Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e3ff3232 by Salvatore Bonaccorso at 2023-08-31T23:39:37+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -15,41 +15,41 @@ CVE-2023-4678 (Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.) NOTE: https://github.com/gpac/gpac/commit/4607052c482a51dbdacfe1ade10645c181d07b07 NOTE: https://huntr.dev/bounties/688a4a01-8c18-469d-8cbe-a2e79e80c877 CVE-2023-41748 (Remote command execution due to improper input validation. The followi ...) - TODO: check + NOT-FOR-US: Acronis CVE-2023-41747 (Sensitive information disclosure due to improper input validation. The ...) - TODO: check + NOT-FOR-US: Acronis CVE-2023-41746 (Remote command execution due to improper input validation. The followi ...) - TODO: check + NOT-FOR-US: Acronis CVE-2023-41745 (Sensitive information disclosure due to excessive collection of system ...) - TODO: check + NOT-FOR-US: Acronis CVE-2023-41744 (Local privilege escalation due to unrestricted loading of unsigned lib ...) - TODO: check + NOT-FOR-US: Acronis CVE-2023-41743 (Local privilege escalation due to insecure driver communication port p ...) - TODO: check + NOT-FOR-US: Acronis CVE-2023-41742 (Excessive attack surface due to binding to an unrestricted IP address. ...) - TODO: check + NOT-FOR-US: Acronis CVE-2023-41741 (Exposure of sensitive information to an unauthorized actor vulnerabili ...) - TODO: check + NOT-FOR-US: Synology CVE-2023-41740 (Improper limitation of a pathname to a restricted directory ('Path Tra ...) - TODO: check + NOT-FOR-US: Synology CVE-2023-41739 (Uncontrolled resource consumption vulnerability in File Functionality ...) - TODO: check + NOT-FOR-US: Synology CVE-2023-41738 (Improper neutralization of special elements used in an OS command ('OS ...) - TODO: check + NOT-FOR-US: Synology CVE-2023-41717 (Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and ...) TODO: check CVE-2023-41642 (Multiple reflected cross-site scripting (XSS) vulnerabilities in the E ...) - TODO: check + NOT-FOR-US: GruppoSCAI RealGimm CVE-2023-41640 (An improper error handling vulnerability in the component ErroreNonGes ...) - TODO: check + NOT-FOR-US: GruppoSCAI RealGimm CVE-2023-41638 (An arbitrary file upload vulnerability in the Gestione Documentale mod ...) - TODO: check + NOT-FOR-US: GruppoSCAI RealGimm CVE-2023-41637 (An arbitrary file upload vulnerability in the Carica immagine function ...) - TODO: check + NOT-FOR-US: GruppoSCAI RealGimm CVE-2023-41636 (A SQL injection vulnerability in the Data Richiesta dal parameter of G ...) - TODO: check + NOT-FOR-US: GruppoSCAI RealGimm CVE-2023-41635 (A XML External Entity (XXE) vulnerability in the VerifichePeriodiche.a ...) - TODO: check + NOT-FOR-US: GruppoSCAI RealGimm CVE-2023-41045 (Graylog is a free and open log management platform. Graylog makes use ...) TODO: check CVE-2023-41044 (Graylog is a free and open log management platform. A partial path tra ...) @@ -67,9 +67,9 @@ CVE-2023-39351 (FreeRDP is a free implementation of the Remote Desktop Protocol CVE-2023-39350 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...) TODO: check CVE-2023-34392 (A Missing Authentication for Critical Function vulnerability in the Sc ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator CVE-2023-34391 (Insecure Inherited Permissions vulnerability in Schweitzer Engineering ...) - TODO: check + NOT-FOR-US: Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software CVE-2023-33835 (IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a ...) NOT-FOR-US: IBM CVE-2023-33834 (IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3ff3232f24d7dcc7f7fd53ecc7dad527c4c155f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3ff3232f24d7dcc7f7fd53ecc7dad527c4c155f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits