Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f3da1a22 by Salvatore Bonaccorso at 2023-04-26T22:38:07+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -212,7 +212,7 @@ CVE-2023-2275 CVE-2023-2274 RESERVED CVE-2023-2273 (Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer fr ...) - TODO: check + NOT-FOR-US: Rapid7 CVE-2023-2272 RESERVED CVE-2023-2271 @@ -2253,7 +2253,7 @@ CVE-2023-30548 (gatsby-plugin-sharp is a plugin for the gatsby framework which e CVE-2023-30547 (vm2 is a sandbox that can run untrusted code with whitelisted Node's b ...) NOT-FOR-US: Node vm2 CVE-2023-30546 (Contiki-NG is an operating system for Internet of Things devices. An o ...) - TODO: check + NOT-FOR-US: Contiki-NG CVE-2023-30545 (PrestaShop is an Open Source e-commerce web application. Prior to vers ...) NOT-FOR-US: PrestaShop CVE-2023-30544 (Kiwi TCMS is an open source test management system. In versions of Kiw ...) @@ -2971,15 +2971,15 @@ CVE-2023-30271 CVE-2023-30270 RESERVED CVE-2023-30269 (CLTPHP <=6.0 is vulnerable to Improper Input Validation via applica ...) - TODO: check + NOT-FOR-US: CLTPHP CVE-2023-30268 RESERVED CVE-2023-30267 (CLTPHP <=6.0 is vulnerable to Cross Site Scripting (XSS) via applic ...) - TODO: check + NOT-FOR-US: CLTPHP CVE-2023-30266 (CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dang ...) - TODO: check + NOT-FOR-US: CLTPHP CVE-2023-30265 (CLTPHP <=6.0 is vulnerable to Directory Traversal. ...) - TODO: check + NOT-FOR-US: CLTPHP CVE-2023-30264 RESERVED CVE-2023-30263 @@ -3085,11 +3085,11 @@ CVE-2023-30214 CVE-2023-30213 RESERVED CVE-2023-30212 (OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /cli ...) - TODO: check + NOT-FOR-US: OURPHP CVE-2023-30211 (OURPHP <= 7.2.0 is vulnerable to SQL Injection. ...) - TODO: check + NOT-FOR-US: OURPHP CVE-2023-30210 (OURPHP <= 7.2.0 is vulnerable to Cross Site Scripting (XSS) via our ...) - TODO: check + NOT-FOR-US: OURPHP CVE-2023-30209 RESERVED CVE-2023-30208 @@ -3285,7 +3285,7 @@ CVE-2023-30114 CVE-2023-30113 RESERVED CVE-2023-30112 (Medicine Tracker System in PHP 1.0.0 is vulnerable to SQL Injection. ...) - TODO: check + NOT-FOR-US: Medicine Tracker System in PHP CVE-2023-30111 (Medicine Tracker System in PHP 1.0.0 is vulnerable to Cross Site Scrip ...) NOT-FOR-US: Medicine Tracker System CVE-2023-30110 @@ -5427,7 +5427,7 @@ CVE-2023-29270 CVE-2023-29269 RESERVED CVE-2023-29268 (The Splus Server component of TIBCO Software Inc.'s TIBCO Spotfire Sta ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2023-29267 RESERVED CVE-2023-29266 @@ -18873,7 +18873,7 @@ CVE-2023-24798 (D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack CVE-2023-24797 (D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack over ...) NOT-FOR-US: D-Link CVE-2023-24796 (Password vulnerability found in Vinga WR-AC1200 81.102.1.4370 and befo ...) - TODO: check + NOT-FOR-US: Vinga CVE-2023-24795 (Command execution vulnerability was discovered in JHR-N916R router fir ...) NOT-FOR-US: JHR-N916R CVE-2023-24794 @@ -25355,9 +25355,9 @@ CVE-2023-22731 (Shopware is an open source commerce platform based on Symfony Fr CVE-2023-22730 (Shopware is an open source commerce platform based on Symfony Framewor ...) NOT-FOR-US: Shopware CVE-2023-22729 (Silverstripe Framework is the Model-View-Controller framework that pow ...) - TODO: check + NOT-FOR-US: Silverstripe CVE-2023-22728 (Silverstripe Framework is the Model-View-Controller framework that pow ...) - TODO: check + NOT-FOR-US: Silverstripe CVE-2023-22727 (CakePHP is a development framework for PHP web apps. In affected versi ...) NOT-FOR-US: CakePHP CVE-2023-22726 (act is a project which allows for local running of github actions. The ...) @@ -54092,7 +54092,7 @@ CVE-2022-39991 CVE-2022-39990 RESERVED CVE-2022-39989 (An issue was discovered in Fighting Cock Information System 1.0, which ...) - TODO: check + NOT-FOR-US: Fighting Cock Information System CVE-2022-39988 (A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows ...) - centreon-web <itp> (bug #913903) CVE-2022-39987 @@ -88101,9 +88101,9 @@ CVE-2022-27981 CVE-2022-27980 RESERVED CVE-2022-27979 (A cross-site scripting (XSS) vulnerability in ToolJet v1.6.0 allows at ...) - TODO: check + NOT-FOR-US: ToolJet CVE-2022-27978 (Tooljet v1.6 does not properly handle missing values in the API, allow ...) - TODO: check + NOT-FOR-US: ToolJet CVE-2022-27977 RESERVED CVE-2022-27976 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3da1a227f72f63ea4e3b479a2a656057e359fa7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3da1a227f72f63ea4e3b479a2a656057e359fa7 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits