Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
175dbee3 by Moritz Muehlenhoff at 2023-06-16T13:58:07+02:00
NFus
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -132,15 +132,15 @@ CVE-2023-3240 (A vulnerability has been found in OTCMS up
to 6.62 and classified
CVE-2023-3239 (A vulnerability, which was classified as problematic, was found
in OTC ...)
NOT-FOR-US: OTCMS
CVE-2023-3040 (A debug function in the lua-resty-json package, up to commit id
3ef949 ...)
- TODO: check
+ NOT-FOR-US: lua-resty-json
CVE-2023-3036 (An unchecked read in NTP server in github.com/cloudflare/cfnts
prior t ...)
- TODO: check
+ NOT-FOR-US: cfnts
CVE-2023-35116 (An issue was discovered jackson-databind thru 2.15.2 allows
attackers ...)
- jackson-databind <unfixed>
[buster] - jackson-databind <no-dsa> (Minor issue)
NOTE: https://github.com/FasterXML/jackson-databind/issues/3972
CVE-2023-35110 (An issue was discovered jjson thru 0.1.7 allows attackers to
cause a d ...)
- TODO: check
+ NOT-FOR-US: jjson
CVE-2023-34878 (An issue was discovered in Ujcms v6.0.2 allows attackers to
gain sensi ...)
NOT-FOR-US: Ujcms
CVE-2023-34868 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an
Assertio ...)
@@ -196,7 +196,7 @@ CVE-2023-34609 (An issue was discovered flexjson thru 3.3
allows attackers to ca
CVE-2023-34585
REJECTED
CVE-2023-34540 (Langchain 0.0.171 is vulnerable to Arbitrary Code Execution.)
- TODO: check
+ NOT-FOR-US: Langchain
CVE-2023-34367 (Windows 7 is vulnerable to a full blind TCP/IP hijacking
attack. The v ...)
NOT-FOR-US: Microsoft
CVE-2023-34101 (Contiki-NG is an operating system for internet of things
devices. In v ...)
@@ -9761,7 +9761,7 @@ CVE-2023-29358 (Windows GDI Elevation of Privilege
Vulnerability)
CVE-2023-29357 (Microsoft SharePoint Server Elevation of Privilege
Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-29356 (Microsoft ODBC Driver for SQL Server Remote Code Execution
Vulnerabili ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-29355 (DHCP Server Service Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-29354 (Microsoft Edge (Chromium-based) Security Feature Bypass
Vulnerability)
@@ -9775,7 +9775,7 @@ CVE-2023-29351 (Windows Group Policy Elevation of
Privilege Vulnerability)
CVE-2023-29350 (Microsoft Edge (Chromium-based) Elevation of Privilege
Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-29349 (Microsoft ODBC and OLE DB Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-29348
RESERVED
CVE-2023-29347
@@ -11587,7 +11587,7 @@ CVE-2023-28812
CVE-2023-28811
RESERVED
CVE-2023-28810 (Some access control/intercom products have unauthorized
modification o ...)
- TODO: check
+ NOT-FOR-US: hikvison
CVE-2023-28809 (Some access control products are vulnerable to a session
hijacking att ...)
NOT-FOR-US: hikvision
CVE-2023-28808 (Some Hikvision Hybrid SAN/Cluster Storage products have an
access cont ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/175dbee3c33a605d6f28a9cc79b4755eb87d328d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/175dbee3c33a605d6f28a9cc79b4755eb87d328d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
