Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
30dc7bc1 by Moritz Muehlenhoff at 2023-07-23T10:36:37+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
CVE-2023-3848 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: mooDating
CVE-2023-3847 (A vulnerability classified as problematic was found in
mooSocial mooDa ...)
- TODO: check
+ NOT-FOR-US: mooDating
CVE-2023-3846 (A vulnerability classified as problematic has been found in
mooSocial ...)
- TODO: check
+ NOT-FOR-US: mooDating
CVE-2023-3845 (A vulnerability was found in mooSocial mooDating 1.2. It has
been rate ...)
- TODO: check
+ NOT-FOR-US: mooDating
CVE-2023-3844 (A vulnerability was found in mooSocial mooDating 1.2. It has
been decl ...)
- TODO: check
+ NOT-FOR-US: mooDating
CVE-2023-3843 (A vulnerability was found in mooSocial mooDating 1.2. It has
been clas ...)
- TODO: check
+ NOT-FOR-US: mooDating
CVE-2023-3842 (A vulnerability was found in Pointware EasyInventory 1.0.12.0
and clas ...)
- TODO: check
+ NOT-FOR-US: Pointware EasyInventory
CVE-2023-3841 (A vulnerability has been found in NxFilter 4.3.2.5 and
classified as p ...)
- TODO: check
+ NOT-FOR-US: NxFilter
CVE-2023-3840 (A vulnerability, which was classified as problematic, was found
in NxF ...)
- TODO: check
+ NOT-FOR-US: NxFilter
CVE-2023-3839 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: DedeBIZ
CVE-2023-3838 (A vulnerability classified as problematic was found in DedeBIZ
6.2.10. ...)
- TODO: check
+ NOT-FOR-US: DedeBIZ
CVE-2023-3837 (A vulnerability classified as problematic has been found in
DedeBIZ 6. ...)
- TODO: check
+ NOT-FOR-US: DedeBIZ
CVE-2023-3836 (A vulnerability classified as critical was found in Dahua Smart
Park M ...)
NOT-FOR-US: Dahua Smart Park Management
CVE-2023-3835 (A vulnerability classified as problematic has been found in Bug
Finder ...)
@@ -47,7 +47,7 @@ CVE-2023-38633 (A directory traversal problem in the URL
decoder of librsvg befo
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1213502
NOTE: https://gitlab.gnome.org/GNOME/librsvg/-/issues/996
CVE-2023-38195 (Datalust Seq before 2023.2.9489 allows insertion of sensitive
informat ...)
- TODO: check
+ NOT-FOR-US: Datalust Seq
CVE-2023-3826 (A vulnerability has been found in IBOS OA 4.5.5 and classified
as crit ...)
NOT-FOR-US: IBOS OA
CVE-2023-3776 (A use-after-free vulnerability in the Linux kernel's net/sched:
cls_fw ...)
@@ -66,11 +66,11 @@ CVE-2023-3609 (A use-after-free vulnerability in the Linux
kernel's net/sched: c
[bookworm] - linux 6.1.37-1
NOTE:
https://git.kernel.org/linus/04c55383fa5689357bcdd2c8036725a55ed632bc (6.4-rc7)
CVE-2023-37918 (Dapr is a portable, event-driven, runtime for building
distributed app ...)
- TODO: check
+ NOT-FOR-US: Dapr
CVE-2023-37917 (KubePi is an opensource kubernetes management panel. A normal
user has ...)
- TODO: check
+ NOT-FOR-US: KubePi
CVE-2023-37916 (KubePi is an opensource kubernetes management panel. The
endpoint /kub ...)
- TODO: check
+ NOT-FOR-US: KubePi
CVE-2023-35077 (An out-of-bounds write vulnerability on windows operating
systems caus ...)
NOT-FOR-US: Ivanti
CVE-2023-3822 (Cross-site Scripting (XSS) - Reflected in GitHub repository
pimcore/pi ...)
@@ -17272,7 +17272,7 @@ CVE-2023-28531 (ssh-add in OpenSSH before 9.3 adds
smartcard keys to ssh-agent w
[bullseye] - openssh <not-affected> (Vulnerable code introduced later;
per-hop desination constraints support added in OpenSSH 8.9)
[buster] - openssh <not-affected> (Vulnerable code introduced later;
per-hop desination constraints support added in OpenSSH 8.9)
CVE-2023-28530 (IBM Cognos Analytics 11.1 and 11.2 is vulnerable to stored
cross-site ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-28529 (IBM InfoSphere Information Server 11.7 is vulnerable to stored
cross-s ...)
NOT-FOR-US: IBM
CVE-2023-28528 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a
non-privileged local ...)
@@ -25001,7 +25001,7 @@ CVE-2023-25931 (Medtronic identified that the Pelvic
Health clinician apps, whic
CVE-2023-25930 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 10.1 ...)
NOT-FOR-US: IBM
CVE-2023-25929 (IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site
scripti ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-25928 (IBM InfoSphere Information Server 11.7 is vulnerable to
cross-site scr ...)
NOT-FOR-US: IBM
CVE-2023-25927 (IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3,
10.0.4, and ...)
@@ -149854,7 +149854,7 @@ CVE-2021-35393 (Realtek Jungle SDK version v2.x up to
v3.4.14B provides a 'WiFi
CVE-2021-35392 (Realtek Jungle SDK version v2.x up to v3.4.14B provides a
'WiFi Simple ...)
NOT-FOR-US: Realtek Jungle SDK
CVE-2021-35391 (Server Side Request Forgery vulnerability found in Deskpro
Support Des ...)
- TODO: check
+ NOT-FOR-US: Deskpro Support Desk
CVE-2021-35390
RESERVED
CVE-2021-35389
@@ -210096,7 +210096,7 @@ CVE-2020-24277
CVE-2020-24276
RESERVED
CVE-2020-24275 (A HTTP response header injection vulnerability in Swoole
v4.5.2 allows ...)
- TODO: check
+ NOT-FOR-US: Swoole
CVE-2020-24274
RESERVED
CVE-2020-24273
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30dc7bc1435a6394b91b63304a3d9d52c1de5bd0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30dc7bc1435a6394b91b63304a3d9d52c1de5bd0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
