[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0a5dde93 by Salvatore Bonaccorso at 2024-05-25T07:23:57+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -59,7 +59,7 @@ CVE-2023-49573 (A vulnerability has been discovered in VX Search Enterprise affe CVE-2023-49572 (A vulnerability has been discovered in VX Search Enterprise affecting ...) TODO: check CVE-2023-47710 (IBM Security Guardium 11.4, 11.5, and 12.0 is vulnerable to cross-site ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-46442 (An infinite loop in the retrieveActiveBody function of Soot before v4. ...) TODO: check CVE-2023-52880 (In the Linux kernel, the following vulnerability has been resolved: t ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a5dde93bae0364d58effb26556a3cd5af94c7e4 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a5dde93bae0364d58effb26556a3cd5af94c7e4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 297d11c3 by Salvatore Bonaccorso at 2024-05-17T22:34:02+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -,7 +,7 @@ CVE-2024-1417 (Improper Neutralization of Special Elements used in a Command ('C CVE-2023-48643 (Shrubbery tac_plus 2.x, 3.x. and 4.x through F4.0.4.28 allows unauthen ...) TODO: check CVE-2023-47717 (IBM Security Guardium 12.0 could allow a privileged user to perform un ...) - TODO: check + NOT-FOR-US: IBM CVE-2024-4910 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) NOT-FOR-US: Campcodes Complete Web-Based School Management System CVE-2024-4909 (A vulnerability was found in Campcodes Complete Web-Based School Manag ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/297d11c339e2aa0a4bc925604dd879bd678c9eb6 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/297d11c339e2aa0a4bc925604dd879bd678c9eb6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ef17ba59 by Salvatore Bonaccorso at 2024-05-05T12:29:54+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -81737,7 +81737,7 @@ CVE-2023-27285 (IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerabl CVE-2023-27284 (IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to ...) NOT-FOR-US: IBM CVE-2023-27283 (IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumera ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-27282 RESERVED CVE-2023-27281 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef17ba597719522fe32bfc25762133f8f45998fb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef17ba597719522fe32bfc25762133f8f45998fb You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0438b0c4 by Salvatore Bonaccorso at 2024-04-29T07:13:41+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9,7 +9,7 @@ CVE-2024-33883 (The ejs (aka Embedded JavaScript templates) package before 3.1.1 CVE-2024-33851 (phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based t ...) TODO: check CVE-2024-25050 (IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2 ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-52722 (An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zm ...) TODO: check CVE-2022-48685 (An issue was discovered in Logpoint 7.1 before 7.1.2. The daily execut ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0438b0c4b96985b22beca25ab80407cd738e3686 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0438b0c4b96985b22beca25ab80407cd738e3686 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e63810ce by Salvatore Bonaccorso at 2024-04-27T22:28:48+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -25,7 +25,7 @@ CVE-2024-3342 (The Timetable and Event Schedule by MotoPress plugin for WordPres CVE-2024-3309 (The Qi Addons For Elementor plugin for WordPress is vulnerable to Stor ...) TODO: check CVE-2024-25048 (IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based buffer ...) - TODO: check + NOT-FOR-US: IBM CVE-2024-4245 (A vulnerability, which was classified as critical, has been found in T ...) NOT-FOR-US: Tenda CVE-2024-4244 (A vulnerability classified as critical was found in Tenda W9 1.0.0.7(4 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e63810ce2d20c65c0201e716b4e68cc4a681e00b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e63810ce2d20c65c0201e716b4e68cc4a681e00b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 34511d1f by Salvatore Bonaccorso at 2024-04-27T20:32:35+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -137,7 +137,7 @@ CVE-2024-32766 (An OS command injection vulnerability has been reported to affec CVE-2024-32764 (A missing authentication for critical function vulnerability has been ...) TODO: check CVE-2024-32730 (SAP Enable Now Manager does not perform necessary authorization checks ...) - TODO: check + NOT-FOR-US: SAP CVE-2024-32476 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...) TODO: check CVE-2024-32046 (Mattermost versions 9.6.x <= 9.6.0, 9.5.x <= 9.5.2, 9.4.x <= 9.4.4 and ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34511d1fd84f0731eb7fc2aabb03609b906b8514 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34511d1fd84f0731eb7fc2aabb03609b906b8514 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 98112a68 by Salvatore Bonaccorso at 2024-04-25T22:26:44+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -91,7 +91,7 @@ CVE-2024-25624 (Iris is a web collaborative platform aiming to help incident res CVE-2024-25569 (An out-of-bounds read vulnerability exists in the RAWCodec::DecodeByte ...) TODO: check CVE-2024-25026 (IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Applicatio ...) - TODO: check + NOT-FOR-US: IBM CVE-2024-22391 (A heap-based buffer overflow vulnerability exists in the LookupTable:: ...) TODO: check CVE-2024-22373 (An out-of-bounds write vulnerability exists in the JPEG2000Codec::Deco ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98112a68d5d01ff180422555385f8a532c1dce7b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98112a68d5d01ff180422555385f8a532c1dce7b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d93f96a1 by Salvatore Bonaccorso at 2024-04-11T22:30:23+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -93,7 +93,7 @@ CVE-2023-5393 (Server receiving a malformed message that causes a disconnect to CVE-2023-5392 (C300 information leak due to an analysis feature which allows extracti ...) TODO: check CVE-2023-50949 (IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauth ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-32295 (Missing Authorization vulnerability in Alex Tselegidis Easy!Appointmen ...) TODO: check CVE-2023-32228 (A firmware bug which may lead to misinterpretation of data in the AMC2 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d93f96a1e23adfbcc4e7a9a203fba352bac171e9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d93f96a1e23adfbcc4e7a9a203fba352bac171e9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e2750275 by Salvatore Bonaccorso at 2024-04-02T22:15:00+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -83,7 +83,7 @@ CVE-2023-51453 (A Improper Input Validation issue affecting the v2_sdk_service r CVE-2023-51452 (A Improper Input Validation issue affecting the v2_sdk_service running ...) TODO: check CVE-2023-50313 (IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than ...) - TODO: check + NOT-FOR-US: IBM CVE-2024-3165 (System->Maintenance-> Log Files in dotCMS dashboard is providing the u ...) NOT-FOR-US: dotCMS CVE-2024-3164 (In dotCMS dashboard, the Tools and Log Files tabs under System \u2192 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2750275257a1ea1e5fd8727cde73fc7993e9734 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2750275257a1ea1e5fd8727cde73fc7993e9734 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3d77c71a by Salvatore Bonaccorso at 2024-03-15T21:42:43+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -21,7 +21,7 @@ CVE-2024-2445 (Mattermost Jira plugin versions shipped with Mattermost versions CVE-2024-28854 (tls-listener is a rust lang wrapper around a connection listener to su ...) TODO: check CVE-2024-28851 (The Snowflake Hive metastore connector provides an easy way to query H ...) - TODO: check + NOT-FOR-US: Snowflake Hive metastore connector CVE-2024-28848 (OpenMetadata is a unified platform for discovery, observability, and g ...) NOT-FOR-US: OpenMetadata CVE-2024-28847 (OpenMetadata is a unified platform for discovery, observability, and g ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d77c71a2add3be7bb8b63da7d2292aee6851340 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d77c71a2add3be7bb8b63da7d2292aee6851340 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5bcd9c0c by Salvatore Bonaccorso at 2024-03-14T22:05:28+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,5 @@ +CVE-2024-28752 + NOT-FOR-US: Apache CXF CVE-2024-23944 - zookeeper NOTE: https://www.openwall.com/lists/oss-security/2024/03/14/2 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bcd9c0c90cbf31b098a019dce67f549f115e5de -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bcd9c0c90cbf31b098a019dce67f549f115e5de You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 823a8618 by Salvatore Bonaccorso at 2024-03-09T17:53:01+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -18,7 +18,7 @@ CVE-2024-28176 (jose is JavaScript module for JSON Object Signing and Encryption CVE-2024-28123 (Wasmi is an efficient and lightweight WebAssembly interpreter with a f ...) NOT-FOR-US: Wasmi CVE-2024-28122 (JWX is Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherw ...) - TODO: check + NOT-FOR-US: lestrrat-go/jwx CVE-2024-28089 (Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote att ...) NOT-FOR-US: Hitron CODA-4582 2AHKM-CODA4589 CVE-2024-25951 (A command injection vulnerability exists in local RACADM. A malicious ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/823a861800d7b73c8b200f70ce873efebc67ce9a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/823a861800d7b73c8b200f70ce873efebc67ce9a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3348a884 by Salvatore Bonaccorso at 2024-03-09T17:48:12+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -485,7 +485,7 @@ CVE-2024-27916 (Minder is a software supply chain security platform. Prior to ve CVE-2024-27915 (Sulu is a PHP content management system. Starting in verson 2.2.0 and ...) NOT-FOR-US: Sulu CVE-2024-27307 (JSONata is a JSON query and transformation language. Starting in versi ...) - TODO: check + NOT-FOR-US: jsonata-js CVE-2024-27304 (pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur ...) - golang-github-jackc-pgx (bug #1065687) [bookworm] - golang-github-jackc-pgx (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3348a884c06478bfd24516d1c0bf7ca63fee0d35 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3348a884c06478bfd24516d1c0bf7ca63fee0d35 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 726ac5f4 by Salvatore Bonaccorso at 2024-02-29T10:22:56+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -53719,7 +53719,7 @@ CVE-2023-1843 (The Metform Elementor Contact Form Builder plugin for WordPress i CVE-2023-1842 REJECTED CVE-2023-1841 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-29272 RESERVED CVE-2023-29271 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726ac5f45dfdb45a740de16a74dcef21d11f0226 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726ac5f45dfdb45a740de16a74dcef21d11f0226 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f831c50f by Salvatore Bonaccorso at 2024-02-20T22:42:42+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -86,7 +86,7 @@ CVE-2024-22097 (A double-free vulnerability exists in the BrainVision Header Par - biosig 2.6.0-1 NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1917 CVE-2024-22054 (A malformed discovery packet sent by a malicious actor with preexistin ...) - TODO: check + NOT-FOR-US: UniFi CVE-2024-21812 (An integer overflow vulnerability exists in the sopen_FAMOS_read funct ...) - biosig 2.6.0-1 NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1921 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f831c50f3d2e418bb249bde6ac8b3d504c3eecfb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f831c50f3d2e418bb249bde6ac8b3d504c3eecfb You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2fa9d9a3 by Salvatore Bonaccorso at 2024-02-20T21:36:18+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -315,7 +315,7 @@ CVE-2023-51770 (Arbitrary File Read Vulnerability in Apache Dolphinscheduler. T CVE-2023-51447 (Decidim is a participatory democracy framework. Starting in version 0. ...) TODO: check CVE-2023-50306 (IBM Common Licensing 9.0 could allow a local user to enumerate usernam ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-50270 (Session Fixation Apache DolphinScheduler before version 3.2.0, which s ...) TODO: check CVE-2023-49250 (Because the HttpUtils class did not verify certificates, an attacker t ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2fa9d9a33b28604d1aa5e9995c380954984f6e1d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2fa9d9a33b28604d1aa5e9995c380954984f6e1d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 39f21621 by Salvatore Bonaccorso at 2024-02-14T21:31:00+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -185,7 +185,7 @@ CVE-2023-48729 CVE-2023-48229 (Contiki-NG is an open-source, cross-platform operating system for Next ...) TODO: check CVE-2023-46186 (IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized u ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-45850 REJECTED CVE-2023-45738 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39f216217b1e1c908aa6cacaedc2cfbd1d6d7e85 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39f216217b1e1c908aa6cacaedc2cfbd1d6d7e85 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 45fc5001 by Salvatore Bonaccorso at 2024-02-14T08:06:01+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,5 @@ +CVE-2024-1342 + NOT-FOR-US: Red Hat OpenShift CVE-2024-25122 (sidekiq-unique-jobs is an open source project which prevents simultane ...) TODO: check CVE-2024-24925 (A vulnerability has been identified in Simcenter Femap (All versions < ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45fc5001129355db28bd923abea327ce947d64f3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45fc5001129355db28bd923abea327ce947d64f3 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 094b44c5 by Salvatore Bonaccorso at 2024-02-13T20:26:16+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -40,7 +40,7 @@ CVE-2024-25643 (The SAP Fiori app (My Overtime Request) - version 605, does not CVE-2024-25642 (Due to improper validation of certificate in SAP Cloud Connector - ver ...) NOT-FOR-US: SAP CVE-2024-25407 (SteVe v3.6.0 was discovered to use predictable transaction ID's when r ...) - TODO: check + NOT-FOR-US: SteVe CVE-2024-25360 (A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks infor ...) NOT-FOR-US: Motorola CVE-2024-25112 (Exiv2 is a command-line utility and C++ library for reading, writing, ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/094b44c5722adaea23890ae8c46e810e8c301c96 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/094b44c5722adaea23890ae8c46e810e8c301c96 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c7eccc52 by Salvatore Bonaccorso at 2024-02-08T08:21:04+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,5 @@ +CVE-2024-1300 + NOT-FOR-US: Eclipse Vertx CVE-2024-1066 [Resource exhaustion using GraphQL vulnerabilitiesCountByDay] - gitlab NOTE: https://about.gitlab.com/releases/2024/02/07/security-release-gitlab-16-8-2-released/#resource-exhaustion-using-graphql-vulnerabilitiescountbyday View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7eccc526f6ed80aadb6700952e7b52b77d8e333 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7eccc526f6ed80aadb6700952e7b52b77d8e333 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: dd48cbc8 by Salvatore Bonaccorso at 2024-01-23T09:38:15+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -65,7 +65,7 @@ CVE-2024-22768 (Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4. CVE-2024-0587 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for WordPress is ...) TODO: check CVE-2023-47141 (IIBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11. ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-42937 (A privacy issue was addressed with improved private data redaction for ...) TODO: check CVE-2023-42935 (An authentication issue was addressed with improved state management. ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd48cbc8e6cbc2a5f3574675cb1f4ada79dd51f1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd48cbc8e6cbc2a5f3574675cb1f4ada79dd51f1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d72970a0 by Salvatore Bonaccorso at 2024-01-08T22:09:51+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -121,7 +121,7 @@ CVE-2023-47890 (pyLoad 0.5.0 is vulnerable to Unrestricted File Upload.) CVE-2023-47211 (A directory traversal vulnerability exists in the uploadMib functional ...) NOT-FOR-US: ManageEngine OpManager CVE-2023-41710 (User-defined script code could be stored for a upsell related shop URL ...) - TODO: check + NOT-FOR-US: Open-Xchange CVE-2023-39444 (Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing ...) TODO: check CVE-2023-39443 (Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d72970a08be35a33268a75bd968177934602c35f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d72970a08be35a33268a75bd968177934602c35f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 1badb9be by Salvatore Bonaccorso at 2024-01-05T13:19:38+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -32,7 +32,7 @@ CVE-2023-52150 (Cross-Site Request Forgery (CSRF) vulnerability in Ovation S.R.L CVE-2023-51502 (Authorization Bypass Through User-Controlled Key vulnerability in WooC ...) NOT-FOR-US: WordPress plugin CVE-2023-51277 (nbviewer-app (aka Jupyter Notebook Viewer) before 0.1.6 has the get-ta ...) - TODO: check + NOT-FOR-US: nbviewer-app (aka Jupyter Notebook Viewer) CVE-2023-41782 (There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacke ...) NOT-FOR-US: ZTE CVE-2024-22051 (CommonMarker versions prior to 0.23.4 are at risk of an integer overfl ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1badb9be15dc4eaecae427e30c452efb2af4cb33 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1badb9be15dc4eaecae427e30c452efb2af4cb33 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 32da2914 by Salvatore Bonaccorso at 2024-01-01T09:13:40+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,5 @@ CVE-2024-21732 (FlyCms through abbaa5a allows XSS via the permission management featur ...) - TODO: check + NOT-FOR-US: FlyCms CVE-2023-7193 (A vulnerability was found in MTab Bookmark up to 1.2.6 and classified ...) NOT-FOR-US: MTab Bookmark CVE-2023-7191 (A vulnerability, which was classified as critical, was found in S-CMS ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32da29141e65c2d2096fcffa9848db18e155d68c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32da29141e65c2d2096fcffa9848db18e155d68c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 179129dc by Salvatore Bonaccorso at 2023-12-30T12:35:05+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -11,7 +11,7 @@ CVE-2023-50071 (Sourcecodester Customer Support System 1.0 has multiple SQL inje CVE-2023-50070 (Sourcecodester Customer Support System 1.0 has multiple SQL injection ...) NOT-FOR-US: Sourcecodester Customer Support System CVE-2023-50069 (WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to s ...) - TODO: check + NOT-FOR-US: WireMock CVE-2023-50035 (PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users l ...) NOT-FOR-US: PHPGurukul Small CRM CVE-2023-41544 (SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remot ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/179129dc8165f0fbce6a195c7f514630885b181e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/179129dc8165f0fbce6a195c7f514630885b181e You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: cd036c6f by Salvatore Bonaccorso at 2023-12-20T21:20:32+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -105,7 +105,7 @@ CVE-2023-35915 (Improper Neutralization of Special Elements used in an SQL Comma CVE-2023-35914 (Authorization Bypass Through User-Controlled Key vulnerability in WooC ...) TODO: check CVE-2023-35895 (IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code e ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-35876 (Authorization Bypass Through User-Controlled Key vulnerability in WooC ...) TODO: check CVE-2023-34385 (Unrestricted Upload of File with Dangerous Type vulnerability in Aksha ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd036c6fbd52c69992c9ed7717736ea2aa2cc8c1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd036c6fbd52c69992c9ed7717736ea2aa2cc8c1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: bca31733 by Salvatore Bonaccorso at 2023-12-10T17:49:46+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -716,7 +716,7 @@ CVE-2023-49373 (JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request CVE-2023-49372 (JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forger ...) NOT-FOR-US: JFinalCMS CVE-2023-46674 (An issue was identified that allowed the unsafe deserialization of jav ...) - TODO: check + NOT-FOR-US: Elasticsearch-hadoop CVE-2023-45842 (Multiple data integrity vulnerabilities exist in the package hash chec ...) NOT-FOR-US: Buildroot CVE-2023-45841 (Multiple data integrity vulnerabilities exist in the package hash chec ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bca317335a907e4d4971785482db903b10977da5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bca317335a907e4d4971785482db903b10977da5 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 68e140b2 by Salvatore Bonaccorso at 2023-12-10T00:06:16+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,7 +1,7 @@ CVE-2023-50428 (In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots202311 ...) TODO: check CVE-2021-46899 (SyncTrayzor 1.1.29 enables CEF (Chromium Embedded Framework) remote de ...) - TODO: check + NOT-FOR-US: SyncTrayzor CVE-2023-6394 (A flaw was found in Quarkus. This issue occurs when receiving a reques ...) NOT-FOR-US: Quarkus CVE-2023-6337 (HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable t ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68e140b27ee90086aed7c0a2f35d998587eb27b0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68e140b27ee90086aed7c0a2f35d998587eb27b0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 1be3b23f by Salvatore Bonaccorso at 2023-12-05T09:26:36+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -39,7 +39,7 @@ CVE-2023-5105 (The Frontend File Manager Plugin WordPress plugin before 22.6 has CVE-2023-4460 (The Uploading SVG, WEBP and ICO files WordPress plugin through 1.2.1 d ...) TODO: check CVE-2023-49293 (Vite is a website frontend framework. When Vite's HTML transformation ...) - TODO: check + NOT-FOR-US: Vite CVE-2023-49292 (ecies is an Elliptic Curve Integrated Encryption Scheme for secp256k1 ...) TODO: check CVE-2023-49291 (tj-actions/branch-names is a Github action to retrieve branch or tag n ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1be3b23fa9b84277c876461718839ce89705 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1be3b23fa9b84277c876461718839ce89705 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c43f08dc by Salvatore Bonaccorso at 2023-12-04T20:32:39+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -4,7 +4,7 @@ CVE-2023-5332 (Patch in third party library Consul requires 'enable-script-check NOTE: https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8171 NOTE: https://www.hashicorp.com/blog/protecting-consul-from-rce-risk-in-specific-configurations CVE-2023-49287 (TinyDir is a lightweight C directory and file reader. Buffer overflows ...) - TODO: check + NOT-FOR-US: TinyDir CVE-2023-49108 (Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0. ...) NOT-FOR-US: RakRak Document Plus CVE-2023-49093 (HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerab ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c43f08dceab0ed27ea25b12007103a1a6132 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c43f08dceab0ed27ea25b12007103a1a6132 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: db0284d2 by Salvatore Bonaccorso at 2023-11-12T21:27:30+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,5 @@ CVE-2023-6084 (A vulnerability was found in Tongda OA 2017 up to 11.9 and classified ...) - TODO: check + NOT-FOR-US: Tongda OA CVE-2023-47037 (We failed to applyCVE-2023-40611 in 2.7.1 and this vulnerability was m ...) TODO: check CVE-2023-5959 (A vulnerability, which was classified as problematic, was found in Bei ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db0284d25f0ad50f091deeda804c1618b95b1ec4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db0284d25f0ad50f091deeda804c1618b95b1ec4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3dd8a727 by Salvatore Bonaccorso at 2023-11-11T09:50:02+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,5 @@ CVE-2023-4804 (Anunauthorized user could access debug features in Quantum HD Unity pr ...) - TODO: check + NOT-FOR-US: Quantum HD Unity CVE-2023-47122 (Gitsign is software for keyless Git signing using Sigstore. In version ...) TODO: check CVE-2023-46850 (Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3dd8a72758c436984571e8ae9e40fc5f60ae5c63 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3dd8a72758c436984571e8ae9e40fc5f60ae5c63 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a155a8cd by Salvatore Bonaccorso at 2023-11-06T20:52:38+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -3,7 +3,7 @@ CVE-2023-4699 (Insufficient Verification of Data Authenticity vulnerability in M CVE-2023-4625 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...) NOT-FOR-US: Mitsubishi CVE-2023-47271 (PKP-WAL (aka PKP Web Application Library or pkp-lib) before 3.3.0-16, ...) - TODO: check + NOT-FOR-US: PKP-WAL (aka PKP Web Application Library or pkp-lib) CVE-2023-47253 (Qualitor through 8.20 allows remote attackers to execute arbitrary cod ...) NOT-FOR-US: Qualitor CVE-2023-46802 (e-Tax software Version3.0.10 and earlier improperly restricts XML exte ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a155a8cda6e26cec2c8e68d7239ca2e13620d800 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a155a8cda6e26cec2c8e68d7239ca2e13620d800 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 12b23f36 by Salvatore Bonaccorso at 2023-11-03T20:43:12+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -76,7 +76,7 @@ CVE-2023-39054 (An information leak in Tokudaya.ekimae_mc v13.6.1 allows attacke CVE-2023-39053 (An information leak in Hattoriya v13.6.1 allows attackers to obtain th ...) NOT-FOR-US: Hattoriya CVE-2023-39051 (An information leak in VISION MEAT WORKS Track Diner 10/10mbl v13.6.1 ...) - TODO: check + NOT-FOR-US: VISION MEAT WORKS Track Diner 10/10mbl CVE-2023-39050 (An information leak in Daiky-value.Fukueten v13.6.1 allows attackers t ...) NOT-FOR-US: Daiky-value.Fukueten CVE-2023-39048 (An information leak in Tokudaya.honten v13.6.1 allows attackers to obt ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12b23f36a321316e890baf40a638c538ab77d2bd -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12b23f36a321316e890baf40a638c538ab77d2bd You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0bab5bfd by Salvatore Bonaccorso at 2023-09-19T22:14:59+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -31,7 +31,7 @@ CVE-2023-41834 (Improper Neutralization of CRLF Sequences in HTTP Headers in Apa CVE-2023-41387 (A SQL injection in the flutter_downloader component through 1.11.1 for ...) TODO: check CVE-2023-41179 (A vulnerability in the 3rd party AV uninstaller module contained in Tr ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2023-3892 (Improper Restriction of XML External Entity Reference vulnerability in ...) TODO: check CVE-2023-38356 (MiniTool Power Data Recovery 11.6 contains an insecure installation pr ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bab5bfd48463cb24435800aab0cd6a70b1f2e59 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bab5bfd48463cb24435800aab0cd6a70b1f2e59 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 42a70816 by Salvatore Bonaccorso at 2023-09-19T21:59:59+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -180477,7 +180477,7 @@ CVE-2021-26839 CVE-2021-26838 RESERVED CVE-2021-26837 (SQL Injection vulnerability in SearchTextBox parameter in Fortra (Form ...) - TODO: check + NOT-FOR-US: Fortra (Formerly HelpSystems) DeliverNow CVE-2021-26836 RESERVED CVE-2021-26835 (No filtering of cross-site scripting (XSS) payloads in the markdown-ed ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42a708168fb8603c290bee916cfe4710e075294c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42a708168fb8603c290bee916cfe4710e075294c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 604ec51d by Salvatore Bonaccorso at 2023-09-16T22:46:04+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,5 @@ CVE-2023-3025 (The Dropbox Folder Share plugin for WordPress is vulnerable to Server- ...) - TODO: check + NOT-FOR-US: Dropbox Folder Share plugin for WordPress CVE-2023-43091 [Code injection via service.json file] - gnome-maps 45~rc-1 [bullseye] - gnome-maps (Vulnerable code not present) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/604ec51da8c8422700bc094fe542680041aaac1a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/604ec51da8c8422700bc094fe542680041aaac1a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 787b9328 by Salvatore Bonaccorso at 2023-09-15T22:19:41+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -29,7 +29,7 @@ CVE-2023-4974 (A vulnerability was found in Academy LMS 6.2. It has been rated a CVE-2023-4973 (A vulnerability was found in Academy LMS 6.2 on Windows. It has been d ...) TODO: check CVE-2023-4963 (The WS Facebook Like Box Widget for WordPress plugin for WordPress is ...) - TODO: check + NOT-FOR-US: WS Facebook Like Box Widget for WordPress plugin for WordPress CVE-2023-4959 (A flaw was found in Quay. Cross-site request forgery (CSRF) attacks fo ...) TODO: check CVE-2023-4835 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/787b932890da390566c5793374b91bcdb0f78ac0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/787b932890da390566c5793374b91bcdb0f78ac0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ce8838d6 by Salvatore Bonaccorso at 2023-09-10T14:53:15+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -25956,7 +25956,7 @@ CVE-2023-28012 (HCL BigFix Mobile is vulnerable to a command injection attack. A CVE-2023-28011 RESERVED CVE-2023-28010 (In some configuration scenarios, the Domino server host name can be ex ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-28009 (HCL Workload Automation is vulnerable to an XML External Entity Inject ...) NOT-FOR-US: HCL CVE-2023-28008 (HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML Ex ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce8838d6819e301703c40d6bba46eddee6a33c1c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce8838d6819e301703c40d6bba46eddee6a33c1c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ae47778d by Salvatore Bonaccorso at 2023-09-09T09:11:36+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,5 @@ +CVE-2023-4853 + NOT-FOR-US: Quarkus CVE-2023-4843 (Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection ...) NOT-FOR-US: Pega Platform CVE-2023-4782 (Terraform version 1.0.8 through 1.5.6 allows arbitrary file write duri ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae47778dfd4b71b8e801054492aaef958d6e2c98 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae47778dfd4b71b8e801054492aaef958d6e2c98 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7226d801 by Salvatore Bonaccorso at 2023-09-08T20:45:20+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -18,7 +18,7 @@ CVE-2023-40584 (Argo CD is a declarative continuous deployment for Kubernetes. A CVE-2023-40353 (An issue was discovered in Exynos Mobile Processor 980 and 2100. An in ...) NOT-FOR-US: Samsung CVE-2023-40271 (In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate ...) - TODO: check + NOT-FOR-US: Trusted Firmware-M (TF-M) CVE-2023-40029 (Argo CD is a declarative continuous deployment for Kubernetes. Argo CD ...) NOT-FOR-US: Argo CD CVE-2023-39620 (An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7226d8018cb29815758f8e94ba45e27267884abc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7226d8018cb29815758f8e94ba45e27267884abc You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e7203bc6 by Salvatore Bonaccorso at 2023-09-07T11:05:59+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,5 @@ CVE-2023-4815 (Missing Authentication for Critical Function in GitHub repository answ ...) - TODO: check + NOT-FOR-US: answerdev/answer CVE-2023-4792 (The Duplicate Post Page Menu & Custom Post Type plugin for WordPress i ...) NOT-FOR-US: Duplicate Post Page Menu & Custom Post Type plugin for WordPress CVE-2023-4772 (The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7203bc617651ff0a9935996f0e0816db4cba3be -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7203bc617651ff0a9935996f0e0816db4cba3be You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 340ba08b by Salvatore Bonaccorso at 2023-09-05T22:34:54+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -38,7 +38,7 @@ CVE-2023-39681 (Cuppa CMS v1.0 was discovered to contain a remote code execution CVE-2023-39654 (abupy up to v0.4.0 was discovered to contain a SQL injection vulnerabi ...) TODO: check CVE-2023-39598 (Cross Site Scripting vulnerability in IceWarp Corporation WebClient v. ...) - TODO: check + NOT-FOR-US: IceWarp CVE-2023-39515 (Cacti is an open source operational monitoring and fault management fr ...) TODO: check CVE-2023-39514 (Cacti is an open source operational monitoring and fault management fr ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/340ba08bd4a1572f76e0c2f829b8db210cd2da26 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/340ba08bd4a1572f76e0c2f829b8db210cd2da26 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9d210c9c by Salvatore Bonaccorso at 2023-08-29T21:58:10+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -85,7 +85,7 @@ CVE-2023-4573 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4573 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4573 CVE-2023-41363 (In Cerebrate 1.14, a vulnerability in UserSettingsController allows au ...) - TODO: check + NOT-FOR-US: Cerebrate CVE-2023-41361 (An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not ...) - frr NOTE: https://github.com/FRRouting/frr/pull/14241 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d210c9c288eeeb4b2215824c95e41f025552e9d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d210c9c288eeeb4b2215824c95e41f025552e9d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f49e3d86 by Salvatore Bonaccorso at 2023-08-22T23:02:31+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9,7 +9,7 @@ CVE-2023-3699 (An Improper Privilege Management vulnerability was found in ASUST CVE-2023-39599 (Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0 allows att ...) NOT-FOR-US: CSZ CMS CVE-2023-39141 (webui-aria2 commit 4fe2e was discovered to contain a path traversal vu ...) - TODO: check + NOT-FOR-US: webui-aria2 CVE-2023-38996 (An issue in all versions of Douran DSGate allows a local authenticated ...) NOT-FOR-US: Douran DSGate CVE-2023-38909 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Applic ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f49e3d86648e4c668bc1f3306a0ff7b3357738a0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f49e3d86648e4c668bc1f3306a0ff7b3357738a0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 16effc60 by Salvatore Bonaccorso at 2023-08-22T22:17:40+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -19,7 +19,7 @@ CVE-2023-38908 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo CVE-2023-38906 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Applic ...) TODO: check CVE-2023-38732 (IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allo ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-38668 (Stack-based buffer over-read in disasm in nasm 2.16 allows attackers t ...) TODO: check CVE-2023-38667 (Stack-based buffer over-read in function disasm in nasm 2.16 allows at ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16effc60746254dd6da2c32b850dca9eb2dee998 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16effc60746254dd6da2c32b850dca9eb2dee998 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a536cacd by Salvatore Bonaccorso at 2023-08-18T07:00:44+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -32011,7 +32011,7 @@ CVE-2023-22442 (Out of bounds write in some Intel(R) Server Board BMC firmware b CVE-2023-22440 (Incorrect default permissions in the Intel(R) SCS Add-on software inst ...) NOT-FOR-US: Intel CVE-2023-22276 (Race condition in firmware for some Intel(R) Ethernet Controllers and ...) - TODO: check + NOT-FOR-US: Intel CVE-2023-0608 (Cross-site Scripting (XSS) - DOM in GitHub repository microweber/micro ...) NOT-FOR-US: microweber CVE-2023-0607 (Cross-site Scripting (XSS) - Stored in GitHub repository projectsend/p ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a536cacdd543ea365e74d7987e0247df196d287d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a536cacdd543ea365e74d7987e0247df196d287d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3bb22341 by Salvatore Bonaccorso at 2023-08-15T22:19:51+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -157,7 +157,7 @@ CVE-2023-38401 (A vulnerability in the HPE Aruba Networking Virtual Intranet Acc CVE-2023-35082 (An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, ...) TODO: check CVE-2023-2916 (The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive ...) - TODO: check + NOT-FOR-US: InfiniteWP Client plugin for WordPress CVE-2023-4347 (Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/l ...) NOT-FOR-US: LibreNMS CVE-2023-4308 (The User Submitted Posts plugin for WordPress is vulnerable to Stored ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bb22341a4d95abc932e6e8fab90d14e1ca01fbb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bb22341a4d95abc932e6e8fab90d14e1ca01fbb You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 85c852c1 by Salvatore Bonaccorso at 2023-08-01T09:34:51+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -33,7 +33,7 @@ CVE-2023-3130 (The Short URL WordPress plugin before 1.6.5 does not sanitise and CVE-2023-38989 (An issue in the delete function in the UserController class of jeesite ...) TODO: check CVE-2023-38750 (In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9 before 9.0.0 ...) - TODO: check + NOT-FOR-US: Zimbra CVE-2023-38311 (An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting ...) TODO: check CVE-2023-38310 (An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85c852c17b5d14a0c1ffd6a2110e65c471643d47 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85c852c17b5d14a0c1ffd6a2110e65c471643d47 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4197bdb9 by Salvatore Bonaccorso at 2023-08-01T09:10:57+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -7,7 +7,7 @@ CVE-2023-4010 (A flaw was found in the USB Host Controller Driver framework in t CVE-2023-3997 (Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a po ...) TODO: check CVE-2023-3983 (An authenticated SQL injection vulnerability exists in Advantech iView ...) - TODO: check + NOT-FOR-US: Advantech iView CVE-2023-3817 (Issue summary: Checking excessively long DH keys or parameters may be ...) TODO: check CVE-2023-3508 (The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4197bdb9255ff505f349d2441b33a05d56021a26 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4197bdb9255ff505f349d2441b33a05d56021a26 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: cd17dbca by Salvatore Bonaccorso at 2023-07-29T14:16:30+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,5 @@ CVE-2023-38988 (An issue in the delete function in the OaNotifyController class of jee ...) - TODO: check + NOT-FOR-US: jeesite CVE-2023-3598 (Out of bounds read and write in ANGLE in Google Chrome prior to 114.0. ...) {DSA-5418-1} - chromium 114.0.5735.90-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd17dbca665afa53be5ec54aa282a6135a11bb0f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd17dbca665afa53be5ec54aa282a6135a11bb0f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7c9c03f3 by Salvatore Bonaccorso at 2023-07-26T12:12:42+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,5 @@ CVE-2023-3947 (The Video Conferencing with Zoom plugin for WordPress is vulnerable to ...) - TODO: check + NOT-FOR-US: Video Conferencing with Zoom plugin for WordPress CVE-2023-3946 (A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5 ...) TODO: check CVE-2023-3945 (A vulnerability was found in phpscriptpoint Lawyer 1.6. It has been cl ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c9c03f3baa5eb70a1dc21e0c8a2e4edeaaaf160 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c9c03f3baa5eb70a1dc21e0c8a2e4edeaaaf160 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d9457735 by Salvatore Bonaccorso at 2023-07-21T06:41:29+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -65,7 +65,7 @@ CVE-2023-32447 (Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sen CVE-2023-32446 (Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive ...) TODO: check CVE-2023-32265 (A potential security vulnerability has been identified in the Enterpri ...) - TODO: check + NOT-FOR-US: Micro Focus CVE-2023-31753 (SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an ...) TODO: check CVE-2023-31462 (An issue was discovered in SteelSeries GG 36.0.0. An attacker can chan ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d94577359aa24d72424774f51106b6b40f9e26ab -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d94577359aa24d72424774f51106b6b40f9e26ab You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 02e8b15f by Salvatore Bonaccorso at 2023-07-18T22:16:53+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -73,7 +73,7 @@ CVE-2023-31441 (In NATO Communications and Information Agency anet (aka Advisor CVE-2023-2913 (An executable used in Rockwell Automation ThinManager ThinServer can b ...) TODO: check CVE-2023-2433 (The YARPP plugin for WordPress is vulnerable to Stored Cross-Site Scri ...) - TODO: check + NOT-FOR-US: YARPP plugin for WordPress CVE-2021-4428 (A vulnerability has been found in what3words Autosuggest Plugin up to ...) TODO: check CVE-2020-36762 (A vulnerability was found in ONS Digital RAS Collection Instrument up ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02e8b15f83a9cb1e16c2aad88203c29264cb37e8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02e8b15f83a9cb1e16c2aad88203c29264cb37e8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 02a088e9 by Salvatore Bonaccorso at 2023-07-17T07:26:24+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14,6 +14,8 @@ CVE-2023-3685 (A vulnerability was found in Nesote Inout Search Engine AI Editio TODO: check CVE-2023-3684 (A vulnerability was found in LivelyWorks Articart 2.0.1 and classified ...) NOT-FOR-US: LivelyWorks Articart +CVE-2023-3674 + NOT-FOR-US: Keylime CVE-2023-38379 (The web interface on the RIGOL MSO5000 digital oscilloscope with firmw ...) NOT-FOR-US: RIGOL CVE-2023-38378 (The web interface on the RIGOL MSO5000 digital oscilloscope with firmw ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02a088e97b982450ea0abfcd0b771ee5643d6bdb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02a088e97b982450ea0abfcd0b771ee5643d6bdb You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 92c0eaf8 by Salvatore Bonaccorso at 2023-06-28T22:51:35+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -16220,7 +16220,7 @@ CVE-2023-27868 CVE-2023-27867 RESERVED CVE-2023-27866 (IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code e ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-27865 RESERVED CVE-2023-27864 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to HTML ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92c0eaf8a41e621c8fa7588d7fc0cb190f5cb21b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92c0eaf8a41e621c8fa7588d7fc0cb190f5cb21b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 42725609 by Salvatore Bonaccorso at 2023-06-27T10:50:40+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -15,7 +15,7 @@ CVE-2023-35168 (DataEase is an open source data visualization analysis tool to a CVE-2023-35164 (DataEase is an open source data visualization analysis tool to analyze ...) TODO: check CVE-2023-34924 (H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflo ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-34463 (DataEase is an open source data visualization analysis tool to analyze ...) TODO: check CVE-2023-34148 (An exposed dangerous function vulnerability in the Trend Micro Apex On ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42725609373f988a50c695463be1761b55274553 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42725609373f988a50c695463be1761b55274553 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d2a8dbe5 by Salvatore Bonaccorso at 2023-06-06T10:31:36+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -15,7 +15,7 @@ CVE-2023-32628 (In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitr CVE-2023-32540 (In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary fi ...) TODO: check CVE-2023-2546 (The WP User Switch plugin for WordPress is vulnerable to authenticatio ...) - TODO: check + NOT-FOR-US: WP User Switch plugin for WordPress CVE-2023-22450 (In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary fi ...) TODO: check CVE-2018-25087 (A vulnerability classified as problematic was found in Arborator Serve ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2a8dbe5e02de9532e19cd6af46a281c546c4704 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2a8dbe5e02de9532e19cd6af46a281c546c4704 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 37602da1 by Salvatore Bonaccorso at 2023-05-31T08:03:34+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -42905,7 +42905,7 @@ CVE-2023-20886 CVE-2023-20885 RESERVED CVE-2023-20884 (VMware Workspace ONE Access and VMware Identity Manager contain an ins ...) - TODO: check + NOT-FOR-US: VMware CVE-2023-20883 (In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, ...) NOT-FOR-US: Spring Boot CVE-2023-20882 (In Cloud foundry routing release versions from 0.262.0 and prior to 0. ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37602da15f3adbd696c5b5490cabc4ec1c23f427 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37602da15f3adbd696c5b5490cabc4ec1c23f427 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU in Spring Boot
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 337da7fa by Salvatore Bonaccorso at 2023-05-24T07:44:19+02:00 Process one NFU in Spring Boot - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -42120,6 +42120,7 @@ CVE-2023-20884 RESERVED CVE-2023-20883 RESERVED + NOT-FOR-US: Spring Boot CVE-2023-20882 RESERVED CVE-2023-20881 (Cloud foundry instances having CAPI version between 1.140 and 1.152.0 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/337da7fa4dadc5f98884755452699e3ff1d17e16 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/337da7fa4dadc5f98884755452699e3ff1d17e16 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 57343b44 by Salvatore Bonaccorso at 2023-05-23T22:26:31+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -4375,7 +4375,7 @@ CVE-2023-30442 CVE-2023-30441 (IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8 ...) NOT-FOR-US: IBM CVE-2023-30440 (IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW9 ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-30439 RESERVED CVE-2023-30438 (An internally discovered vulnerability in PowerVM on IBM Power9 and Po ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57343b449191f433619f65b09b598af4cf40172f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57343b449191f433619f65b09b598af4cf40172f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ba9bfd18 by Salvatore Bonaccorso at 2023-05-22T11:18:59+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -25,7 +25,7 @@ CVE-2023-33236 (MXsecurity version 1.0 is vulnearble to hardcoded credential vul CVE-2023-33235 (MXsecurity version 1.0 is vulnearble to command injection vulnerabilit ...) TODO: check CVE-2023-32336 (IBM InfoSphere Information Server 11.7 is affected by a remote code ex ...) - TODO: check + NOT-FOR-US: IBM CVE-2020-36694 (An issue was discovered in netfilter in the Linux kernel before 5.10. ...) - linux CVE-2023-31454 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba9bfd18c620258993b5aaeb1e8eda694e0b8a9f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba9bfd18c620258993b5aaeb1e8eda694e0b8a9f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: fb6dde22 by Salvatore Bonaccorso at 2023-05-21T22:27:05+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,5 @@ CVE-2021-46888 (An issue was discovered in hledger before 1.23. A Stored Cross-Site Sc ...) - TODO: check + NOT-FOR-US: hledger CVE-2023-32589 (Cross-Site Request Forgery (CSRF) vulnerability in PingOnline Dyslexie ...) NOT-FOR-US: WordPress plugin CVE-2023-2826 (A vulnerability has been found in SourceCodester Class Scheduling Syst ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb6dde22dbe840898924903ca5a1c0515df6dc6d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb6dde22dbe840898924903ca5a1c0515df6dc6d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8f2608c5 by Salvatore Bonaccorso at 2023-05-18T22:25:11+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -27716,7 +27716,7 @@ CVE-2023-0034 (The JetWidgets For Elementor WordPress plugin before 1.0.14 does CVE-2023-0033 (The PDF Viewer WordPress plugin before 1.0.0 does not validate and esc ...) NOT-FOR-US: WordPress plugin CVE-2022-4870 (In affected versions of Octopus Deploy it is possible to discover netw ...) - TODO: check + NOT-FOR-US: Octopus Deploy CVE-2015-10011 (A vulnerability classified as problematic has been found in OpenDNS Op ...) NOT-FOR-US: OpenResolve CVE-2015-10010 (A vulnerability was found in OpenDNS OpenResolve. It has been rated as ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f2608c572a53829391cc8cdcb764dffcacd62c7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f2608c572a53829391cc8cdcb764dffcacd62c7 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2aa60d89 by Salvatore Bonaccorso at 2023-05-17T22:13:37+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -3970,7 +3970,7 @@ CVE-2023-30440 CVE-2023-30439 RESERVED CVE-2023-30438 (An internally discovered vulnerability in PowerVM on IBM Power9 and Po ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-30437 RESERVED CVE-2023-30436 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aa60d89ec0b2197bdec275ce6b439e90f9206c4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2aa60d89ec0b2197bdec275ce6b439e90f9206c4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 277ab670 by Salvatore Bonaccorso at 2023-05-09T22:37:28+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -5,7 +5,7 @@ CVE-2023-32069 (XWiki Platform is a generic wiki platform. Starting in version 3 CVE-2023-32066 (Time Tracker is an open source time tracking system. The week view plu ...) TODO: check CVE-2023-32060 (DHIS2 Core contains the service layer and Web API for DHIS2, an inform ...) - TODO: check + NOT-FOR-US: DHIS2 CVE-2023-31982 (Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the ...) - sngrep 1.7.0-1 NOTE: https://github.com/irontec/sngrep/issues/431 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/277ab670c4b7acadcc30f05a66aeaa6c65cd2840 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/277ab670c4b7acadcc30f05a66aeaa6c65cd2840 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 047e869e by Salvatore Bonaccorso at 2023-05-06T22:20:09+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,5 @@ CVE-2023-2560 (A vulnerability was found in jja8 NewBingGoGo up to 2023.5.5.2. It has ...) - TODO: check + NOT-FOR-US: jja8 NewBingGoGo CVE-2016-15031 (A vulnerability was found in PHP-Login 1.0. It has been declared as cr ...) NOT-FOR-US: PHP-Login CVE-2023-2554 (External Control of File Name or Path in GitHub repository unilogies/b ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/047e869e9694c8dae146831d45b202eb6b2355f3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/047e869e9694c8dae146831d45b202eb6b2355f3 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5035183f by Salvatore Bonaccorso at 2023-05-06T11:37:36+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -28852,7 +28852,7 @@ CVE-2022-47759 CVE-2022-47758 (Nanoleaf firmware v7.1.1 and below is missing an SSL certificate, allo ...) NOT-FOR-US: Nanoleaf CVE-2022-47757 (In imo.im 2022.11.1051, a path traversal vulnerability delivered via a ...) - TODO: check + NOT-FOR-US: imo.im Android application CVE-2022-47756 RESERVED CVE-2022-47755 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5035183f6dec700bc4719e2eed57178891f944d3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5035183f6dec700bc4719e2eed57178891f944d3 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d4062c1f by Salvatore Bonaccorso at 2023-05-05T11:17:12+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9,7 +9,7 @@ CVE-2023-31413 (Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjs CVE-2023-2535 (Sensitive information exposure in the Web Frontend of KNIME Business H ...) NOT-FOR-US: KNIME CVE-2023-2531 (Improper Restriction of Excessive Authentication Attempts in GitHub re ...) - TODO: check + NOT-FOR-US: azuracast CVE-2017-20183 (A vulnerability was found in External Media without Import Plugin up t ...) NOT-FOR-US: WordPress plugin CVE-2023-2524 (A vulnerability classified as critical has been found in Control iD RH ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4062c1fa758f9505f61f63b6e321ce78728912d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4062c1fa758f9505f61f63b6e321ce78728912d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 16b8cee2 by Salvatore Bonaccorso at 2023-05-05T10:16:03+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -3657,7 +3657,7 @@ CVE-2023-30137 CVE-2023-30136 RESERVED CVE-2023-30135 (Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command ...) - TODO: check + NOT-FOR-US: Tenda CVE-2023-30134 RESERVED CVE-2023-30133 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16b8cee25d26a0c7748604926399411a50973ff6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16b8cee25d26a0c7748604926399411a50973ff6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7b48e10d by Salvatore Bonaccorso at 2023-05-04T10:18:10+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -56655,7 +56655,7 @@ CVE-2022-39163 CVE-2022-39162 RESERVED CVE-2022-39161 (IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-39160 (IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 is vulnerable to cross ...) NOT-FOR-US: IBM CVE-2022-3093 (This vulnerability allows physical attackers to execute arbitrary code ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b48e10defc7e8036596bd46a05cae6f479588c9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b48e10defc7e8036596bd46a05cae6f479588c9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 493de603 by Salvatore Bonaccorso at 2023-04-29T22:31:04+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2858,7 +2858,7 @@ CVE-2023-30443 CVE-2023-30442 RESERVED CVE-2023-30441 (IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8 ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-30440 RESERVED CVE-2023-30439 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/493de6039ea148776b1b62ef440e09c89f09ff26 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/493de6039ea148776b1b62ef440e09c89f09ff26 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: bf3f60d9 by Salvatore Bonaccorso at 2023-04-24T21:13:44+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -143423,7 +143423,7 @@ CVE-2021-33591 (An exposed remote debugging port in Naver Comic Viewer prior to CVE-2021-33590 (GattLib 0.3-rc1 has a stack-based buffer over-read in get_device_path_ ...) NOT-FOR-US: GattLib CVE-2021-33589 (Ribose RNP before 0.15.1 does not implement a required step in a crypt ...) - TODO: check + NOT-FOR-US: Ribose RNP CVE-2021-33588 RESERVED CVE-2021-33587 (The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure t ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf3f60d93f93160b20e55c3b92bcae0158e951e0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf3f60d93f93160b20e55c3b92bcae0158e951e0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 31addcc0 by Salvatore Bonaccorso at 2023-04-20T23:36:45+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -896,7 +896,7 @@ CVE-2023-30618 CVE-2023-30617 RESERVED CVE-2023-30616 (Form block is a wordpress plugin designed to make form creation easier ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-30615 RESERVED CVE-2023-30614 (Pay is a payments engine for Ruby on Rails 6.0 and higher. In versions ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31addcc05e851de24e1d8d0a56181fa3a6c92362 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31addcc05e851de24e1d8d0a56181fa3a6c92362 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8f6e5604 by Salvatore Bonaccorso at 2023-04-16T20:48:07+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -16119,7 +16119,7 @@ CVE-2022-48314 CVE-2022-48313 RESERVED CVE-2022-48312 (The HwPCAssistant module has the out-of-bounds read/write vulnerabilit ...) - TODO: check + NOT-FOR-US: Huawei CVE-2023-25194 (A possible security vulnerability has been identified in Apache Kafka ...) - kafka (bug #786460) CVE-2022-4902 (A vulnerability classified as problematic has been found in eXo Chat A ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f6e56044261feb9c5ac949913d7a5eaf8cd1b42 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f6e56044261feb9c5ac949913d7a5eaf8cd1b42 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 41b07f22 by Salvatore Bonaccorso at 2023-04-12T22:44:57+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2110,7 +2110,7 @@ CVE-2023-29576 (Bento4 v1.6.0-639 was discovered to contain a segmentation viola CVE-2023-29575 RESERVED CVE-2023-29574 (Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in th ...) - TODO: check + NOT-FOR-US: Bento4 CVE-2023-29573 RESERVED CVE-2023-29572 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41b07f227c58a4d99dc67425998bcb0612f22691 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41b07f227c58a4d99dc67425998bcb0612f22691 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 071bfc0e by Salvatore Bonaccorso at 2023-04-12T22:15:42+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2822,7 +2822,7 @@ CVE-2023-1876 CVE-2023-1875 RESERVED CVE-2023-1874 (The WP Data Access plugin for WordPress is vulnerable to privilege esc ...) - TODO: check + NOT-FOR-US: WP Data Access plugin for WordPress CVE-2023-1873 RESERVED CVE-2023-1872 (A use-after-free vulnerability in the Linux Kernel io_uring system can ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/071bfc0ebf043417cb48c6b74581f5ce55315c4c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/071bfc0ebf043417cb48c6b74581f5ce55315c4c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: dbeb461f by Salvatore Bonaccorso at 2023-04-07T09:05:57+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -892,7 +892,7 @@ CVE-2023-1804 CVE-2023-1803 RESERVED CVE-2023-1802 (In Docker Desktop 4.17.x the Artifactory Integration falls back to sen ...) - TODO: check + NOT-FOR-US: Docker Desktop CVE-2023-1801 RESERVED CVE-2023-1800 (A vulnerability, which was classified as critical, has been found in s ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbeb461f11ec4716b1bcfbf3e9e40c5bdc4b3926 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbeb461f11ec4716b1bcfbf3e9e40c5bdc4b3926 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3de7ceb0 by Salvatore Bonaccorso at 2023-04-06T22:25:23+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -91,7 +91,7 @@ CVE-2023-1914 CVE-2023-1913 (The Maps Widget for Google Maps for WordPress is vulnerable to Stored ...) TODO: check CVE-2023-1912 (The Limit Login Attempts plugin for WordPress is vulnerable to Stored ...) - TODO: check + NOT-FOR-US: Limit Login Attempts plugin for WordPress CVE-2023-1911 RESERVED CVE-2023-1910 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3de7ceb002ac6ec86827fc4072054565fdaa918c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3de7ceb002ac6ec86827fc4072054565fdaa918c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 53ba671a by Salvatore Bonaccorso at 2023-04-04T22:21:42+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -67,7 +67,7 @@ CVE-2023-29234 CVE-2023-23581 RESERVED CVE-2023-1840 (The Sp*tify Play Button for WordPress plugin for WordPress is vulnerab ...) - TODO: check + NOT-FOR-US: Sp*tify Play Button for WordPress plugin for WordPress CVE-2023-1839 RESERVED CVE-2023-1838 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53ba671afc2f1161b059a9bab7a7f9ed1b4d2a3c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53ba671afc2f1161b059a9bab7a7f9ed1b4d2a3c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b4c5b40b by Salvatore Bonaccorso at 2023-04-04T10:54:06+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -6982,7 +6982,7 @@ CVE-2023-26978 CVE-2023-26977 RESERVED CVE-2023-26976 (Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflo ...) - TODO: check + NOT-FOR-US: Tenda CVE-2023-26975 RESERVED CVE-2023-26974 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4c5b40b20b1bd0c45b38599390f8a00d6cdb2b4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4c5b40b20b1bd0c45b38599390f8a00d6cdb2b4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8c4fecf6 by Salvatore Bonaccorso at 2023-03-28T22:20:04+02:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -24980,7 +24980,7 @@ CVE-2022-46850 CVE-2022-46849 RESERVED CVE-2022-46848 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-46847 RESERVED CVE-2022-46846 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c4fecf63f5fee4f15c86d5ae6f07b2ec604b735 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c4fecf63f5fee4f15c86d5ae6f07b2ec604b735 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 21cb05e0 by Salvatore Bonaccorso at 2023-03-22T10:29:05+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9,7 +9,7 @@ CVE-2023-28727 CVE-2023-28726 RESERVED CVE-2023-28725 (General Bytes Crypto Application Server (CAS) 20230120, as distributed ...) - TODO: check + NOT-FOR-US: General Bytes Crypto Application Server (CAS) CVE-2023-28723 RESERVED CVE-2023-28718 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21cb05e0f470390edfc3a78dab09141ed4c59423 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21cb05e0f470390edfc3a78dab09141ed4c59423 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8c79722a by Salvatore Bonaccorso at 2023-03-19T21:38:06+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -7,7 +7,7 @@ CVE-2023-1499 CVE-2023-1498 RESERVED CVE-2023-1497 (A vulnerability was found in SourceCodester Simple and Nice Shopping C ...) - TODO: check + NOT-FOR-US: SourceCodester Simple and Nice Shopping Cart Script CVE-2023-1496 (Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/i ...) TODO: check CVE-2023-28617 (org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for G ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c79722a245446f268c42c101b8adf03362b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c79722a245446f268c42c101b8adf03362b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a7d78142 by Salvatore Bonaccorso at 2023-03-08T21:14:47+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -7106,7 +7106,7 @@ CVE-2023-25397 CVE-2023-25396 (Privilege escalation in the MSI repair functionality in Caphyon Advanc ...) NOT-FOR-US: Caphyon Advanced Installer CVE-2023-25395 (TOTOlink A7100RU V7.4cu.2313_B20191024 router has a command injection ...) - TODO: check + NOT-FOR-US: TOTOLINK CVE-2023-25394 RESERVED CVE-2023-25393 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d781426ea89cabb954958af2d2df3db2871ffc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d781426ea89cabb954958af2d2df3db2871ffc You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 25b21e7c by Salvatore Bonaccorso at 2023-03-01T21:33:06+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2944,7 +2944,7 @@ CVE-2023-26283 CVE-2023-26282 RESERVED CVE-2023-26281 (IBM HTTP Server 8.5 used by IBM WebSphere Application Server could all ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-26280 RESERVED CVE-2023-26279 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25b21e7c8fc02da344cba6be187d5735c1697e68 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25b21e7c8fc02da344cba6be187d5735c1697e68 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ba6933d5 by Salvatore Bonaccorso at 2023-02-26T22:10:33+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1407,7 +1407,7 @@ CVE-2023-26093 (Liima before 1.17.28 allows Hibernate query language (HQL) injec CVE-2023-26092 (Liima before 1.17.28 allows server-side template injection. ...) NOT-FOR-US: Liima CVE-2023-26091 (The frp_form_answers (aka Forms Export) extension before 3.1.2, and 4. ...) - TODO: check + NOT-FOR-US: TYPO3 extension CVE-2023-26090 RESERVED CVE-2023-26089 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba6933d50fe06b87017134d5f7f6b210dc721512 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba6933d50fe06b87017134d5f7f6b210dc721512 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 6c532679 by Salvatore Bonaccorso at 2023-02-15T21:16:11+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -20957,7 +20957,7 @@ CVE-2022-45155 CVE-2022-45154 (A Cleartext Storage of Sensitive Information vulnerability in suppport ...) TODO: check CVE-2022-45153 (An Incorrect Default Permissions vulnerability in saphanabootstrap-for ...) - TODO: check + NOT-FOR-US: SAP CVE-2022-45152 (A blind Server-Side Request Forgery (SSRF) vulnerability was found in ...) - moodle CVE-2022-45151 (The stored-XSS vulnerability was discovered in Moodle which exists due ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c5326793fb451b917c59ada2f46e1794a9566e9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c5326793fb451b917c59ada2f46e1794a9566e9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 45f6d019 by Salvatore Bonaccorso at 2023-02-02T21:22:39+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -43926,7 +43926,7 @@ CVE-2022-36769 CVE-2022-36768 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local ...) NOT-FOR-US: IBM CVE-2022-2546 (The All-in-One WP Migration WordPress plugin before 7.63 uses the wron ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-2545 RESERVED CVE-2022-2544 (The Ninja Job Board WordPress plugin before 1.3.3 does not protect the ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45f6d0196ba45b68220009f2b746db7a02dd06a9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45f6d0196ba45b68220009f2b746db7a02dd06a9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: dd6b0921 by Salvatore Bonaccorso at 2023-01-30T21:21:18+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -57,7 +57,7 @@ CVE-2023-0583 CVE-2023-0582 RESERVED CVE-2023-0581 (The PrivateContent plugin for WordPress is vulnerable to protection me ...) - TODO: check + NOT-FOR-US: PrivateContent plugin for WordPress CVE-2023-0580 RESERVED CVE-2023-0579 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd6b0921a5d9d159b4c0ad6cb5bf3262565e4b1e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd6b0921a5d9d159b4c0ad6cb5bf3262565e4b1e You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a38b5300 by Salvatore Bonaccorso at 2023-01-12T21:29:21+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -75,7 +75,7 @@ CVE-2023-23456 (A heap-based buffer overflow issue was discovered in UPX in Pack CVE-2023-0255 RESERVED CVE-2023-0254 (The Simple Membership WP user Import plugin for WordPress is vulnerabl ...) - TODO: check + NOT-FOR-US: Simple Membership WP user Import plugin for WordPress CVE-2023-0253 RESERVED CVE-2023-0252 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a38b5300b32cb2d02bee27769deb30195c7f75fc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a38b5300b32cb2d02bee27769deb30195c7f75fc You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 1c81ac53 by Salvatore Bonaccorso at 2023-01-12T08:07:33+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -16416,7 +16416,7 @@ CVE-2022-3784 (A vulnerability classified as critical was found in Axiomatic Ben CVE-2022-3783 (A vulnerability, which was classified as problematic, has been found i ...) NOT-FOR-US: node-red-dashboard CVE-2022-3782 (keycloak: path traversal via double URL encoding ...) - TODO: check + NOT-FOR-US: Keycloak CVE-2022-3781 (Dashlane password and Keepass Server password in My Account Settings a ...) NOT-FOR-US: Devolutions Remote Desktop Manager CVE-2021-46852 (The memory management module has the logic bypass vulnerability. Succe ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c81ac53af9b85297602fb903e1b14915756f508 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c81ac53af9b85297602fb903e1b14915756f508 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7aefa6a8 by Salvatore Bonaccorso at 2023-01-08T21:02:42+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -11,7 +11,7 @@ CVE-2023-22851 CVE-2023-22850 RESERVED CVE-2021-4307 (A vulnerability was found in Yomguithereal Baobab up to 2.6.0. It has ...) - TODO: check + NOT-FOR-US: Yomguithereal Baobab CVE-2020-36646 (A vulnerability classified as problematic has been found in MediaArea ...) TODO: check CVE-2017-20164 (A vulnerability was found in Symbiote Seed up to 6.0.2. It has been cl ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7aefa6a80248d44ddbe446a0188fd36f9a4d903f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7aefa6a80248d44ddbe446a0188fd36f9a4d903f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 47ef6b65 by Salvatore Bonaccorso at 2023-01-04T09:27:54+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -21324,7 +21324,7 @@ CVE-2022-42437 CVE-2022-42436 RESERVED CVE-2022-42435 (IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0. ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-42433 RESERVED CVE-2022-42432 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47ef6b657890021c262ce8d2e241c174781f4279 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47ef6b657890021c262ce8d2e241c174781f4279 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5619a1ac by Salvatore Bonaccorso at 2022-12-30T20:57:21+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -256794,7 +256794,7 @@ CVE-2019-11853 (Several potential command injections vulnerabilities exist in th CVE-2019-11852 (An out-of-bounds reads vulnerability exists in the ACEView Service of ...) NOT-FOR-US: ALEOS CVE-2019-11851 (The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x throug ...) - TODO: check + NOT-FOR-US: ALEOS CVE-2019-11850 (A stack overflow vulnerabiltity exist in the AT command interface of A ...) NOT-FOR-US: ALEOS CVE-2019-11849 (A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5619a1acb26eb3db2e5cd3aa28e6139204840e8f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5619a1acb26eb3db2e5cd3aa28e6139204840e8f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b3a18de5 by Salvatore Bonaccorso at 2022-12-28T21:16:30+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -10248,7 +10248,7 @@ CVE-2022-3924 CVE-2022-3923 RESERVED CVE-2022-3922 (The Broken Link Checker WordPress plugin before 1.11.20 does not sanit ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45134 RESERVED CVE-2022-45133 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3a18de5f2ad956e0d169ba4c889df843a2d71cd -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3a18de5f2ad956e0d169ba4c889df843a2d71cd You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 67202abc by Salvatore Bonaccorso at 2022-12-24T09:22:54+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -4,7 +4,7 @@ CVE-2022-47946 (An issue was discovered in the Linux kernel 5.10.x before 5.10.1 [buster] - linux (Vulnerable code not present) NOTE: https://www.openwall.com/lists/oss-security/2022/12/22/2 CVE-2022-47945 (ThinkPHP Framework before 6.0.14 allows local file inclusion via the l ...) - TODO: check + NOT-FOR-US: ThinkPHP Framework CVE-2022-47944 RESERVED CVE-2022-4724 (Improper Access Control in GitHub repository ikus060/rdiffweb prior to ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67202abcb7003d123aabd6c25bb446a7b154c274 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67202abcb7003d123aabd6c25bb446a7b154c274 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e0ac58ad by Salvatore Bonaccorso at 2022-12-22T09:27:21+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -73266,7 +73266,7 @@ CVE-2022-23538 CVE-2022-23537 (PJSIP is a free and open source multimedia communication library writt ...) TODO: check CVE-2022-23536 (Cortex provides multi-tenant, long term storage for Prometheus. A loca ...) - TODO: check + NOT-FOR-US: Cortex (multi-tenant, long term storage for Prometheus) CVE-2022-23535 RESERVED CVE-2022-23534 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ac58adc8bf1546c8891570cb7ce0a59ff9ece4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ac58adc8bf1546c8891570cb7ce0a59ff9ece4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 00a67e08 by Salvatore Bonaccorso at 2022-12-09T21:23:00+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -18299,7 +18299,7 @@ CVE-2022-41301 (A maliciously crafted PKT file when consumed through Subassembly CVE-2022-41300 RESERVED CVE-2022-41299 (IBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-41298 RESERVED CVE-2022-41297 (IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00a67e0813131430e95a4ea8e944c8b1326bc71c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00a67e0813131430e95a4ea8e944c8b1326bc71c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: fe33 by Salvatore Bonaccorso at 2022-12-01T16:15:04+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1833,7 +1833,7 @@ CVE-2022-45642 CVE-2022-45641 RESERVED CVE-2022-45640 (Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Cause ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-45639 RESERVED CVE-2022-45638 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe33aeba4f8f3b796e7593c61482b3076bfe -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe33aeba4f8f3b796e7593c61482b3076bfe You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits