Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1b24ba48 by Salvatore Bonaccorso at 2023-09-11T23:10:55+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -24,61 +24,61 @@ CVE-2023-41593 (Multiple cross-site scripting (XSS) vulnerabilities in Dairy Far CVE-2023-41336 (ux-autocomplete is a JavaScript Autocomplete functionality for Symfony ...) TODO: check CVE-2023-41256 (Dover Fueling Solutions MAGLINK LX Web Console Configuration versions ...) - TODO: check + NOT-FOR-US: Dover Fueling Solutions MAGLINK LX Web Console Configuration CVE-2023-41103 (Interact 7.9.79.5 allows stored Cross-site Scripting (XSS) attacks in ...) - TODO: check + NOT-FOR-US: Interact CVE-2023-41000 (GPAC through 2.2.1 has a use-after-free vulnerability in the function ...) TODO: check CVE-2023-40946 (Schoolmate 1.3 is vulnerable to SQL Injection in the variable $usernam ...) - TODO: check + NOT-FOR-US: Schoolmate CVE-2023-40945 (Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Inje ...) - TODO: check + NOT-FOR-US: Sourcecodester Doctor Appointment System CVE-2023-40944 (Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schooln ...) - TODO: check + NOT-FOR-US: Schoolmate CVE-2023-40786 (HKcms v2.3.0.230709 is vulnerable to Cross Site Scripting (XSS) allowi ...) - TODO: check + NOT-FOR-US: HKcms CVE-2023-40150 (Softneta MedDream PACS does not perform an authentication check and pe ...) - TODO: check + NOT-FOR-US: Softneta MedDream PACS CVE-2023-40032 (libvips is a demand-driven, horizontally threaded image processing lib ...) TODO: check CVE-2023-3612 (Govee Home app has unprotected access to WebView component which can b ...) - TODO: check + NOT-FOR-US: Govee Home app CVE-2023-3510 (The FTP Access WordPress plugin through 1.0 does not have authorisatio ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-3170 (The tagDiv Composer WordPress plugin before 4.2, used as a companion b ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-3169 (The tagDiv Composer WordPress plugin before 4.2, used as a companion b ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-39780 (ASUS RT-AX55 v3.0.0.4.386.51598 was discovered to contain an authentic ...) - TODO: check + NOT-FOR-US: ASUS CVE-2023-39227 (Softneta MedDream PACSstores usernames and passwords in plaintext. The ...) - TODO: check + NOT-FOR-US: Softneta MedDream PACS CVE-2023-39070 (An issue in Cppcheck 2.12 dev allows a local attacker to execute arbit ...) TODO: check CVE-2023-39068 (Buffer Overflow vulnerability in NBD80S09S-KLC v.YK_HZXM_NBD80S09S-KLC ...) TODO: check CVE-2023-39067 (Cross Site Scripting vulnerability in ZLMediaKiet v.4.0 and v.5.0 allo ...) - TODO: check + NOT-FOR-US: ZLMediaKiet CVE-2023-39063 (Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local at ...) - TODO: check + NOT-FOR-US: RaidenFTPD CVE-2023-38829 (An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker ...) - TODO: check + NOT-FOR-US: NETIS SYSTEMS WF2409E CVE-2023-38743 (Zoho ManageEngine ADManager Plus before Build 7200 allows admin users ...) - TODO: check + NOT-FOR-US: Zoho ManageEngine CVE-2023-38256 (Dover Fueling Solutions MAGLINK LX Web Console Configuration versions ...) - TODO: check + NOT-FOR-US: Dover Fueling Solutions MAGLINK LX Web Console Configuration CVE-2023-36980 (An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balanc ...) TODO: check CVE-2023-36497 (Dover Fueling Solutions MAGLINK LX Web Console Configuration versions ...) - TODO: check + NOT-FOR-US: Dover Fueling Solutions MAGLINK LX Web Console Configuration CVE-2023-36161 (An issue was discovered in Qubo Smart Plug 10A version HSP02_01_01_14_ ...) - TODO: check + NOT-FOR-US: Qubo CVE-2023-36140 (In PHPJabbers Cleaning Business Software 1.0, there is no encryption o ...) - TODO: check + NOT-FOR-US: PHPJabbers CVE-2023-31468 (An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime ...) - TODO: check + NOT-FOR-US: Inosoft CVE-2023-2705 (The gAppointments WordPress plugin before 1.10.0 does not sanitise and ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-4816 (A vulnerability exists in the Equipment Tag Out authentication, when c ...) TODO: check CVE-2023-42471 (The wave.ai.browser application through 1.0.35 for Android allows a re ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b24ba4809d2132c6678190c53cff830ca423a05 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b24ba4809d2132c6678190c53cff830ca423a05 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits