Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d14d37ab by Salvatore Bonaccorso at 2023-06-15T08:50:09+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -69,7 +69,7 @@ CVE-2023-34585 CVE-2023-34540 (Langchain 0.0.171 is vulnerable to Arbitrary Code Execution.) TODO: check CVE-2023-34367 (Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The v ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-34101 (Contiki-NG is an operating system for internet of things devices. In v ...) NOT-FOR-US: Contiki-NG CVE-2023-32465 (Dell Power Protect Cyber Recovery, contains an Authentication Bypass v ...) @@ -279,11 +279,11 @@ CVE-2023-34114 (Exposure of resource to wrong sphere in Zoom for Windows and Zoo CVE-2023-34113 (Insufficient verification of data authenticity in Zoom for Windows cl ...) NOT-FOR-US: Zoom CVE-2023-33921 (A vulnerability has been identified in CP-8031 MASTER MODULE (All vers ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-33920 (A vulnerability has been identified in CP-8031 MASTER MODULE (All vers ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-33919 (A vulnerability has been identified in CP-8031 MASTER MODULE (All vers ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-33695 (Hutool v5.8.17 and below was discovered to contain an information disc ...) NOT-FOR-US: Hutool CVE-2023-33621 (GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication ...) @@ -303,7 +303,7 @@ CVE-2023-33122 (A vulnerability has been identified in JT2Go (All versions < V14 CVE-2023-33121 (A vulnerability has been identified in JT2Go (All versions < V14.2.0.3 ...) NOT-FOR-US: Siemens CVE-2023-32548 (OS command injection vulnerability exists in WPS Office version 10.8.0 ...) - TODO: check + NOT-FOR-US: WPS Office CVE-2023-32546 (Code injection vulnerability exists in Chatwork Desktop Application (M ...) NOT-FOR-US: Chatwork Desktop Application CVE-2023-31541 (A unrestricted file upload vulnerability was discovered in the \u2018B ...) @@ -319,7 +319,7 @@ CVE-2023-31198 (OS command injection vulnerability exists in Wi-Fi AP UNIT allow CVE-2023-31196 (Missing authentication for critical function in Wi-Fi AP UNIT allows a ...) TODO: check CVE-2023-31195 (ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 use ...) - TODO: check + NOT-FOR-US: ASUS Router RT-AX3000 Firmware CVE-2023-30766 (Hidden functionality issue exists in KB-AHR series and KB-IRIP series. ...) TODO: check CVE-2023-30764 (OS command injection vulnerability exists in KB-AHR series and KB-IRIP ...) @@ -327,15 +327,15 @@ CVE-2023-30764 (OS command injection vulnerability exists in KB-AHR series and K CVE-2023-30762 (Improper authentication vulnerability exists in KB-AHR series and KB-I ...) TODO: check CVE-2023-2807 (Authentication Bypass by Spoofing vulnerability in the password reset ...) - TODO: check + NOT-FOR-US: Pandora FMS CVE-2023-29501 (Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, an ...) - TODO: check + NOT-FOR-US: Jiyu Kukan Toku-Toku coupon App for iOS CVE-2023-29498 (Improper restriction of XML external entity reference (XXE) vulnerabil ...) - TODO: check + NOT-FOR-US: FRENIC RHC Loader CVE-2023-29167 (Out-of-bound reads vulnerability exists in FRENIC RHC Loader v1.1.0.3. ...) - TODO: check + NOT-FOR-US: FRENIC RHC Loader CVE-2023-29160 (Stack-based buffer overflow vulnerability exists in FRENIC RHC Loader ...) - TODO: check + NOT-FOR-US: FRENIC RHC Loader CVE-2023-XXXX [Parsing of KeyInfo elements can cause remote resource access] - xmltooling <unfixed> (bug #1037948) NOTE: https://shibboleth.net/community/advisories/secadv_20230612.txt View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d14d37ab70123a977d468385ba8e27595d4f5ee7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d14d37ab70123a977d468385ba8e27595d4f5ee7 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits