Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: bc559100 by Salvatore Bonaccorso at 2023-08-09T22:30:43+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -4,7 +4,7 @@ CVE-2023-4273 (A flaw was found in the exFAT driver of the Linux kernel. The vul CVE-2023-40012 (uthenticode is a small cross-platform library for partially verifying ...) TODO: check CVE-2023-3953 (A CWE-119: Improper Restriction of Operations within the Bounds of a M ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2023-3518 (HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for ...) TODO: check CVE-2023-39969 (uthenticode is a small cross-platform library for partially verifying ...) @@ -12,43 +12,43 @@ CVE-2023-39969 (uthenticode is a small cross-platform library for partially veri CVE-2023-39531 (Sentry is an error tracking and performance monitoring platform. Start ...) TODO: check CVE-2023-39008 (A command injection vulnerability in the component /api/cron/settings/ ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-39007 (/ui/cron/item/open in the Cron component of OPNsense before 23.7 allow ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-39006 (The Crash Reporter (crash_reporter.php) component of OPNsense before 2 ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-39005 (Insecure permissions exist for configd.socket in OPNsense before 23.7.) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-39004 (Insecure permissions in the configuration directory (/conf/) of OPNsen ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-39003 (OPNsense before 23.7 was discovered to contain insecure permissions in ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-39002 (A cross-site scripting (XSS) vulnerability in the act parameter of sys ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-39001 (A command injection vulnerability in the component diag_backup.php of ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-39000 (A reflected cross-site scripting (XSS) vulnerability in the component ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-38999 (A Cross-Site Request Forgery (CSRF) in the System Halt API (/system/ha ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-38998 (An open redirect in the Login page of OPNsense before 23.7 allows atta ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-38997 (A directory traversal vulnerability in the Captive Portal templates of ...) - TODO: check + NOT-FOR-US: OPNsense CVE-2023-38348 (A CSRF issue was discovered in LWsystems Benno MailArchiv 2.10.1.) - TODO: check + NOT-FOR-US: LWsystems Benno MailArchiv CVE-2023-38347 (An issue was discovered in LWsystems Benno MailArchiv 2.10.1. Attacker ...) - TODO: check + NOT-FOR-US: LWsystems Benno MailArchiv CVE-2023-38213 (Adobe Dimension version 3.4.9 is affected by an out-of-bounds read vul ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-38212 (Adobe Dimension version 3.4.9 is affected by a Heap-based Buffer Overf ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-38211 (Adobe Dimension version 3.4.9 is affected by a Use After Free vulnerab ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-37068 (Code-Projects Gym Management System V1.0 allows remote attackers to ex ...) - TODO: check + NOT-FOR-US: Code-Projects Gym Management System CVE-2023-34545 (A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers ...) - TODO: check + NOT-FOR-US: CSZCMS CVE-2023-33953 (gRPC contains a vulnerability that allows hpack table accounting error ...) TODO: check CVE-2023-33469 (In instances where the screen is visible and remote mouse connection i ...) @@ -56,17 +56,17 @@ CVE-2023-33469 (In instances where the screen is visible and remote mouse connec CVE-2023-33468 (KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior t ...) TODO: check CVE-2023-32782 (An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760. ...) - TODO: check + NOT-FOR-US: PRTG Network Monitor CVE-2023-32781 (An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760. ...) - TODO: check + NOT-FOR-US: PRTG Network Monitor CVE-2023-31452 (An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 ...) - TODO: check + NOT-FOR-US: PRTG Network Monitor CVE-2023-31450 (An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 ...) - TODO: check + NOT-FOR-US: PRTG Network Monitor CVE-2023-31449 (An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 ...) - TODO: check + NOT-FOR-US: PRTG Network Monitor CVE-2023-31448 (An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 ...) - TODO: check + NOT-FOR-US: PRTG Network Monitor CVE-2022-48604 (A SQL injection vulnerability exists in the \u201clogging export\u201d ...) TODO: check CVE-2022-48603 (A SQL injection vulnerability exists in the \u201cmessage viewer ifram ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc559100b359bf888b334f7d0ac9dbf1ed7784dd -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc559100b359bf888b334f7d0ac9dbf1ed7784dd You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits