Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5ffc9601 by Moritz Muehlenhoff at 2023-11-29T10:52:31+01:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -5,7 +5,7 @@ CVE-2023-48193 (Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 a CVE-2023-47462 (Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and befor ...) NOT-FOR-US: GL.iNet AX1800 CVE-2023-46944 (An issue in GitKraken GitLens before v.14.0.0 allows an attacker to ex ...) - TODO: check + NOT-FOR-US: GitKraken GitLens CVE-2023-46887 (In Dreamer CMS before 4.0.1, the backend attachment management office ...) NOT-FOR-US: Dreamer CMS CVE-2023-46886 (Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. ...) @@ -57,7 +57,7 @@ CVE-2023-49313 (A dylib injection vulnerability in XMachOViewer 0.04 allows atta CVE-2023-49078 (raptor-web is a CMS for game server communities that can be used to ho ...) NOT-FOR-US: raptor-web CMS CVE-2023-49062 (Katran could disclose non-initialized kernel memory as part of an IP h ...) - TODO: check + NOT-FOR-US: Katran CVE-2023-48848 (An arbitrary file read vulnerability in ureport v2.2.9 allows a remote ...) NOT-FOR-US: ureport CVE-2023-48121 (An authentication bypass vulnerability in the Direct Connection Module ...) @@ -115,7 +115,7 @@ CVE-2023-5773 CVE-2023-5650 (An improper privilege management vulnerability in the ZySH of the Zyxe ...) NOT-FOR-US: Zyxel CVE-2023-4667 (The web interface of the PAC Device allows the device administrator us ...) - TODO: check + NOT-FOR-US: SIGMA CVE-2023-4398 (An integer overflow vulnerability in the source code of the QuickSec I ...) NOT-FOR-US: Zyxel CVE-2023-4397 (A buffer overflow vulnerability in the Zyxel ATP series firmware versi ...) @@ -143,7 +143,7 @@ CVE-2023-49044 (Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a CVE-2023-49030 (SQL Injection vulnerability in32ns KLive v.2019-1-19 and before allows ...) NOT-FOR-US: in32ns KLive CVE-2023-48713 (Knative Serving builds on Kubernetes to support deploying and serving ...) - TODO: check + NOT-FOR-US: Knative CVE-2023-48188 (SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4 ...) NOT-FOR-US: PrestaShop opartdevis CVE-2023-48034 (An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker ...) @@ -155,9 +155,9 @@ CVE-2023-48022 (Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute CVE-2023-47503 (An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker to exec ...) NOT-FOR-US: jflyfox jfinalCMS CVE-2023-47437 (A vulnerability has been identified in Pachno 1.0.6 allowing an authen ...) - TODO: check + NOT-FOR-US: Pachno CVE-2023-46480 (An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitr ...) - TODO: check + NOT-FOR-US: Owncast CVE-2023-46355 (In the module "CSV Feeds PRO" (csvfeeds) < 2.6.1 from Bl Modules for P ...) NOT-FOR-US: PrestaShop module CVE-2023-46349 (In the module "Product Catalog (CSV, Excel) Export/Update" (updateprod ...) @@ -254,7 +254,7 @@ CVE-2023-4922 (The WPB Show Core WordPress plugin through 2.2 is vulnerable to a CVE-2023-4642 (The kk Star Ratings WordPress plugin before 5.4.6 does not implement a ...) NOT-FOR-US: WordPress plugin CVE-2023-4590 (Buffer overflow vulnerability in Frhed hex editor, affecting version 1 ...) - TODO: check + NOT-FOR-US: Frhed CVE-2023-4514 (The Mmm Simple File List WordPress plugin through 2.3 does not validat ...) NOT-FOR-US: WordPress plugin CVE-2023-4297 (The Mmm Simple File List WordPress plugin through 2.3 does not validat ...) @@ -353,9 +353,9 @@ CVE-2023-6301 (A vulnerability has been found in SourceCodester Best Courier Man CVE-2023-6300 (A vulnerability, which was classified as problematic, was found in Sou ...) NOT-FOR-US: SourceCodester Best Courier Management System CVE-2023-6299 (A vulnerability, which was classified as problematic, has been found i ...) - TODO: check + NOT-FOR-US: Apryse iText CVE-2023-6298 (A vulnerability classified as problematic was found in Apryse iText 8. ...) - TODO: check + NOT-FOR-US: Apryse iText CVE-2023-6297 (A vulnerability classified as problematic has been found in PHPGurukul ...) NOT-FOR-US: PHPGurukul CVE-2023-6296 (A vulnerability was found in osCommerce 4. It has been rated as proble ...) @@ -32777,7 +32777,7 @@ CVE-2023-29772 (A Cross-site scripting (XSS) vulnerability in the System Log/Gen CVE-2023-29771 RESERVED CVE-2023-29770 (In Sentrifugo 3.5, the AssetsController::uploadsaveAction function all ...) - TODO: check + NOT-FOR-US: Sentrifugo CVE-2023-29769 RESERVED CVE-2023-29768 @@ -50736,7 +50736,7 @@ CVE-2023-24025 (CRYSTALS-DILITHIUM (in Post-Quantum Cryptography Selected Algori CVE-2023-24024 RESERVED CVE-2023-24023 (Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connect ...) - TODO: check + NOT-FOR-US: Bluetooth protocol issue CVE-2023-24022 (Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with ...) NOT-FOR-US: Baicells CVE-2023-0432 (The web configuration service of the affected device contains an authe ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ffc9601389ce592140038c440b2684034a27851 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ffc9601389ce592140038c440b2684034a27851 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits