Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 036fa37f by Salvatore Bonaccorso at 2023-11-21T21:40:42+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,5 +1,5 @@ CVE-2023-6235 (An uncontrolled search path element vulnerability has been found in th ...) - TODO: check + NOT-FOR-US: Duet Display for Windows CVE-2023-6213 (Memory safety bugs present in Firefox 119. Some of these bugs showed e ...) - firefox <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-49/#CVE-2023-6213 @@ -59,13 +59,13 @@ CVE-2023-6204 (On some systems\u2014depending on the graphics settings and drive NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-50/#CVE-2023-6204 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-52/#CVE-2023-6204 CVE-2023-5776 (The Post Meta Data Manager plugin for WordPress is vulnerable to Cross ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-5599 (A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboar ...) - TODO: check + NOT-FOR-US: 3DDashboard in 3DSwymer from Release 3DEXPERIENCE CVE-2023-5598 (Stored Cross-site Scripting (XSS) vulnerabilities\xc2affecting 3DSwym ...) - TODO: check + NOT-FOR-US: 3DSwym in 3DSwymer from Release 3DEXPERIENCE CVE-2023-5055 (Possible variant of CVE-2021-3434 in function le_ecred_reconf_req.) - TODO: check + NOT-FOR-US: zephyr-rtos CVE-2023-49061 (An attacker could have performed HTML template injection via Reader Mo ...) TODO: check CVE-2023-49060 (An attacker could have accessed internal pages or data by ex-filtratin ...) @@ -73,9 +73,9 @@ CVE-2023-49060 (An attacker could have accessed internal pages or data by ex-fil CVE-2023-48226 (OpenReplay is a self-hosted session replay suite. In version 1.14.0, d ...) TODO: check CVE-2023-48124 (Cross Site Scripting in SUP Online Shopping v.1.0 allows a remote atta ...) - TODO: check + NOT-FOR-US: SUP Online Shopping CVE-2023-47643 (SuiteCRM is a Customer Relationship Management (CRM) software applicat ...) - TODO: check + NOT-FOR-US: SuiteCRM CVE-2023-46377 REJECTED CVE-2023-6199 (Book Stack version 23.10.2 allows filtering local files on the server. ...) @@ -35198,7 +35198,7 @@ CVE-2023-28804 (An Improper Verification of Cryptographic Signature vulnerabilit CVE-2023-28803 (An authentication bypass by spoofing of a device with a synthetic IP a ...) NOT-FOR-US: Zscaler Client Connector CVE-2023-28802 (An Improper Validation of Integrity Check Value in Zscaler Client Conn ...) - TODO: check + NOT-FOR-US: Zscaler Client Connector on Windows CVE-2023-28801 (An Improper Verification of Cryptographic Signature in the SAML authen ...) NOT-FOR-US: Zscaler CVE-2023-28800 (When using local accounts for administration, the redirect url paramet ...) @@ -54982,7 +54982,7 @@ CVE-2023-22523 CVE-2023-22522 RESERVED CVE-2023-22521 (This High severity RCE (Remote Code Execution) vulnerability was intro ...) - TODO: check + NOT-FOR-US: Crowd Data Center and Server CVE-2023-22520 RESERVED CVE-2023-22519 @@ -54992,7 +54992,7 @@ CVE-2023-22518 (All versions of Confluence Data Center and Server are affected b CVE-2023-22517 RESERVED CVE-2023-22516 (This High severity RCE (Remote Code Execution) vulnerability was intro ...) - TODO: check + NOT-FOR-US: Bamboo Data Center and Server CVE-2023-22515 (Atlassian has been made aware of an issue reported by a handful of cus ...) NOT-FOR-US: Atlassian CVE-2023-22514 @@ -71901,11 +71901,11 @@ CVE-2023-20276 CVE-2023-20275 RESERVED CVE-2023-20274 (A vulnerability in the installer script of Cisco AppDynamics PHP Agent ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20273 (A vulnerability in the web UI feature of Cisco IOS XE Software could a ...) NOT-FOR-US: Cisco CVE-2023-20272 (A vulnerability in the web-based management interface of Cisco Identit ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20271 RESERVED CVE-2023-20270 (A vulnerability in the interaction between the Server Message Block (S ...) @@ -71919,7 +71919,7 @@ CVE-2023-20267 (A vulnerability in the IP geolocation rules of Snort 3 could all CVE-2023-20266 (A vulnerability in Cisco Emergency Responder, Cisco Unified Communicat ...) NOT-FOR-US: Cisco CVE-2023-20265 (A vulnerability in the web-based management interface of a small subse ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20264 (A vulnerability in the implementation of Security Assertion Markup Lan ...) NOT-FOR-US: Cisco CVE-2023-20263 (A vulnerability in the web-based management interface of Cisco HyperFl ...) @@ -72038,7 +72038,7 @@ CVE-2023-20210 (A vulnerability in Cisco BroadWorks could allow an authenticated CVE-2023-20209 (A vulnerability in the web-based management interface of Cisco Express ...) NOT-FOR-US: Cisco CVE-2023-20208 (A vulnerability in the web-based management interface of Cisco ISE cou ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20207 (A vulnerability in the logging component of Cisco Duo Authentication P ...) NOT-FOR-US: Cisco CVE-2023-20206 (Multiple vulnerabilities in the web-based management interface of Cisc ...) @@ -189870,11 +189870,11 @@ CVE-2021-27506 (The ClamAV Engine (version 0.103.1 and below) component embedded CVE-2021-27505 (mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized ...) NOT-FOR-US: mySCADA myPRO CVE-2021-27504 (Texas Instruments devices running FREERTOS, malloc returns a valid po ...) - TODO: check + NOT-FOR-US: Texas Instruments devices CVE-2021-27503 (Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: ...) NOT-FOR-US: Ypsomed CVE-2021-27502 (Texas Instruments TI-RTOS, when configured to use HeapMem heap(default ...) - TODO: check + NOT-FOR-US: Texas Instruments TI-RTOS CVE-2021-27501 (Philips Vue PACS versions 12.2.x.x and prior does not follow certain c ...) NOT-FOR-US: Philips Vue PACS CVE-2021-27500 (A specifically crafted packet sent by an attacker to EIPStackGroup OpE ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/036fa37f9a01e34a3c460bdfe7e3f6bda9ef2297 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/036fa37f9a01e34a3c460bdfe7e3f6bda9ef2297 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits