Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f395d3b6 by Salvatore Bonaccorso at 2023-04-22T15:00:22+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -249,7 +249,7 @@ CVE-2023-30914 CVE-2023-30913 RESERVED CVE-2023-2240 (Improper Privilege Management in GitHub repository microweber/microweb ...) - TODO: check + NOT-FOR-US: microweber CVE-2023-2239 RESERVED CVE-2023-2238 @@ -267,15 +267,15 @@ CVE-2023-2233 CVE-2023-2232 RESERVED CVE-2023-2231 (A vulnerability, which was classified as critical, was found in MAXTEC ...) - TODO: check + NOT-FOR-US: MAXTECH CVE-2023-2230 RESERVED CVE-2023-2229 RESERVED CVE-2023-2228 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa ...) - TODO: check + NOT-FOR-US: Modoboa CVE-2023-2227 (Improper Authorization in GitHub repository modoboa/modoboa prior to 2 ...) - TODO: check + NOT-FOR-US: Modoboa CVE-2023-2226 (Due to insufficient validation in the PE and OLE parsers in Rapid7's V ...) TODO: check CVE-2023-2225 @@ -291,35 +291,35 @@ CVE-2023-2221 CVE-2022-4944 RESERVED CVE-2023-2220 (A vulnerability was found in Dream Technology mica up to 3.0.5. It has ...) - TODO: check + NOT-FOR-US: Dream Technology mica CVE-2023-2219 (A vulnerability was found in SourceCodester Task Reminder System 1.0 a ...) - TODO: check + NOT-FOR-US: SourceCodester Task Reminder System CVE-2023-2218 (A vulnerability has been found in SourceCodester Task Reminder System ...) - TODO: check + NOT-FOR-US: SourceCodester Task Reminder System CVE-2023-2217 (A vulnerability, which was classified as critical, was found in Source ...) - TODO: check + NOT-FOR-US: SourceCodester Task Reminder System CVE-2023-2216 (A vulnerability classified as problematic was found in Campcodes Coffe ...) - TODO: check + NOT-FOR-US: Campcodes Coffee Shop POS System CVE-2023-2215 (A vulnerability classified as critical has been found in Campcodes Cof ...) - TODO: check + NOT-FOR-US: Campcodes Coffee Shop POS System CVE-2023-2214 (A vulnerability was found in Campcodes Coffee Shop POS System 1.0. It ...) - TODO: check + NOT-FOR-US: Campcodes Coffee Shop POS System CVE-2023-2213 (A vulnerability was found in Campcodes Coffee Shop POS System 1.0. It ...) - TODO: check + NOT-FOR-US: Campcodes Coffee Shop POS System CVE-2023-2212 (A vulnerability was found in Campcodes Coffee Shop POS System 1.0. It ...) - TODO: check + NOT-FOR-US: Campcodes Coffee Shop POS System CVE-2023-2211 (A vulnerability was found in Campcodes Coffee Shop POS System 1.0 and ...) - TODO: check + NOT-FOR-US: Campcodes Coffee Shop POS System CVE-2023-2210 (A vulnerability has been found in Campcodes Coffee Shop POS System 1.0 ...) - TODO: check + NOT-FOR-US: Campcodes Coffee Shop POS System CVE-2023-2209 (A vulnerability, which was classified as critical, was found in Campco ...) - TODO: check + NOT-FOR-US: Campcodes Coffee Shop POS System CVE-2023-2208 (A vulnerability, which was classified as critical, has been found in C ...) - TODO: check + NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store CVE-2023-2207 (A vulnerability classified as critical was found in Campcodes Retro Ba ...) - TODO: check + NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store CVE-2023-2206 (A vulnerability classified as critical has been found in Campcodes Ret ...) - TODO: check + NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store CVE-2023-2205 (A vulnerability was found in Campcodes Retro Basketball Shoes Online S ...) NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store CVE-2023-2204 (A vulnerability was found in Campcodes Retro Basketball Shoes Online S ...) @@ -701,9 +701,9 @@ CVE-2023-2142 CVE-2023-2141 (An unsafe .NET object deserialization in DELMIA Apriso Release 2017 th ...) TODO: check CVE-2023-2140 (A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2 ...) - TODO: check + NOT-FOR-US: DELMIA Apriso CVE-2023-2139 (A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso ...) - TODO: check + NOT-FOR-US: DELMIA Apriso CVE-2022-4942 (A vulnerability was found in mportuga eslint-detailed-reporter up to 0 ...) NOT-FOR-US: eslint-detailed-reporter CVE-2022-48475 @@ -809,7 +809,7 @@ CVE-2023-2120 (The Thumbnail carousel slider plugin for WordPress is vulnerable CVE-2023-2119 (The Responsive Filterable Portfolio plugin for WordPress is vulnerable ...) NOT-FOR-US: Responsive Filterable Portfolio plugin for WordPress CVE-2023-2118 (Insufficient access control in support ticket feature in Devolutions S ...) - TODO: check + NOT-FOR-US: Devolutions CVE-2023-2117 RESERVED CVE-2023-2116 @@ -2991,7 +2991,7 @@ CVE-2023-29926 (PowerJob V4.3.2 has unauthorized interface that causes remote co CVE-2023-29925 RESERVED CVE-2023-29924 (PowerJob V4.3.1 is vulnerable to Incorrect Access Control that allows ...) - TODO: check + NOT-FOR-US: PowerJob CVE-2023-29923 (PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list jo ...) NOT-FOR-US: PowerJob CVE-2023-29922 (PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the crea ...) @@ -3005,31 +3005,31 @@ CVE-2023-29919 CVE-2023-29918 RESERVED CVE-2023-29917 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29916 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29915 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29914 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29913 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29912 (H3C Magic R200 R200V100R004 was discovered to contain a stack overflow ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29911 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29910 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29909 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29908 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29907 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29906 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29905 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) - TODO: check + NOT-FOR-US: H3C CVE-2023-29904 RESERVED CVE-2023-29903 @@ -3693,7 +3693,7 @@ CVE-2023-29577 CVE-2023-29576 (Bento4 v1.6.0-639 was discovered to contain a segmentation violation v ...) NOT-FOR-US: Bento4 CVE-2023-29575 (Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in th ...) - TODO: check + NOT-FOR-US: Bento4 CVE-2023-29574 (Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in th ...) NOT-FOR-US: Bento4 CVE-2023-29573 (Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in th ...) @@ -14238,9 +14238,9 @@ CVE-2023-0921 CVE-2022-48330 RESERVED CVE-2023-26101 (In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user ...) - TODO: check + NOT-FOR-US: Progress Flowmon Packet Investigator CVE-2023-26100 (In Progress Flowmon before 12.2.0, an application endpoint failed to s ...) - TODO: check + NOT-FOR-US: Progress Flowmon CVE-2023-26099 RESERVED CVE-2023-26098 @@ -16277,15 +16277,15 @@ CVE-2023-25511 (NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerabili CVE-2023-25510 (NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer ...) TODO: check CVE-2023-25509 (NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to ...) - TODO: check + NOT-FOR-US: NVIDIA DGX-1 SBIOS CVE-2023-25508 (NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where a ...) - TODO: check + NOT-FOR-US: NVIDIA DGX-1 BMC CVE-2023-25507 (NVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where a ...) - TODO: check + NOT-FOR-US: NVIDIA DGX-1 BMC CVE-2023-25506 (NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a pr ...) - TODO: check + NOT-FOR-US: NVIDIA DGX-1 CVE-2023-25505 (NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the A ...) - TODO: check + NOT-FOR-US: NVIDIA DGX-1 BMC CVE-2023-25504 (A malicious actor who has been authenticated and granted specific perm ...) NOT-FOR-US: Apache Superset CVE-2023-25503 @@ -23492,25 +23492,25 @@ CVE-2023-22328 CVE-2023-22289 RESERVED CVE-2023-0209 (NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, ...) - TODO: check + NOT-FOR-US: NVIDIA DGX-1 SBIOS CVE-2023-0208 (NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server c ...) NOT-FOR-US: NVIDIA DCGM for Linux CVE-2023-0207 (NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modi ...) - TODO: check + NOT-FOR-US: NVIDIA DGX-2 SBIOS CVE-2023-0206 (NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may m ...) - TODO: check + NOT-FOR-US: NVIDIA DGX A100 SBIOS CVE-2023-0205 (NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerabilit ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2023-0204 (NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerabilit ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2023-0203 (NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerabilit ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2023-0202 (NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may m ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2023-0201 (NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2023-0200 (NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high p ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2023-0199 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...) - nvidia-open-gpu-kernel-modules 525.105.17-1 (bug #1033783) - nvidia-graphics-drivers-tesla 525.105.17-1 (bug #1033782) @@ -25943,7 +25943,7 @@ CVE-2022-48152 (SQL Injection vulnerability in RemoteClinic 2.0 allows attackers CVE-2022-48151 RESERVED CVE-2022-48150 (Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS ...) - TODO: check + NOT-FOR-US: Shopware CVE-2022-48149 (Online Student Admission System in PHP Free Source Code 1.0 was discov ...) NOT-FOR-US: Online Student Admission System in PHP Free Source Code CVE-2022-48148 @@ -29456,7 +29456,7 @@ CVE-2022-47511 CVE-2022-47510 RESERVED CVE-2022-47509 (The SolarWinds Platform was susceptible to the Incorrect Input Neutral ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2022-47508 (Customers who had configured their polling to occur via Kerberos did n ...) NOT-FOR-US: SolarWinds CVE-2022-47507 (SolarWinds Platform was susceptible to the Deserialization of Untruste ...) @@ -29464,7 +29464,7 @@ CVE-2022-47507 (SolarWinds Platform was susceptible to the Deserialization of Un CVE-2022-47506 (SolarWinds Platform was susceptible to the Directory Traversal Vulnera ...) NOT-FOR-US: SolarWinds CVE-2022-47505 (The SolarWinds Platform was susceptible to the Local Privilege Escalat ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2022-47504 (SolarWinds Platform was susceptible to the Deserialization of Untruste ...) NOT-FOR-US: SolarWinds CVE-2022-47503 (SolarWinds Platform was susceptible to the Deserialization of Untruste ...) @@ -61843,7 +61843,7 @@ CVE-2022-36965 (Insufficient sanitization of inputs in QoE application input fie CVE-2022-36964 (SolarWinds Platform was susceptible to the Deserialization of Untruste ...) NOT-FOR-US: SolarWinds CVE-2022-36963 (The SolarWinds Platform was susceptible to the Command Injection Vulne ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2022-36962 (SolarWinds Platform was susceptible to Command Injection. This vulnera ...) NOT-FOR-US: SolarWinds CVE-2022-36961 (A vulnerable component of Orion Platform was vulnerable to SQL Injecti ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f395d3b64cf1e728bb51433d30c88063c6d1649c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f395d3b64cf1e728bb51433d30c88063c6d1649c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits