Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c7871ef7 by Salvatore Bonaccorso at 2023-03-26T17:28:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1163,11 +1163,11 @@ CVE-2023-1460 (A vulnerability was found in
SourceCodester Online Pizza Ordering
CVE-2023-1459 (A vulnerability was found in SourceCodester Canteen Management
System ...)
NOT-FOR-US: SourceCodester Canteen Management System
CVE-2023-1458 (** DISPUTED ** A vulnerability has been found in Ubiquiti
EdgeRouter X ...)
- TODO: check
+ NOT-FOR-US: Ubiquiti EdgeRouter X
CVE-2023-1457 (** DISPUTED ** A vulnerability, which was classified as
critical, was ...)
- TODO: check
+ NOT-FOR-US: Ubiquiti EdgeRouter X
CVE-2023-1456 (** DISPUTED ** A vulnerability, which was classified as
critical, has ...)
- TODO: check
+ NOT-FOR-US: Ubiquiti EdgeRouter X
CVE-2023-1455 (A vulnerability classified as critical was found in
SourceCodester Onl ...)
NOT-FOR-US: SourceCodester Online Pizza Ordering System
CVE-2023-1454 (A vulnerability classified as critical has been found in
jeecg-boot 3. ...)
@@ -1381,11 +1381,11 @@ CVE-2023-28439 (CKEditor4 is an open source
what-you-see-is-what-you-get HTML ed
CVE-2023-28438 (Pimcore is an open source data and experience management
platform. Pri ...)
NOT-FOR-US: Pimcore
CVE-2023-28437 (Dataease is an open source data visualization and analysis
tool. The b ...)
- TODO: check
+ NOT-FOR-US: Dataease
CVE-2023-28436 (Tailscale is software for using Wireguard and multi-factor
authenticat ...)
NOT-FOR-US: Tailscale
CVE-2023-28435 (Dataease is an open source data visualization and analysis
tool. The p ...)
- TODO: check
+ NOT-FOR-US: Dataease
CVE-2023-28434 (Minio is a Multi-Cloud Object Storage framework. Prior to
RELEASE.2023 ...)
- minio <itp> (bug #859207)
CVE-2023-28433 (Minio is a Multi-Cloud Object Storage framework. All users on
Windows ...)
@@ -4010,9 +4010,9 @@ CVE-2023-27603
CVE-2023-27602
RESERVED
CVE-2023-1177 (Path Traversal: '\..\filename' in GitHub repository
mlflow/mlflow prio ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2023-1176 (Absolute Path Traversal in GitHub repository mlflow/mlflow
prior to 2. ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2023-1175 (Incorrect Calculation of Buffer Size in GitHub repository
vim/vim prio ...)
- vim 2:9.0.1378-1
[bullseye] - vim <no-dsa> (Minor issue)
@@ -5487,7 +5487,7 @@ CVE-2023-27096
CVE-2023-27095 (Insecure Permissions vulnerability found in OpenGoofy Hippo4j
v.1.4.3 ...)
NOT-FOR-US: Hippo4j
CVE-2023-27094 (An issue found in OpenGoofy Hippo4j v.1.4.3 allows attackers
to escala ...)
- TODO: check
+ NOT-FOR-US: Hippo4j
CVE-2023-27093 (Cross Site Scripting vulnerability found in My-Blog allows
attackers t ...)
NOT-FOR-US: My-Blog
CVE-2023-27092
@@ -5521,7 +5521,7 @@ CVE-2023-27079 (Command Injection vulnerability found in
Tenda G103 v.1.0.05 all
CVE-2023-27078 (A command injection issue was found in TP-Link MR3020
v.1_150921 that ...)
NOT-FOR-US: TP-Link
CVE-2023-27077 (Stack Overflow vulnerability found in 360 D901 allows a remote
attacke ...)
- TODO: check
+ NOT-FOR-US: 360 D901
CVE-2023-27076
RESERVED
CVE-2023-27075
@@ -11228,9 +11228,9 @@ CVE-2023-0631 (The Paid Memberships Pro WordPress
plugin before 2.9.12 does not
CVE-2023-0630 (The Slimstat Analytics WordPress plugin before 4.9.3.3 does not
preven ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0629 (Docker Desktop before 4.17.0 allows an unprivileged user to
bypass Enh ...)
- TODO: check
+ NOT-FOR-US: Docker Desktop
CVE-2023-0628 (Docker Desktop before 4.17.0 allows an attacker to execute an
arbitrar ...)
- TODO: check
+ NOT-FOR-US: Docker Desktop
CVE-2023-0627
RESERVED
CVE-2023-0626
@@ -11814,9 +11814,9 @@ CVE-2023-24790
CVE-2023-24789 (jeecg-boot v3.4.4 was discovered to contain an authenticated
SQL injec ...)
NOT-FOR-US: jeecg-boot
CVE-2023-24788 (RESERVED NotrinosERP v0.7 was discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: NotrinosERP
CVE-2023-24787 (RESERVED churchcrm v4.5.3 was discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: churchcrm
CVE-2023-24786
RESERVED
CVE-2023-24785 (An issue in Giorgio Tani peazip v.9.0.0 allows attackers to
cause a de ...)
@@ -12161,7 +12161,7 @@ CVE-2023-24627
CVE-2023-24626
RESERVED
CVE-2023-24625 (Faveo 5.0.1 allows remote attackers to obtain sensitive
information vi ...)
- TODO: check
+ NOT-FOR-US: Faveo
CVE-2023-24624
RESERVED
CVE-2023-24623 (Paranoidhttp before 0.3.0 allows SSRF because [::] is
equivalent to th ...)
@@ -14305,7 +14305,7 @@ CVE-2023-23866
CVE-2023-23865 (Cross-Site Request Forgery (CSRF) vulnerability in Checkout
Plugins St ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23864 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Micha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23863
RESERVED
CVE-2023-23862
@@ -14992,7 +14992,7 @@ CVE-2023-23652
CVE-2023-23651
RESERVED
CVE-2023-23650 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS)
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23649
RESERVED
CVE-2023-23648
@@ -16453,7 +16453,7 @@ CVE-2023-23151 (bloofoxCMS v0.5.2.1 was discovered to
contain an arbitrary file
CVE-2023-23150 (SA-WR915ND router firmware v17.35.1 was discovered to be
vulnerable to ...)
NOT-FOR-US: SA-WR915ND
CVE-2023-23149 (DEK-1705 <=Firmware:34.23.1 device was discovered to have a
command ...)
- TODO: check
+ NOT-FOR-US: DEK-1705
CVE-2023-23148
RESERVED
CVE-2023-23147
@@ -17721,7 +17721,7 @@ CVE-2023-22814
CVE-2023-22813
RESERVED
CVE-2023-22812 (SanDisk PrivateAccess versions prior to 6.4.9 support insecure
TLS 1.0 ...)
- TODO: check
+ NOT-FOR-US: SanDisk PrivateAccess
CVE-2023-22811
RESERVED
CVE-2023-22810
@@ -18001,15 +18001,15 @@ CVE-2023-22718
CVE-2023-22717
RESERVED
CVE-2023-22716 (Auth. (admin+) Cross-Site Scripting vulnerability in OOPSpam
OOPSpam A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22715 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in
Lester 'GaM ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22714
RESERVED
CVE-2023-22713
RESERVED
CVE-2023-22712 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22711
RESERVED
CVE-2023-22710
@@ -18025,11 +18025,11 @@ CVE-2023-22706
CVE-2023-22705
RESERVED
CVE-2023-22704 (Reflected Cross-Site Scripting (XSS) vulnerability in Michael
Winkler ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22703
RESERVED
CVE-2023-22702 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in WPMob ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22701
RESERVED
CVE-2023-22700 (Cross-Site Request Forgery (CSRF) vulnerability in
PixelYourSite Pixel ...)
@@ -18069,15 +18069,15 @@ CVE-2023-22684
CVE-2023-22683
RESERVED
CVE-2023-22682 (Reflected Cross-Site Scripting (XSS) vulnerability in Manuel
Masia | P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22681 (Cross-Site Request Forgery (CSRF) vulnerability in
Aarvanshinfotech On ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22680 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Alta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22679 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Nico ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22678 (Cross-Site Request Forgery (CSRF) vulnerability in Rafael Dery
Superio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22677
RESERVED
CVE-2023-22676
@@ -19007,7 +19007,7 @@ CVE-2023-22477 (Mercurius is a GraphQL adapter for
Fastify. Any users of Mercuri
CVE-2023-22476 (Mantis Bug Tracker (MantisBT) is an open source issue tracker.
In vers ...)
- mantis <removed>
CVE-2023-0027 (Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2022-4854
RESERVED
CVE-2022-4853
@@ -20481,13 +20481,13 @@ CVE-2022-4632 (A vulnerability has been found in Auto
Upload Images up to 3.3.0
CVE-2022-4631 (A vulnerability, which was classified as problematic, was found
in WP- ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46300 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may
disclose i ...)
- TODO: check
+ NOT-FOR-US: VISAM VBASE Automation Base
CVE-2022-4630 (Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository
lirantal ...)
NOT-FOR-US: daloRADIUS
CVE-2022-4629 (The Product Slider for WooCommerce WordPress plugin before
2.6.4 does ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46286 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may
disclose i ...)
- TODO: check
+ NOT-FOR-US: VISAM VBASE Automation Base
CVE-2022-4628 (The Easy PayPal Buy Now Button WordPress plugin before 1.7.4
does not ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4627 (The ShiftNav WordPress plugin before 1.7.2 does not validate
and escap ...)
@@ -20503,15 +20503,15 @@ CVE-2022-4623
CVE-2022-45876
RESERVED
CVE-2022-45468 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may
disclose i ...)
- TODO: check
+ NOT-FOR-US: VISAM VBASE Automation Base
CVE-2022-45444 (Sewio’s Real-Time Location System (RTLS) Studio version
2.0.0 up ...)
NOT-FOR-US: Sewio
CVE-2022-45127 (Sewio’s Real-Time Location System (RTLS) Studio version
2.0.0 up ...)
NOT-FOR-US: Sewio
CVE-2022-45121 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may
disclose i ...)
- TODO: check
+ NOT-FOR-US: VISAM VBASE Automation Base
CVE-2022-43512 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may
disclose i ...)
- TODO: check
+ NOT-FOR-US: VISAM VBASE Automation Base
CVE-2022-43483 (Sewio’s Real-Time Location System (RTLS) Studio version
2.0.0 up ...)
NOT-FOR-US: Sewio
CVE-2022-43455 (Sewio’s Real-Time Location System (RTLS) Studio version
2.0.0 up ...)
@@ -20519,7 +20519,7 @@ CVE-2022-43455 (Sewio’s Real-Time Location System
(RTLS) Studio version 2.
CVE-2022-41989 (Sewio’s Real-Time Location System (RTLS) Studio version
2.0.0 up ...)
NOT-FOR-US: Sewio
CVE-2022-41696 (Versions of VISAM VBASE Automation Base prior to 11.7.5 may
disclose i ...)
- TODO: check
+ NOT-FOR-US: VISAM VBASE Automation Base
CVE-2022-40633 (A malicious actor can clone access cards used to open control
cabinets ...)
NOT-FOR-US: Rittal
CVE-2021-4274 (A vulnerability, which was classified as problematic, has been
found i ...)
@@ -21221,13 +21221,13 @@ CVE-2022-47594
CVE-2022-47593
RESERVED
CVE-2022-47592 (Reflected Cross-Site Scripting (XSS) vulnerability in
Dmytriy.Cooperma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47591 (Reflected Cross-Site Scripting (XSS) vulnerability in Mickael
Austoni ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47590
RESERVED
CVE-2022-47589 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in this ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47588
RESERVED
CVE-2022-47587
@@ -21275,45 +21275,45 @@ CVE-2023-22273
CVE-2023-22272
RESERVED
CVE-2023-22271 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a W ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22270
RESERVED
CVE-2023-22269 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a r ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22268
RESERVED
CVE-2023-22267
RESERVED
CVE-2023-22266 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22265 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22264 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22263 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22262 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22261 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22260 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22259 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22258 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22257 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22256 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a U ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22255
RESERVED
CVE-2023-22254 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a r ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22253 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a r ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22252 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a r ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-22251
RESERVED
CVE-2023-22250
@@ -22934,7 +22934,7 @@ CVE-2022-47433
CVE-2022-47432
RESERVED
CVE-2022-47431 (Reflected Cross-Site Scripting (XSS) vulnerability in
Tussendoor inter ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47430
RESERVED
CVE-2022-47429
@@ -23832,7 +23832,7 @@ CVE-2022-47175
CVE-2022-47174
RESERVED
CVE-2022-47173 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in nasi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47172
RESERVED
CVE-2022-47171 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -23888,7 +23888,7 @@ CVE-2022-47147 (Cross-Site Request Forgery (CSRF)
vulnerability in Kesz1 Technol
CVE-2022-47146
RESERVED
CVE-2022-47145 (Reflected Cross-Site Scripting (XSS) vulnerability in
Blockonomics Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47144
RESERVED
CVE-2022-47143 (Cross-Site Request Forgery (CSRF) vulnerability in Themeisle
Multiple ...)
@@ -24663,7 +24663,7 @@ CVE-2022-46869
CVE-2022-46868
RESERVED
CVE-2022-46867 (Cross-Site Request Forgery (CSRF) vulnerability in Chasil
Universal St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46866
RESERVED
CVE-2022-46865
@@ -24689,7 +24689,7 @@ CVE-2022-46856
CVE-2022-46855
RESERVED
CVE-2022-46854 (Cross-Site Request Forgery (CSRF) vulnerability in Obox Themes
Launchp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-46853
RESERVED
CVE-2022-46852
@@ -25059,7 +25059,7 @@ CVE-2022-4324 (The Custom Field Template WordPress
plugin before 2.5.8 unseriali
CVE-2022-4323 (The Analyticator WordPress plugin before 6.5.6 unserializes
user input ...)
NOT-FOR-US: WordPress plugin
CVE-2018-25048 (The CODESYS runtime system in multiple versions allows an
remote low p ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2023-21673
RESERVED
CVE-2023-21672
@@ -26068,7 +26068,7 @@ CVE-2022-4273 (A vulnerability, which was classified as
critical, has been found
CVE-2022-4272 (A vulnerability, which was classified as critical, has been
found in F ...)
NOT-FOR-US: FeMiner wms
CVE-2022-45124 (An information disclosure vulnerability exists in the User
authenticat ...)
- TODO: check
+ NOT-FOR-US: WellinTech KingHistorian
CVE-2022-45115
RESERVED
CVE-2022-43665 (A denial of service vulnerability exists in the malware scan
functiona ...)
@@ -26144,9 +26144,9 @@ CVE-2023-21618
CVE-2023-21617
RESERVED
CVE-2023-21616 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a r ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21615 (Experience Manager versions 6.5.15.0 (and earlier) are
affected by a r ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-21614 (Adobe Acrobat Reader versions 22.003.20282 (and earlier),
22.003.20281 ...)
NOT-FOR-US: Adobe
CVE-2023-21613 (Adobe Acrobat Reader versions 22.003.20282 (and earlier),
22.003.20281 ...)
@@ -26482,7 +26482,7 @@ CVE-2022-46340 (A vulnerability was found in X.Org.
This security flaw occurs be
CVE-2022-46339
RESERVED
CVE-2022-4224 (In multiple products of CODESYS v3 in multiple versions a
remote low p ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-4223 (The pgAdmin server includes an HTTP API that is intended to be
used to ...)
- pgadmin4 <itp> (bug #834129)
CVE-2022-4222 (A vulnerability was found in SourceCodester Canteen Management
System. ...)
@@ -26666,7 +26666,7 @@ CVE-2022-44451
CVE-2022-43664
RESERVED
CVE-2022-43663 (An integer conversion vulnerability exists in the SORBAx64.dll
RecvPac ...)
- TODO: check
+ NOT-FOR-US: WellinTech KingHistorian
CVE-2022-43503
REJECTED
CVE-2022-43467
@@ -27819,7 +27819,7 @@ CVE-2022-45845
CVE-2022-45844
RESERVED
CVE-2022-45843 (Auth. (contributor+) Stored Cross-Site Scripting vulnerability
in Next ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45842 (Unauth. Race Condition vulnerability in WP ULike Plugin <=
4.6.4 on ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45841
@@ -27871,13 +27871,13 @@ CVE-2022-45819
CVE-2022-45818
RESERVED
CVE-2022-45817 (Cross-Site Scripting (XSS) vulnerability in Erin Garscadden GC
Testimo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45816 (Auth. Stored Cross-Site Scripting (XSS) vulnerability in GD
bbPress At ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45815
RESERVED
CVE-2022-45814 (Stored Cross-Site Scripting (XSS) vulnerability in Fabian von
Allmen W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45813
RESERVED
CVE-2022-45812
@@ -29122,39 +29122,39 @@ CVE-2023-21467
CVE-2023-21466
RESERVED
CVE-2023-21465 (Improper access control vulnerability in BixbyTouch prior to
version 3 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21464 (Improper access control in Samsung Calendar prior to versions
12.4.02. ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21463 (Improper access control vulnerability in MyFiles application
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21462 (The sensitive information exposure vulnerability in Quick
Share Agent ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21461 (Improper authorization vulnerability in
AutoPowerOnOffConfirmDialog in ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21460 (Improper authentication in SecSettings prior to SMR Mar-2023
Release 1 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21459 (Use after free vulnerability in decon driver prior to SMR
Mar-2023 Rel ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21458 (Improper privilege management vulnerability in
PhoneStatusBarPolicy in ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21457 (Improper access control vulnerability in Bluetooth prior to
SMR Mar-20 ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21456 (Path traversal vulnerability in Galaxy Themes Service prior to
SMR Mar ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21455 (Improper authorization implementation in Exynos baseband prior
to SMR ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21454 (Improper authorization in Samsung Keyboard prior to SMR
Mar-2023 Relea ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21453 (Improper input validation vulnerability in SoftSim TA prior to
SMR Mar ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21452 (Improper usage of implicit intent in Bluetooth prior to SMR
Mar-2023 R ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21451 (A Stack-based overflow vulnerability in IpcRxEmbmsSessionList
in SECRI ...)
NOT-FOR-US: Samsung
CVE-2023-21450 (Missing Authorization vulnerability in One Hand Operation +
prior to v ...)
NOT-FOR-US: Samsung
CVE-2023-21449 (Improper access control vulnerability in Call application
prior to SMR ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-21448 (Path traversal vulnerability in Samsung Cloud prior to version
5.3.0.3 ...)
NOT-FOR-US: Samsung
CVE-2023-21447 (Improper access control vulnerabilities in Samsung Cloud prior
to vers ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7871ef75c82dc2769f91d4cc1893cb91150876e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7871ef75c82dc2769f91d4cc1893cb91150876e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
