through the 
Administration  ...)
-       TODO: check
+       NOT-FOR-US: Nokia
 CVE-2022-28866 (Multiple Improper Access Control was discovered in Nokia 
AirFrame BMC  ...)
        NOT-FOR-US: Nokia AirFrame BMC Web GUI
 CVE-2022-28865 (An issue was discovered in Nokia NetAct 22 through the Site 
Configurat ...)
-       TODO: check
+       NOT-FOR-US: Nokia
 CVE-2022-28864 (An issue was discovered in Nokia NetAct 22 through the 
Administration  ...)
-       TODO: check
+       NOT-FOR-US: Nokia
 CVE-2022-28863 (An issue was discovered in Nokia NetAct 22. A remote user, 
authenticat ...)
-       TODO: check
+       NOT-FOR-US: Nokia
 CVE-2022-28862 (In Archibus Web Central before 26.2, multiple SQL Injection 
vulnerabil ...)
        NOT-FOR-US: ARCHIBUS Web Central
 CVE-2022-28861 (The server in Citilog 8.0 allows an attacker (in a man in the 
middle p ...)
@@ -139706,7 +139706,7 @@ CVE-2021-39423
 CVE-2021-39422
        RESERVED
 CVE-2021-39421 (A cross-site scripting (XSS) vulnerability in SeedDMS v6.0.15 
allows a ...)
-       TODO: check
+       NOT-FOR-US: SeedDMS
 CVE-2021-39420 (Multiple Cross Site Scripting (XSS) vulnerabilities exist in 
VFront 0. ...)
        NOT-FOR-US: VFront
 CVE-2021-39419



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e3fc4d3ab4bbd32cbe75e9b5d946167d2d6f00a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e3fc4d3ab4bbd32cbe75e9b5d946167d2d6f00a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to