Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 93272fd1 by Salvatore Bonaccorso at 2023-09-12T22:46:26+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -57,75 +57,75 @@ CVE-2023-40712 (Apache Airflow, versions before 2.7.1, is affected by a vulnerab CVE-2023-40611 (Apache Airflow, versions before 2.7.1, is affected by a vulnerability ...) - airflow <itp> (bug #819700) CVE-2023-40218 (An issue was discovered in the NPU kernel driver in Samsung Exynos Mob ...) - TODO: check + NOT-FOR-US: Samsung CVE-2023-3712 (Files or Directories Accessible to External Parties vulnerability in H ...) TODO: check CVE-2023-3711 (Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Print ...) TODO: check CVE-2023-3710 (Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, A ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-39637 (D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injecti ...) - TODO: check + NOT-FOR-US: D-Link CVE-2023-39215 (Improper authentication in Zoom clients may allow an authenticated use ...) - TODO: check + NOT-FOR-US: Zoom CVE-2023-39208 (Improper input validation in Zoom Desktop Client for Linux before vers ...) - TODO: check + NOT-FOR-US: Zoom CVE-2023-39201 (Untrusted search path in CleanZoom before file date 07/24/2023 may all ...) - TODO: check + NOT-FOR-US: Zoom CVE-2023-39150 (ConEmu before commit 230724 does not sanitize title responses correctl ...) - TODO: check + NOT-FOR-US: ConEmu CVE-2023-38164 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38163 (Windows Defender Attack Surface Reduction Security Feature Bypass) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38162 (DHCP Server Service Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38161 (Windows GDI Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38160 (Windows TCP/IP Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38156 (Azure HDInsight Apache Ambari Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38155 (Azure DevOps Server Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38152 (DHCP Server Service Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38150 (Windows Kernel Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38149 (Windows TCP/IP Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38148 (Internet Connection Sharing (ICS) Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38147 (Windows Miracast Wireless Display Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38146 (Windows Themes Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38144 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38143 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38142 (Windows Kernel Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38141 (Windows Kernel Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38140 (Windows Kernel Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38139 (Windows Kernel Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-38076 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-38075 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-38074 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-38073 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-38072 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-38071 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-38070 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-37881 (Weak access control in Wing FTP Server (Admin Web Client) allows for p ...) TODO: check CVE-2023-37879 (Insecure storage of sensitive information in Wing FTP Server (User Web ...) @@ -135,85 +135,85 @@ CVE-2023-37878 (Insecure default permissions in Wing FTP Server (Admin Web Clien CVE-2023-37875 (Improper encoding or escaping of output in Wing FTP Server (User Web C ...) TODO: check CVE-2023-36886 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36805 (Windows MSHTML Platform Security Feature Bypass Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36804 (Windows GDI Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36803 (Windows Kernel Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36802 (Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36801 (DHCP Server Service Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36800 (Dynamics Finance and Operations Cross-site Scripting Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36799 (.NET Core and Visual Studio Denial of Service Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36796 (Visual Studio Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36794 (Visual Studio Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36793 (Visual Studio Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36792 (Visual Studio Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36788 (.NET Framework Remote Code Execution Vulnerability) TODO: check CVE-2023-36777 (Microsoft Exchange Server Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36773 (3D Builder Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36772 (3D Builder Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36771 (3D Builder Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36770 (3D Builder Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36767 (Microsoft Office Security Feature Bypass Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36766 (Microsoft Excel Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36765 (Microsoft Office Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36764 (Microsoft SharePoint Server Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36763 (Microsoft Outlook Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36762 (Microsoft Word Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36761 (Microsoft Word Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36760 (3D Viewer Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36759 (Visual Studio Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36758 (Visual Studio Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36757 (Microsoft Exchange Server Spoofing Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36756 (Microsoft Exchange Server Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36745 (Microsoft Exchange Server Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36744 (Microsoft Exchange Server Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36742 (Visual Studio Code Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36740 (3D Viewer Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36739 (3D Viewer Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-36736 (Microsoft Identity Linux Broker Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-35355 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-34470 (AMI AptioV contains a vulnerability in BIOS where an Attacker may use ...) TODO: check CVE-2023-34469 (AMI AptioV contains a vulnerability in BIOS where an Attacker may use ...) TODO: check CVE-2023-33136 (Azure DevOps Server Remote Code Execution Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-XXXX [receiving with Lightning: partial MPP might be accepted] - electrum 4.4.6+dfsg-1 NOTE: https://github.com/spesmilo/electrum/security/advisories/GHSA-8r85-vp7r-hjxf View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93272fd1f44f296ce880565f287fc8d1a3b37c39 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93272fd1f44f296ce880565f287fc8d1a3b37c39 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits