Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 755399ce by Salvatore Bonaccorso at 2023-04-19T22:26:39+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -847,7 +847,7 @@ CVE-2023-30613 CVE-2023-30612 (Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. Thi ...) TODO: check CVE-2023-30611 (Discourse-reactions is a plugin that allows user to add their reaction ...) - TODO: check + NOT-FOR-US: Discourse-reactions plugin CVE-2023-30610 (aws-sigv4 is a rust library for low level request signing in the aws c ...) TODO: check CVE-2023-30609 @@ -2597,11 +2597,11 @@ CVE-2023-29925 CVE-2023-29924 RESERVED CVE-2023-29923 (PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list jo ...) - TODO: check + NOT-FOR-US: PowerJob CVE-2023-29922 (PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the crea ...) - TODO: check + NOT-FOR-US: PowerJob CVE-2023-29921 (PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the crea ...) - TODO: check + NOT-FOR-US: PowerJob CVE-2023-29920 RESERVED CVE-2023-29919 @@ -3271,7 +3271,7 @@ CVE-2023-29588 CVE-2023-29587 RESERVED CVE-2023-29586 (Code Sector TeraCopy 3.9.7 does not perform proper access validation o ...) - TODO: check + NOT-FOR-US: Code Sector TeraCopy CVE-2023-29585 RESERVED CVE-2023-29584 (mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the ...) @@ -3937,7 +3937,7 @@ CVE-2023-1902 CVE-2023-1901 RESERVED CVE-2023-1900 (A vulnerability within the Avira network protection feature allowed an ...) - TODO: check + NOT-FOR-US: Norton CVE-2023-1899 RESERVED CVE-2023-1898 @@ -6088,11 +6088,11 @@ CVE-2023-28752 CVE-2023-1588 RESERVED CVE-2023-1587 (Avast and AVG Antivirus for Windows were susceptible to a NULL pointer ...) - TODO: check + NOT-FOR-US: Norton CVE-2023-1586 (Avast and AVG Antivirus for Windows were susceptible to a Time-of-chec ...) - TODO: check + NOT-FOR-US: Norton CVE-2023-1585 (Avast and AVG Antivirus for Windows were susceptible to a Time-of-chec ...) - TODO: check + NOT-FOR-US: Norton CVE-2023-1584 RESERVED NOT-FOR-US: Quarkus @@ -9474,9 +9474,9 @@ CVE-2023-27779 (AM Presencia v3.7.3 was discovered to contain a SQL injection vu CVE-2023-27778 RESERVED CVE-2023-27777 (Cross-site scripting (XSS) vulnerability was discovered in Online Jewe ...) - TODO: check + NOT-FOR-US: Online Jewelry Shop CVE-2023-27776 (A stored cross-site scripting (XSS) vulnerability in /index.php?page=c ...) - TODO: check + NOT-FOR-US: Online Jewelry Shop CVE-2023-27775 (A stored HTML injection vulnerability in LiveAction LiveSP v21.1.2 all ...) NOT-FOR-US: LiveAction LiveSP CVE-2023-27774 @@ -12365,7 +12365,7 @@ CVE-2023-26601 (Zoho ManageEngine ServiceDesk Plus through 14104, Asset Explorer CVE-2023-26600 (ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus MSP thro ...) NOT-FOR-US: Zoho ManageEngine CVE-2023-26599 (XSS vulnerability in TripleSign in Tripleplay Platform releases prior ...) - TODO: check + NOT-FOR-US: Tripleplay CVE-2023-26598 RESERVED CVE-2023-26588 (Use of hard-coded credentials vulnerability in Buffalo network devices ...) @@ -14805,9 +14805,9 @@ CVE-2023-0824 CVE-2023-0823 (The Cookie Notice & Compliance for GDPR / CCPA WordPress plugin be ...) NOT-FOR-US: WordPress plugin CVE-2023-25760 (Incorrect Access Control in Tripleplay Platform releases prior to Cave ...) - TODO: check + NOT-FOR-US: Tripleplay CVE-2023-25759 (OS Command Injection in TripleData Reporting Engine in Tripleplay Plat ...) - TODO: check + NOT-FOR-US: Tripleplay CVE-2023-25758 (Onekey Touch devices through 4.0.0 and Onekey Mini devices through 2.1 ...) NOT-FOR-US: Onekey CVE-2023-0822 (The affected product DIAEnergie (versions prior to v1.9.03.001) contai ...) @@ -15441,9 +15441,9 @@ CVE-2023-25622 CVE-2023-25621 (Privilege Escalation vulnerability in Apache Software Foundation Apach ...) NOT-FOR-US: Apache Sling CVE-2023-25620 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2023-25619 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...) - TODO: check + NOT-FOR-US: Schneider Electric CVE-2023-25618 (SAP NetWeaver Application Server for ABAP and ABAP Platform - versions ...) NOT-FOR-US: SAP CVE-2023-25617 (SAP Business Object (Adaptive Job Server) - versions 420, 430, allows ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/755399ceefba0d522543b93daae11a2fb69cf857 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/755399ceefba0d522543b93daae11a2fb69cf857 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits