Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bc559100 by Salvatore Bonaccorso at 2023-08-09T22:30:43+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4,7 +4,7 @@ CVE-2023-4273 (A flaw was found in the exFAT driver of the
Linux kernel. The vul
CVE-2023-40012 (uthenticode is a small cross-platform library for partially
verifying ...)
TODO: check
CVE-2023-3953 (A CWE-119: Improper Restriction of Operations within the Bounds
of a M ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2023-3518 (HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT
Auth for ...)
TODO: check
CVE-2023-39969 (uthenticode is a small cross-platform library for partially
verifying ...)
@@ -12,43 +12,43 @@ CVE-2023-39969 (uthenticode is a small cross-platform
library for partially veri
CVE-2023-39531 (Sentry is an error tracking and performance monitoring
platform. Start ...)
TODO: check
CVE-2023-39008 (A command injection vulnerability in the component
/api/cron/settings/ ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-39007 (/ui/cron/item/open in the Cron component of OPNsense before
23.7 allow ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-39006 (The Crash Reporter (crash_reporter.php) component of OPNsense
before 2 ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-39005 (Insecure permissions exist for configd.socket in OPNsense
before 23.7.)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-39004 (Insecure permissions in the configuration directory (/conf/)
of OPNsen ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-39003 (OPNsense before 23.7 was discovered to contain insecure
permissions in ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-39002 (A cross-site scripting (XSS) vulnerability in the act
parameter of sys ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-39001 (A command injection vulnerability in the component
diag_backup.php of ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-39000 (A reflected cross-site scripting (XSS) vulnerability in the
component ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-38999 (A Cross-Site Request Forgery (CSRF) in the System Halt API
(/system/ha ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-38998 (An open redirect in the Login page of OPNsense before 23.7
allows atta ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-38997 (A directory traversal vulnerability in the Captive Portal
templates of ...)
- TODO: check
+ NOT-FOR-US: OPNsense
CVE-2023-38348 (A CSRF issue was discovered in LWsystems Benno MailArchiv
2.10.1.)
- TODO: check
+ NOT-FOR-US: LWsystems Benno MailArchiv
CVE-2023-38347 (An issue was discovered in LWsystems Benno MailArchiv 2.10.1.
Attacker ...)
- TODO: check
+ NOT-FOR-US: LWsystems Benno MailArchiv
CVE-2023-38213 (Adobe Dimension version 3.4.9 is affected by an out-of-bounds
read vul ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38212 (Adobe Dimension version 3.4.9 is affected by a Heap-based
Buffer Overf ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38211 (Adobe Dimension version 3.4.9 is affected by a Use After Free
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-37068 (Code-Projects Gym Management System V1.0 allows remote
attackers to ex ...)
- TODO: check
+ NOT-FOR-US: Code-Projects Gym Management System
CVE-2023-34545 (A SQL injection vulnerability in CSZCMS 1.3.0 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: CSZCMS
CVE-2023-33953 (gRPC contains a vulnerability that allows hpack table
accounting error ...)
TODO: check
CVE-2023-33469 (In instances where the screen is visible and remote mouse
connection i ...)
@@ -56,17 +56,17 @@ CVE-2023-33469 (In instances where the screen is visible
and remote mouse connec
CVE-2023-33468 (KramerAV VIA Connect (2) and VIA Go (2) devices with a version
prior t ...)
TODO: check
CVE-2023-32782 (An issue was discovered in Paessler PRTG Network Monitor
23.2.83.1760. ...)
- TODO: check
+ NOT-FOR-US: PRTG Network Monitor
CVE-2023-32781 (An issue was discovered in Paessler PRTG Network Monitor
23.2.83.1760. ...)
- TODO: check
+ NOT-FOR-US: PRTG Network Monitor
CVE-2023-31452 (An issue was discovered in Paessler PRTG Network Monitor
23.2.83.1760 ...)
- TODO: check
+ NOT-FOR-US: PRTG Network Monitor
CVE-2023-31450 (An issue was discovered in Paessler PRTG Network Monitor
23.2.83.1760 ...)
- TODO: check
+ NOT-FOR-US: PRTG Network Monitor
CVE-2023-31449 (An issue was discovered in Paessler PRTG Network Monitor
23.2.83.1760 ...)
- TODO: check
+ NOT-FOR-US: PRTG Network Monitor
CVE-2023-31448 (An issue was discovered in Paessler PRTG Network Monitor
23.2.83.1760 ...)
- TODO: check
+ NOT-FOR-US: PRTG Network Monitor
CVE-2022-48604 (A SQL injection vulnerability exists in the \u201clogging
export\u201d ...)
TODO: check
CVE-2022-48603 (A SQL injection vulnerability exists in the \u201cmessage
viewer ifram ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc559100b359bf888b334f7d0ac9dbf1ed7784dd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc559100b359bf888b334f7d0ac9dbf1ed7784dd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
