Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 14973751 by Moritz Muehlenhoff at 2023-04-12T13:01:46+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -3939,9 +3939,9 @@ CVE-2022-48431 (In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle a CVE-2022-48430 (In JetBrains IntelliJ IDEA before 2023.1 file content could be disclos ...) - intellij-idea <itp> (bug #747616) CVE-2021-46879 (An issue was discovered in Treasure Data Fluent Bit 1.7.1, a wrong var ...) - TODO: check + NOT-FOR-US: Treasure Data Fluent Bit CVE-2021-46878 (An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous p ...) - TODO: check + NOT-FOR-US: Treasure Data Fluent Bit CVE-2023-28958 RESERVED CVE-2023-28957 @@ -4837,7 +4837,7 @@ CVE-2023-1554 CVE-2023-1553 RESERVED CVE-2023-1552 (ToolboxST prior to version 7.10 is affected by a deserialization vulne ...) - TODO: check + NOT-FOR-US: ToolboxST CVE-2023-28709 RESERVED CVE-2023-28708 (When using the RemoteIpFilter with requests received from a reverse pr ...) @@ -5928,7 +5928,7 @@ CVE-2023-22441 CVE-2023-22361 RESERVED CVE-2023-22282 (WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquote ...) - TODO: check + NOT-FOR-US: WAB-MAT CVE-2023-1420 RESERVED CVE-2023-1419 @@ -10257,7 +10257,7 @@ CVE-2023-26921 (OS Command Injection vulnerability in quectel AG550QCN allows at CVE-2023-26920 RESERVED CVE-2023-26919 (delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escap ...) - TODO: check + NOT-FOR-US: delight-nashorn-sandbox CVE-2023-26918 RESERVED CVE-2023-26917 (libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL poin ...) @@ -10402,11 +10402,11 @@ CVE-2023-26849 CVE-2023-26848 (TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a co ...) NOT-FOR-US: TOTOLINK CVE-2023-26847 (A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 a ...) - TODO: check + NOT-FOR-US: OpenCATS CVE-2023-26846 (A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 a ...) - TODO: check + NOT-FOR-US: OpenCATS CVE-2023-26845 (A Cross-Site Request Forgery (CSRF) in OpenCATS 0.9.7 allows attackers ...) - TODO: check + NOT-FOR-US: OpenCATS CVE-2023-26844 RESERVED CVE-2023-26843 @@ -11277,7 +11277,7 @@ CVE-2023-26497 (An issue was discovered in Samsung Baseband Modem Chipset for Ex CVE-2023-26496 (An issue was discovered in Samsung Baseband Modem Chipset for Exynos M ...) NOT-FOR-US: Samsung CVE-2023-26495 (An issue was discovered in Open Design Alliance Drawings SDK before 20 ...) - TODO: check + NOT-FOR-US: Open Design Alliance Drawings SDK CVE-2023-26494 RESERVED CVE-2023-26493 (Cocos Engine is an open-source framework for building 2D & 3D real ...) @@ -11346,9 +11346,9 @@ CVE-2023-26469 CVE-2023-26468 (Cerebrate 1.12 does not properly consider organisation_id during creat ...) NOT-FOR-US: Cerebrate CVE-2023-26467 (A man in the middle can redirect traffic to a malicious server in a co ...) - TODO: check + NOT-FOR-US: RPA: Synchronization Engine CVE-2023-26466 (A user with non-Admin access can change a configuration file on the cl ...) - TODO: check + NOT-FOR-US: RPA: Synchronization Engine CVE-2023-26465 RESERVED CVE-2023-25944 @@ -11858,7 +11858,7 @@ CVE-2023-26314 (The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arb [bullseye] - mono <no-dsa> (Minor issue; will be fixed via point release) NOTE: https://www.openwall.com/lists/oss-security/2023/01/05/1 CVE-2023-26293 (A vulnerability has been identified in TIA Portal V15 (All versions), ...) - TODO: check + NOT-FOR-US: TIA Portal V15 CVE-2023-26292 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) NOT-FOR-US: Forcepoint CVE-2023-26291 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/149737510088229d863ce86501a1957b9fe7f384 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/149737510088229d863ce86501a1957b9fe7f384 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits