Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9bacd814 by Salvatore Bonaccorso at 2023-05-02T23:20:11+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,25 +1,25 @@ CVE-2023-32007 (** UNSUPPORTED WHEN ASSIGNED ** The Apache Spark UI offers the possibi ...) - apache-spark <itp> (bug #802194) CVE-2023-31435 (Multiple components (such as Onlinetemplate-Verwaltung, Liste aller Te ...) - TODO: check + NOT-FOR-US: evasys CVE-2023-31434 (The parameters nutzer_titel, nutzer_vn, and nutzer_nn in the user prof ...) - TODO: check + NOT-FOR-US: evasys CVE-2023-31433 (A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9 ...) - TODO: check + NOT-FOR-US: evasys CVE-2023-2479 (OS Command Injection in GitHub repository appium/appium-desktop prior ...) TODO: check CVE-2023-2477 (A vulnerability was found in Funadmin up to 3.2.3. It has been declare ...) - TODO: check + NOT-FOR-US: Funadmin CVE-2023-2476 (A vulnerability was found in Dromara J2eeFAST up to 2.6.0. It has been ...) - TODO: check + NOT-FOR-US: Dromara J2eeFAST CVE-2023-2475 (A vulnerability was found in Dromara J2eeFAST up to 2.6.0 and classifi ...) - TODO: check + NOT-FOR-US: Dromara J2eeFAST CVE-2023-2474 (A vulnerability has been found in Rebuild 3.2 and classified as proble ...) - TODO: check + NOT-FOR-US: Rebuild CVE-2023-2473 (A vulnerability was found in Dreamer CMS up to 4.1.3. It has been decl ...) - TODO: check + NOT-FOR-US: Dreamer CMS CVE-2023-2445 (Improper access control in Subscriptions Folder path filter in Devolut ...) - TODO: check + NOT-FOR-US: Devolutions CVE-2022-48483 (3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthentica ...) NOT-FOR-US: 3CX CVE-2022-48482 (3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows all ...) @@ -1372,7 +1372,7 @@ CVE-2023-30871 CVE-2023-30870 RESERVED CVE-2023-30869 (Improper Authentication vulnerability in Easy Digital Downloads plugin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-30868 RESERVED CVE-2023-30867 @@ -2622,7 +2622,7 @@ CVE-2023-2002 CVE-2023-2001 RESERVED CVE-2023-2000 (Mattermost Desktop App fails to validate a mattermost server redirecti ...) - TODO: check + NOT-FOR-US: Mattermost Desktop App CVE-2023-1999 RESERVED {DSA-5392-1 DSA-5385-1 DLA-3400-1 DLA-3391-1} @@ -3023,7 +3023,7 @@ CVE-2023-30405 (A cross-site scripting (XSS) vulnerability in Aigital Wireless-N CVE-2023-30404 (Aigital Wireless-N Repeater Mini_Router v0.131229 was discovered to co ...) NOT-FOR-US: Aigital Wireless-N Repeater Mini_Router CVE-2023-30403 (An issue in the time-based authentication mechanism of Aigital Aigital ...) - TODO: check + NOT-FOR-US: Aigital CVE-2023-30402 (YASM v1.3.0 was discovered to contain a heap overflow via the function ...) - yasm <unfixed> (unimportant) NOTE: https://github.com/yasm/yasm/issues/206 @@ -3997,7 +3997,7 @@ CVE-2023-29920 CVE-2023-29919 RESERVED CVE-2023-29918 (RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Modul ...) - TODO: check + NOT-FOR-US: RosarioSIS CVE-2023-29917 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) NOT-FOR-US: H3C CVE-2023-29916 (H3C Magic R200 version R200V100R004 was discovered to contain a stack ...) @@ -4121,7 +4121,7 @@ CVE-2023-29858 CVE-2023-29857 RESERVED CVE-2023-29856 (D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerab ...) - TODO: check + NOT-FOR-US: D-Link CVE-2023-29855 (WBCE CMS 1.5.3 has a command execution vulnerability via admin/languag ...) NOT-FOR-US: WBCE CMS CVE-2023-29854 (DirCMS 6.0.0 has a Cross Site Scripting (XSS) vulnerability in the for ...) @@ -4277,7 +4277,7 @@ CVE-2023-29780 (Third Reality Smart Blind 1.00.54 contains a denial-of-service v CVE-2023-29779 (Sengled Dimmer Switch V0.0.9 contains a denial of service (DOS) vulner ...) NOT-FOR-US: Sengled Dimmer Switch CVE-2023-29778 (GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection v ...) - TODO: check + NOT-FOR-US: GL.iNET CVE-2023-29777 RESERVED CVE-2023-29776 @@ -4289,7 +4289,7 @@ CVE-2023-29774 (Dreamer CMS 3.0.1 is vulnerable to stored Cross Site Scripting ( CVE-2023-29773 RESERVED CVE-2023-29772 (A Cross-site scripting (XSS) vulnerability in the System Log/General L ...) - TODO: check + NOT-FOR-US: ASUS CVE-2023-29771 RESERVED CVE-2023-29770 @@ -10731,7 +10731,7 @@ CVE-2023-1198 (Improper Neutralization of Special Elements used in an SQL Comman CVE-2023-1197 (Cross-site Scripting (XSS) - Stored in GitHub repository uvdesk/commun ...) NOT-FOR-US: UVdesk CVE-2023-1196 (The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x be ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-1195 RESERVED - linux 6.1.4-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bacd8143606b0c1d52db10bc262b9e52f871cb4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bacd8143606b0c1d52db10bc262b9e52f871cb4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits