[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 19 Oct 2023 02:03:59 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2f6438ca by Salvatore Bonaccorso at 2023-10-19T11:03:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35,25 +35,25 @@ CVE-2023-45146 (XXL-RPC is a high performance, distributed 
RPC framework. With i
 CVE-2023-45145 (Redis is an in-memory database that persists on disk. On 
startup, Redi ...)
        TODO: check
 CVE-2023-43803 (Arduino Create Agent is a package to help manage Arduino 
development.  ...)
-       TODO: check
+       NOT-FOR-US: Arduino Create Agent
 CVE-2023-43802 (Arduino Create Agent is a package to help manage Arduino 
development.  ...)
-       TODO: check
+       NOT-FOR-US: Arduino Create Agent
 CVE-2023-43801 (Arduino Create Agent is a package to help manage Arduino 
development.  ...)
-       TODO: check
+       NOT-FOR-US: Arduino Create Agent
 CVE-2023-43800 (Arduino Create Agent is a package to help manage Arduino 
development.  ...)
-       TODO: check
+       NOT-FOR-US: Arduino Create Agent
 CVE-2023-37504 (HCL Compass is vulnerable to failure to invalidate sessions. 
The appli ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2023-37503 (HCL Compass is vulnerable to insecure password requirements. 
An attack ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2023-37502 (HCL Compass is vulnerable to lack of file upload security. An 
attacker ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2023-36857 (Baker Hughes \u2013 Bently Nevada 3500 System TDI Firmware 
version 5.0 ...)
-       TODO: check
+       NOT-FOR-US: Baker Hughes - Bently Nevada 3500 System TDI Firmware
 CVE-2023-34441 (Baker Hughes \u2013 Bently Nevada 3500 System TDI Firmware 
version 5.0 ...)
-       TODO: check
+       NOT-FOR-US: Baker Hughes - Bently Nevada 3500 System TDI Firmware
 CVE-2023-34437 (Baker Hughes \u2013 Bently Nevada 3500 System TDI Firmware 
version 5.0 ...)
-       TODO: check
+       NOT-FOR-US: Baker Hughes - Bently Nevada 3500 System TDI Firmware
 CVE-2023-34050 (In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , 
allowed l ...)
        TODO: check
 CVE-2023-5642 (Advantech R-SeeNet v2.4.23 allows an unauthenticated remote 
attacker t ...)
@@ -83,7 +83,7 @@ CVE-2023-45912 (WIPOTEC GmbH ComScale v4.3.29.21344 and 
v4.4.12.723 fails to val
 CVE-2023-45911 (An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and 
v4.4.12.723 allows ...)
        NOT-FOR-US: WIPOTEC GmbH ComScale
 CVE-2023-45727 (Proself Enterprise/Standard Edition Ver5.62 and earlier, 
Proself Gatew ...)
-       TODO: check
+       NOT-FOR-US: Proself
 CVE-2023-45632 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
WebDorad ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-45630 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in 
wpdevart Ga ...)
@@ -99,7 +99,7 @@ CVE-2023-45604 (Auth. (admin+) Stored Cross-Site Scripting 
(XSS) vulnerability i
 CVE-2023-45602 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Shopfile ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-45383 (In the module "SoNice etiquetage" (sonice_etiquetage) up to 
version 2. ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop plugin
 CVE-2023-45073 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Mich ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-45072 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Kard ...)
@@ -127,9 +127,9 @@ CVE-2023-45054 (Unauth. Reflected Cross-Site Scripting 
(XSS) vulnerability in AW
 CVE-2023-43250 (XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There 
is a Use ...)
        TODO: check
 CVE-2023-35663 (In Init of protocolnetadapter.cpp, there is a possible out of 
bounds r ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2023-35656 (In multiple functions of protocolembmsadapter.cpp, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2023-32089 (Pega Platform versions 8.1 to 8.8.2 are affected by an XSS 
issue with  ...)
        NOT-FOR-US: Pega Platform
 CVE-2023-32088 (Pega Platform versions 8.1 to Infinity 23.1.0 are affected by 
an XSS i ...)
@@ -36928,7 +36928,7 @@ CVE-2023-26302 (Denial of service could be caused to 
the command line interface
 CVE-2023-26301 (Certain HP LaserJet Pro print products are potentially 
vulnerable to a ...)
        NOT-FOR-US: HP
 CVE-2023-26300 (A potential security vulnerability has been identified in the 
system B ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2023-26299 (A potential Time-of-Check to Time-of-Use (TOCTOU) 
vulnerability has be ...)
        NOT-FOR-US: HP
 CVE-2023-26298 (Previous versions of HP Device Manager (prior to HPDM 5.0.10) 
could po ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f6438ca8fdf78d4765c7973016010ffda1a0d70

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f6438ca8fdf78d4765c7973016010ffda1a0d70
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to