Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e180492a by Salvatore Bonaccorso at 2023-04-11T12:28:10+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2339,7 +2339,7 @@ CVE-2023-29400 CVE-2023-1904 RESERVED CVE-2023-1903 (SAP HCM Fiori App My Forms (Fiori 2.0) - version 605, does not perform ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-1902 RESERVED CVE-2023-1901 @@ -2998,15 +2998,15 @@ CVE-2023-29191 CVE-2023-29190 RESERVED CVE-2023-29189 (SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105, 106, 107, ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-29188 RESERVED CVE-2023-29187 (A Windows user with basic user authorization can exploit a DLL hijacki ...) TODO: check CVE-2023-29186 (In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an att ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-29185 (SAP NetWeaver AS for ABAP (Business Server Pages) - versions 700, 701, ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-29184 RESERVED CVE-2023-29183 @@ -3198,15 +3198,15 @@ CVE-2023-29114 CVE-2023-29113 RESERVED CVE-2023-29112 (The SAP Application Interface (Message Monitoring) - versions 600, 700 ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-29111 (The SAP AIF (ODATA service) - versions 755, 756, discloses more detail ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-29110 (The SAP Application Interface (Message Dashboard) - versions AIF 703, ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-29109 (The SAP Application Interface Framework (Message Dashboard) - versions ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-29108 (The IP filter in ABAP Platform and SAP Web Dispatcher - versions WEBDI ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-29107 RESERVED CVE-2023-29106 @@ -4412,15 +4412,15 @@ CVE-2023-XXXX [RUSTSEC-2022-0092] - rust-rmp-serde 1.1.1-1 NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0092.html CVE-2023-28765 (An attacker with basic privileges in SAP BusinessObjects Business Inte ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-28764 RESERVED CVE-2023-28763 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-28762 RESERVED CVE-2023-28761 (In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-28760 RESERVED CVE-2023-28759 (An issue was discovered in Veritas NetBackup before 10.0. A vulnerabil ...) @@ -7331,7 +7331,7 @@ CVE-2023-27899 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a tem CVE-2023-27898 (Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.37 ...) - jenkins <removed> CVE-2023-27897 (In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is auth ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-27896 (In SAP BusinessObjects Business Intelligence Platform - version 420, 4 ...) NOT-FOR-US: SAP CVE-2023-27895 (SAP Authenticator for Android - version 1.3.0, allows the screen to be ...) @@ -8546,11 +8546,11 @@ CVE-2023-27501 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, CVE-2023-27500 (An attacker with non-administrative authorizations can exploit a direc ...) NOT-FOR-US: SAP CVE-2023-27499 (SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.547.77, 7.81, 7.85, 7 ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-27498 (SAP Host Agent (SAPOSCOL) - version 7.22, allows an unauthenticated at ...) NOT-FOR-US: SAP CVE-2023-27497 (Due to missing authentication and input sanitization of code the Event ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-27393 RESERVED CVE-2023-27386 @@ -9216,7 +9216,7 @@ CVE-2023-27269 (SAP NetWeaver Application Server for ABAP and ABAP Platform - ve CVE-2023-27268 (SAP NetWeaver AS Java (Object Analyzing Service) - version 7.50, does ...) NOT-FOR-US: SAP CVE-2023-27267 (Due to missing authentication and insufficient input validation, the O ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-27266 (Mattermost fails to honor the ShowEmailAddress setting when constructi ...) - mattermost-server <itp> (bug #823556) CVE-2023-27265 (Mattermost fails to honor the ShowEmailAddress setting when constructi ...) @@ -9705,7 +9705,7 @@ CVE-2023-27078 (A command injection issue was found in TP-Link MR3020 v.1_150921 CVE-2023-27077 (Stack Overflow vulnerability found in 360 D901 allows a remote attacke ...) NOT-FOR-US: 360 D901 CVE-2023-27076 (Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows a ...) - TODO: check + NOT-FOR-US: Tenda CVE-2023-27075 RESERVED CVE-2023-27074 (BP Monitoring Management System v1.0 was discovered to contain a SQL i ...) @@ -11209,7 +11209,7 @@ CVE-2023-26460 (Cache Management Service in SAP NetWeaver Application Server for CVE-2023-26459 (Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP P ...) NOT-FOR-US: SAP CVE-2023-26458 (An information disclosure vulnerability exists in SAP Landscape Manage ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-26457 (SAP Content Server - version 7.53, does not sufficiently encode user-c ...) NOT-FOR-US: SAP CVE-2023-26456 @@ -16893,7 +16893,7 @@ CVE-2023-24529 (Due to lack of proper input validation, BSP application (CRM_BSP CVE-2023-24528 (SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - ...) NOT-FOR-US: SAP CVE-2023-24527 (SAP NetWeaver AS Java for Deploy Service - version 7.5, does not perfo ...) - TODO: check + NOT-FOR-US: SAP CVE-2023-24526 (SAP NetWeaver Application Server Java for Classload Service - version ...) NOT-FOR-US: SAP CVE-2023-24525 (SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e180492a9fde7d3b7ac6c511a2820e9d00702975 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e180492a9fde7d3b7ac6c511a2820e9d00702975 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits