Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1b24ba48 by Salvatore Bonaccorso at 2023-09-11T23:10:55+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24,61 +24,61 @@ CVE-2023-41593 (Multiple cross-site scripting (XSS)
vulnerabilities in Dairy Far
CVE-2023-41336 (ux-autocomplete is a JavaScript Autocomplete functionality for
Symfony ...)
TODO: check
CVE-2023-41256 (Dover Fueling Solutions MAGLINK LX Web Console Configuration
versions ...)
- TODO: check
+ NOT-FOR-US: Dover Fueling Solutions MAGLINK LX Web Console Configuration
CVE-2023-41103 (Interact 7.9.79.5 allows stored Cross-site Scripting (XSS)
attacks in ...)
- TODO: check
+ NOT-FOR-US: Interact
CVE-2023-41000 (GPAC through 2.2.1 has a use-after-free vulnerability in the
function ...)
TODO: check
CVE-2023-40946 (Schoolmate 1.3 is vulnerable to SQL Injection in the variable
$usernam ...)
- TODO: check
+ NOT-FOR-US: Schoolmate
CVE-2023-40945 (Sourcecodester Doctor Appointment System 1.0 is vulnerable to
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Doctor Appointment System
CVE-2023-40944 (Schoolmate 1.3 is vulnerable to SQL Injection in the variable
$schooln ...)
- TODO: check
+ NOT-FOR-US: Schoolmate
CVE-2023-40786 (HKcms v2.3.0.230709 is vulnerable to Cross Site Scripting
(XSS) allowi ...)
- TODO: check
+ NOT-FOR-US: HKcms
CVE-2023-40150 (Softneta MedDream PACS does not perform an authentication
check and pe ...)
- TODO: check
+ NOT-FOR-US: Softneta MedDream PACS
CVE-2023-40032 (libvips is a demand-driven, horizontally threaded image
processing lib ...)
TODO: check
CVE-2023-3612 (Govee Home app has unprotected access to WebView component
which can b ...)
- TODO: check
+ NOT-FOR-US: Govee Home app
CVE-2023-3510 (The FTP Access WordPress plugin through 1.0 does not have
authorisatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3170 (The tagDiv Composer WordPress plugin before 4.2, used as a
companion b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-3169 (The tagDiv Composer WordPress plugin before 4.2, used as a
companion b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-39780 (ASUS RT-AX55 v3.0.0.4.386.51598 was discovered to contain an
authentic ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2023-39227 (Softneta MedDream PACSstores usernames and passwords in
plaintext. The ...)
- TODO: check
+ NOT-FOR-US: Softneta MedDream PACS
CVE-2023-39070 (An issue in Cppcheck 2.12 dev allows a local attacker to
execute arbit ...)
TODO: check
CVE-2023-39068 (Buffer Overflow vulnerability in NBD80S09S-KLC
v.YK_HZXM_NBD80S09S-KLC ...)
TODO: check
CVE-2023-39067 (Cross Site Scripting vulnerability in ZLMediaKiet v.4.0 and
v.5.0 allo ...)
- TODO: check
+ NOT-FOR-US: ZLMediaKiet
CVE-2023-39063 (Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a
local at ...)
- TODO: check
+ NOT-FOR-US: RaidenFTPD
CVE-2023-38829 (An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote
attacker ...)
- TODO: check
+ NOT-FOR-US: NETIS SYSTEMS WF2409E
CVE-2023-38743 (Zoho ManageEngine ADManager Plus before Build 7200 allows
admin users ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2023-38256 (Dover Fueling Solutions MAGLINK LX Web Console Configuration
versions ...)
- TODO: check
+ NOT-FOR-US: Dover Fueling Solutions MAGLINK LX Web Console Configuration
CVE-2023-36980 (An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause
the balanc ...)
TODO: check
CVE-2023-36497 (Dover Fueling Solutions MAGLINK LX Web Console Configuration
versions ...)
- TODO: check
+ NOT-FOR-US: Dover Fueling Solutions MAGLINK LX Web Console Configuration
CVE-2023-36161 (An issue was discovered in Qubo Smart Plug 10A version
HSP02_01_01_14_ ...)
- TODO: check
+ NOT-FOR-US: Qubo
CVE-2023-36140 (In PHPJabbers Cleaning Business Software 1.0, there is no
encryption o ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-31468 (An issue was discovered in Inosoft VisiWin 7 through 2022-2.1
(Runtime ...)
- TODO: check
+ NOT-FOR-US: Inosoft
CVE-2023-2705 (The gAppointments WordPress plugin before 1.10.0 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4816 (A vulnerability exists in the Equipment Tag Out authentication,
when c ...)
TODO: check
CVE-2023-42471 (The wave.ai.browser application through 1.0.35 for Android
allows a re ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b24ba4809d2132c6678190c53cff830ca423a05
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b24ba4809d2132c6678190c53cff830ca423a05
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
