Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ffc9601 by Moritz Muehlenhoff at 2023-11-29T10:52:31+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2023-48193 (Insecure Permissions vulnerability in
JumpServer GPLv3 v.3.8.0 a
CVE-2023-47462 (Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215
and befor ...)
NOT-FOR-US: GL.iNet AX1800
CVE-2023-46944 (An issue in GitKraken GitLens before v.14.0.0 allows an
attacker to ex ...)
- TODO: check
+ NOT-FOR-US: GitKraken GitLens
CVE-2023-46887 (In Dreamer CMS before 4.0.1, the backend attachment management
office ...)
NOT-FOR-US: Dreamer CMS
CVE-2023-46886 (Dreamer CMS before version 4.0.1 is vulnerable to Directory
Traversal. ...)
@@ -57,7 +57,7 @@ CVE-2023-49313 (A dylib injection vulnerability in
XMachOViewer 0.04 allows atta
CVE-2023-49078 (raptor-web is a CMS for game server communities that can be
used to ho ...)
NOT-FOR-US: raptor-web CMS
CVE-2023-49062 (Katran could disclose non-initialized kernel memory as part of
an IP h ...)
- TODO: check
+ NOT-FOR-US: Katran
CVE-2023-48848 (An arbitrary file read vulnerability in ureport v2.2.9 allows
a remote ...)
NOT-FOR-US: ureport
CVE-2023-48121 (An authentication bypass vulnerability in the Direct
Connection Module ...)
@@ -115,7 +115,7 @@ CVE-2023-5773
CVE-2023-5650 (An improper privilege management vulnerability in the ZySH of
the Zyxe ...)
NOT-FOR-US: Zyxel
CVE-2023-4667 (The web interface of the PAC Device allows the device
administrator us ...)
- TODO: check
+ NOT-FOR-US: SIGMA
CVE-2023-4398 (An integer overflow vulnerability in the source code of the
QuickSec I ...)
NOT-FOR-US: Zyxel
CVE-2023-4397 (A buffer overflow vulnerability in the Zyxel ATP series
firmware versi ...)
@@ -143,7 +143,7 @@ CVE-2023-49044 (Stack Overflow vulnerability in Tenda
AX1803 v.1.0.0.1 allows a
CVE-2023-49030 (SQL Injection vulnerability in32ns KLive v.2019-1-19 and
before allows ...)
NOT-FOR-US: in32ns KLive
CVE-2023-48713 (Knative Serving builds on Kubernetes to support deploying and
serving ...)
- TODO: check
+ NOT-FOR-US: Knative
CVE-2023-48188 (SQL injection vulnerability in PrestaShop opartdevis v.4.5.18
thru v.4 ...)
NOT-FOR-US: PrestaShop opartdevis
CVE-2023-48034 (An issue discovered in Acer Wireless Keyboard SK-9662 allows
attacker ...)
@@ -155,9 +155,9 @@ CVE-2023-48022 (Anyscale Ray 2.6.3 and 2.8.0 allows a
remote attacker to execute
CVE-2023-47503 (An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker
to exec ...)
NOT-FOR-US: jflyfox jfinalCMS
CVE-2023-47437 (A vulnerability has been identified in Pachno 1.0.6 allowing
an authen ...)
- TODO: check
+ NOT-FOR-US: Pachno
CVE-2023-46480 (An issue in OwnCast v.0.1.1 allows a remote attacker to
execute arbitr ...)
- TODO: check
+ NOT-FOR-US: Owncast
CVE-2023-46355 (In the module "CSV Feeds PRO" (csvfeeds) < 2.6.1 from Bl
Modules for P ...)
NOT-FOR-US: PrestaShop module
CVE-2023-46349 (In the module "Product Catalog (CSV, Excel) Export/Update"
(updateprod ...)
@@ -254,7 +254,7 @@ CVE-2023-4922 (The WPB Show Core WordPress plugin through
2.2 is vulnerable to a
CVE-2023-4642 (The kk Star Ratings WordPress plugin before 5.4.6 does not
implement a ...)
NOT-FOR-US: WordPress plugin
CVE-2023-4590 (Buffer overflow vulnerability in Frhed hex editor, affecting
version 1 ...)
- TODO: check
+ NOT-FOR-US: Frhed
CVE-2023-4514 (The Mmm Simple File List WordPress plugin through 2.3 does not
validat ...)
NOT-FOR-US: WordPress plugin
CVE-2023-4297 (The Mmm Simple File List WordPress plugin through 2.3 does not
validat ...)
@@ -353,9 +353,9 @@ CVE-2023-6301 (A vulnerability has been found in
SourceCodester Best Courier Man
CVE-2023-6300 (A vulnerability, which was classified as problematic, was found
in Sou ...)
NOT-FOR-US: SourceCodester Best Courier Management System
CVE-2023-6299 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: Apryse iText
CVE-2023-6298 (A vulnerability classified as problematic was found in Apryse
iText 8. ...)
- TODO: check
+ NOT-FOR-US: Apryse iText
CVE-2023-6297 (A vulnerability classified as problematic has been found in
PHPGurukul ...)
NOT-FOR-US: PHPGurukul
CVE-2023-6296 (A vulnerability was found in osCommerce 4. It has been rated as
proble ...)
@@ -32777,7 +32777,7 @@ CVE-2023-29772 (A Cross-site scripting (XSS)
vulnerability in the System Log/Gen
CVE-2023-29771
RESERVED
CVE-2023-29770 (In Sentrifugo 3.5, the AssetsController::uploadsaveAction
function all ...)
- TODO: check
+ NOT-FOR-US: Sentrifugo
CVE-2023-29769
RESERVED
CVE-2023-29768
@@ -50736,7 +50736,7 @@ CVE-2023-24025 (CRYSTALS-DILITHIUM (in Post-Quantum
Cryptography Selected Algori
CVE-2023-24024
RESERVED
CVE-2023-24023 (Bluetooth BR/EDR devices with Secure Simple Pairing and Secure
Connect ...)
- TODO: check
+ NOT-FOR-US: Bluetooth protocol issue
CVE-2023-24022 (Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB
devices with ...)
NOT-FOR-US: Baicells
CVE-2023-0432 (The web configuration service of the affected device contains
an authe ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ffc9601389ce592140038c440b2684034a27851
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ffc9601389ce592140038c440b2684034a27851
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
