Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ac9d301c by Salvatore Bonaccorso at 2023-05-04T23:11:16+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,17 +1,17 @@ CVE-2023-2524 (A vulnerability classified as critical has been found in Control iD RH ...) - TODO: check + NOT-FOR-US: Control iD RHiD CVE-2023-2523 (A vulnerability was found in Weaver E-Office 9.5. It has been rated as ...) - TODO: check + NOT-FOR-US: Weaver E-Office CVE-2023-2522 (A vulnerability was found in Chengdu VEC40G 3.0. It has been declared ...) - TODO: check + NOT-FOR-US: Chengdu VEC40G CVE-2023-2521 (A vulnerability was found in NEXTU NEXT-7004N 3.0.1. It has been class ...) - TODO: check + NOT-FOR-US: NEXTU NEXT-7004N CVE-2023-2520 (A vulnerability was found in Caton Prime 2.1.2.51.e8d7225049(202303031 ...) - TODO: check + NOT-FOR-US: Caton Prime CVE-2023-2519 (A vulnerability has been found in Caton CTP Relay Server 1.2.9 and cla ...) - TODO: check + NOT-FOR-US: Caton CTP Relay Server CVE-2017-20184 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: Carlo Gavazzi Powersoft CVE-2023-2468 (Inappropriate implementation in PictureInPicture in Google Chrome prio ...) {DSA-5398-1} - chromium 113.0.5672.63-1 @@ -298,7 +298,7 @@ CVE-2023-31286 (An issue was discovered in Serenity Serene (and StartSharp) befo CVE-2023-31285 (An XSS issue was discovered in Serenity Serene (and StartSharp) before ...) NOT-FOR-US: Serenity CVE-2023-31284 (illumos illumos-gate before 676abcb has a stack buffer overflow in /de ...) - TODO: check + NOT-FOR-US: illumos illumos-gate CVE-2023-31283 RESERVED CVE-2023-31282 @@ -2239,7 +2239,7 @@ CVE-2023-30621 (Gipsy is a multi-purpose discord bot which aim to be as modular CVE-2023-30620 (mindsdb is a Machine Learning platform to help developers build AI sol ...) NOT-FOR-US: mindsdb CVE-2023-30619 (Tuleap Open ALM is a Libre and Open Source tool for end to end traceab ...) - TODO: check + NOT-FOR-US: Tuleap CVE-2023-30618 (Kitchen-Terraform provides a set of Test Kitchen plugins which enable ...) NOT-FOR-US: Kitchen-Terraform CVE-2023-30617 @@ -2611,7 +2611,7 @@ CVE-2023-30552 (Archery is an open source SQL audit platform. The Archery projec CVE-2023-30551 RESERVED CVE-2023-30550 (MeterSphere is an open source continuous testing platform, covering fu ...) - TODO: check + NOT-FOR-US: MeterSphere CVE-2023-30549 (Apptainer is an open source container platform for Linux. There is an ...) - singularity-container <unfixed> (bug #1035026) NOTE: https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg @@ -3365,7 +3365,7 @@ CVE-2023-30270 CVE-2023-30269 (CLTPHP <=6.0 is vulnerable to Improper Input Validation via applicatio ...) NOT-FOR-US: CLTPHP CVE-2023-30268 (CLTPHP <=6.0 is vulnerable to Improper Input Validation.) - TODO: check + NOT-FOR-US: CLTPHP CVE-2023-30267 (CLTPHP <=6.0 is vulnerable to Cross Site Scripting (XSS) via applicati ...) NOT-FOR-US: CLTPHP CVE-2023-30266 (CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangero ...) @@ -3373,7 +3373,7 @@ CVE-2023-30266 (CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with D CVE-2023-30265 (CLTPHP <=6.0 is vulnerable to Directory Traversal.) NOT-FOR-US: CLTPHP CVE-2023-30264 (CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangero ...) - TODO: check + NOT-FOR-US: CLTPHP CVE-2023-30263 RESERVED CVE-2023-30262 @@ -3495,7 +3495,7 @@ CVE-2023-30205 (A stored cross-site scripting (XSS) vulnerability in DouPHP v1.7 CVE-2023-30204 (Judging Management System v1.0 was discovered to contain a SQL injecti ...) NOT-FOR-US: Judging Management System CVE-2023-30203 (Judging Management System v1.0 was discovered to contain a SQL injecti ...) - TODO: check + NOT-FOR-US: Judging Management System CVE-2023-30202 RESERVED CVE-2023-30201 @@ -3533,7 +3533,7 @@ CVE-2023-30186 CVE-2023-30185 RESERVED CVE-2023-30184 (A stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 al ...) - TODO: check + NOT-FOR-US: Typecho CVE-2023-30183 REJECTED NOT-FOR-US: Wangmarket CMS @@ -3708,13 +3708,13 @@ CVE-2023-30099 CVE-2023-30098 RESERVED CVE-2023-30097 (A stored cross-site scripting (XSS) vulnerability in TotalJS messenger ...) - TODO: check + NOT-FOR-US: TotalJS CVE-2023-30096 (A stored cross-site scripting (XSS) vulnerability in TotalJS messenger ...) - TODO: check + NOT-FOR-US: TotalJS CVE-2023-30095 (A stored cross-site scripting (XSS) vulnerability in TotalJS messenger ...) - TODO: check + NOT-FOR-US: TotalJS CVE-2023-30094 (A stored cross-site scripting (XSS) vulnerability in TotalJS Flow v10 ...) - TODO: check + NOT-FOR-US: TotalJS CVE-2023-30093 RESERVED CVE-2023-30092 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac9d301c6e036874ba812f63e7cc2fb7854c8d65 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac9d301c6e036874ba812f63e7cc2fb7854c8d65 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits