Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: e5cecbd4 by Moritz Muehlenhoff at 2023-07-14T16:25:10+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -255,7 +255,7 @@ CVE-2023-3106 (A NULL pointer dereference vulnerability was found in netlink_dum - linux 4.8.5-1 NOTE: https:/git.kernel.org/linus/1ba5bf993c6a3142e18e68ea6452b347f9cb5635 (4.8-rc7) CVE-2023-38069 (In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be sup ...) - TODO: check + - intellij-idea <itp> (bug #747616) CVE-2023-38068 (In JetBrains YouTrack before 2023.1.16597 captcha was not properly val ...) NOT-FOR-US: JetBrains YouTrack CVE-2023-38067 (In JetBrains TeamCity before 2023.05.1 build parameters of the "passwo ...) @@ -11122,7 +11122,7 @@ CVE-2023-30228 CVE-2023-30227 RESERVED CVE-2023-30226 (An issue was discovered in function get_gnu_verneed in rizinorg Rizin ...) - TODO: check + NOT-FOR-US: Rizin CVE-2023-30225 RESERVED CVE-2023-30224 @@ -11277,7 +11277,7 @@ CVE-2023-30153 CVE-2023-30152 RESERVED CVE-2023-30151 (A SQL injection vulnerability in the Boxtal (envoimoinscher) module fo ...) - TODO: check + NOT-FOR-US: PrestaShop module CVE-2023-30150 (PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection ...) NOT-FOR-US: PrestaShop leocustomajax CVE-2023-30149 (SQL injection vulnerability in the City Autocomplete (cityautocomplete ...) @@ -11619,7 +11619,7 @@ CVE-2023-29986 (spring-boot-actuator-logview 0.2.13 allows Directory Traversal t CVE-2023-29985 (Sourcecodester Student Study Center Desk Management System v1.0 admin\ ...) NOT-FOR-US: Sourcecodester CVE-2023-29984 (Null pointer dereference vulnerability exists in multiple vendors MFPs ...) - TODO: check + NOT-FOR-US: Fujufilm CVE-2023-29983 (Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8. ...) NOT-FOR-US: Maximilian Vogt cmaps CVE-2023-29982 @@ -13117,7 +13117,7 @@ CVE-2023-29415 (An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A d NOTE: https://github.com/kspalaiologos/bzip3/issues/95 NOTE: https://github.com/kspalaiologos/bzip3/commit/56c24ca1f8f25e648d42154369b6962600f76465 (1.3.0) CVE-2023-29414 (A CWE-120: Buffer Copy without Checking Size of Input (Classic Buffer ...) - TODO: check + NOT-FOR-US: Schneider CVE-2023-29413 (A CWE-306: Missing Authentication for Critical Function vulnerability ...) NOT-FOR-US: Schneider CVE-2023-29412 (A CWE-78: Improper Handling of Case Sensitivity vulnerability exists t ...) @@ -13221,9 +13221,9 @@ CVE-2023-1904 CVE-2023-1903 (SAP HCM Fiori App My Forms (Fiori 2.0) - version 605, does not perform ...) NOT-FOR-US: SAP CVE-2023-1902 (The bluetooth HCI host layer logic not clearing a global reference to ...) - TODO: check + NOT-FOR-US: Zephyr CVE-2023-1901 (The bluetooth HCI host layer logic not clearing a global reference to ...) - TODO: check + NOT-FOR-US: Zephyr CVE-2023-1900 (A vulnerability within the Avira network protection feature allowed an ...) NOT-FOR-US: Norton CVE-2023-1899 (Atlas Copco Power Focus 6000 web server is not a secure connection by ...) @@ -13449,7 +13449,7 @@ CVE-2023-29349 (Microsoft ODBC and OLE DB Remote Code Execution Vulnerability) CVE-2023-29348 RESERVED CVE-2023-29347 (Windows Admin Center Spoofing Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-29346 (NTFS Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2023-29345 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability) @@ -13511,29 +13511,29 @@ CVE-2023-29321 (Adobe Animate versions 22.0.9 (and earlier) and 23.0.1 (and earl CVE-2023-29320 RESERVED CVE-2023-29319 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29318 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29317 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29316 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29315 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29314 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29313 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29312 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29311 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29310 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29309 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29308 (Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29307 (Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected b ...) NOT-FOR-US: Adobe CVE-2023-29306 @@ -13547,13 +13547,13 @@ CVE-2023-29303 CVE-2023-29302 (Adobe Experience Manager versions 6.5.16.0 (and earlier) is affected b ...) NOT-FOR-US: Adobe CVE-2023-29301 (Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29300 (Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29299 RESERVED CVE-2023-29298 (Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) ...) - TODO: check + NOT-FOR-US: Adobe CVE-2023-29297 (Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) an ...) NOT-FOR-US: Adobe CVE-2023-29296 (Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) an ...) @@ -14094,9 +14094,9 @@ CVE-2023-29132 (Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because NOTE: https://github.com/irssi/irssi/pull/1456 NOTE: https://github.com/irssi/irssi/commit/c554a45738712219c066897b09a44d99afeb4240 CVE-2023-29131 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-29130 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...) - TODO: check + NOT-FOR-US: Siemens CVE-2023-29129 (A vulnerability has been identified in Mendix SAML (Mendix 7 compatibl ...) NOT-FOR-US: Siemens CVE-2023-29128 (A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 ( ...) @@ -15720,7 +15720,7 @@ CVE-2023-1549 (The Ad Inserter WordPress plugin before 2.7.27 unserializes user CVE-2023-1548 (A CWE-269: Improper Privilege Management vulnerability exists that cou ...) NOT-FOR-US: Schneider CVE-2023-1547 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) - TODO: check + NOT-FOR-US: Elra Parkmatik CVE-2023-1546 (The MyCryptoCheckout WordPress plugin before 2.124 does not escape som ...) NOT-FOR-US: WordPress plugin CVE-2023-1545 (SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3 ...) @@ -18169,7 +18169,7 @@ CVE-2023-28003 (A CWE-613: Insufficient Session Expiration vulnerability exists CVE-2023-28002 RESERVED CVE-2023-28001 (An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 ...) - TODO: check + NOT-FOR-US: Fortinet CVE-2023-28000 (An improper neutralization of special elements used in an OS command v ...) NOT-FOR-US: FortiGuard CVE-2023-27999 (An improper neutralization of special elements used in an OS command v ...) @@ -20112,31 +20112,31 @@ CVE-2023-27299 CVE-2023-27297 RESERVED CVE-2023-26597 (Controller DoS due to buffer overflow in the handling of a specially c ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-26585 RESERVED CVE-2023-25948 (Server information leak of configuration data when an error is generat ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-25770 (Controller DoS may occur due to buffer overflow when an error is gener ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-25178 (Controller may be loaded with malicious firmware which could enable re ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-25078 (Server or Console Station DoS due to heap overflow occurring during th ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-24589 RESERVED CVE-2023-24480 (Controller DoS due to stack overflow when decoding a message from the ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-24474 (Experion server may experience a DoS due to a heap overflow which coul ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-23905 RESERVED CVE-2023-23585 (Experion server DoS due to heap overflow occurring during the handling ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-22658 RESERVED CVE-2023-22435 (Experion server may experience a DoS due to a stack overflow when hand ...) - TODO: check + NOT-FOR-US: Honeywell CVE-2023-1109 (In Phoenix Contacts ENERGY AXC PU Web service an authenticated restric ...) NOT-FOR-US: Phoenix Contacts ENERGY AXC PU Web service CVE-2023-1108 @@ -21396,7 +21396,7 @@ CVE-2023-26863 CVE-2023-26862 RESERVED CVE-2023-26861 (SQL injection vulnerability found in PrestaShop vivawallet v.1.7.10 an ...) - TODO: check + NOT-FOR-US: PrestaShop module CVE-2023-26860 (SQL injection vulnerability found in PrestaShop Igbudget v.1.0.3 and b ...) NOT-FOR-US: PrestaShop Igbudget CVE-2023-26859 @@ -21999,9 +21999,9 @@ CVE-2023-26566 CVE-2023-26565 RESERVED CVE-2023-26564 (The Syncfusion EJ2 ASPCore File Provider 3ac357f is vulnerable to Mode ...) - TODO: check + NOT-FOR-US: Syncfusion CVE-2023-26563 (The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesys ...) - TODO: check + NOT-FOR-US: Syncfusion CVE-2023-26562 RESERVED CVE-2023-26561 @@ -24710,7 +24710,7 @@ CVE-2023-25708 (Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP V CVE-2023-25707 (Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooki ...) NOT-FOR-US: WordPress plugin CVE-2023-25706 (Cross-Site Request Forgery (CSRF) vulnerability in Pagup WordPress Rob ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25705 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Go P ...) NOT-FOR-US: WordPress plugin CVE-2023-25704 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mehj ...) @@ -25163,7 +25163,7 @@ CVE-2023-25608 CVE-2023-25607 RESERVED CVE-2023-25606 (An improper limitation of a pathname to a restricted directory ('Path ...) - TODO: check + NOT-FOR-US: Fortinet CVE-2023-25605 (A improper access control vulnerability in Fortinet FortiSOAR 7.3.0 - ...) NOT-FOR-US: Fortinet CVE-2023-25604 @@ -25656,7 +25656,7 @@ CVE-2023-25489 CVE-2023-25488 RESERVED CVE-2023-25487 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade PixTypes ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25486 RESERVED CVE-2023-25485 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bern ...) @@ -25694,7 +25694,7 @@ CVE-2023-25470 (Cross-Site Request Forgery (CSRF) vulnerability in Anton Skorobo CVE-2023-25469 RESERVED CVE-2023-25468 (Cross-Site Request Forgery (CSRF) vulnerability in Reservation.Studio ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25467 (Cross-Site Request Forgery (CSRF) vulnerability in Daniel Mores, A. Hu ...) NOT-FOR-US: WordPress plugin CVE-2023-25466 @@ -25744,7 +25744,7 @@ CVE-2023-25445 CVE-2023-25444 RESERVED CVE-2023-25443 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25442 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Marc ...) NOT-FOR-US: WordPress plugin CVE-2023-25441 @@ -26722,7 +26722,7 @@ CVE-2023-25053 CVE-2023-25052 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tepl ...) NOT-FOR-US: WordPress plugin CVE-2023-25051 (Cross-Site Request Forgery (CSRF) vulnerability in Denishua Comment Re ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-25050 RESERVED CVE-2023-25049 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in impl ...) @@ -27196,7 +27196,7 @@ CVE-2023-24883 (Microsoft PostScript and PCL6 Class Printer Driver Information D CVE-2023-24882 (Microsoft OneDrive for Android Information Disclosure Vulnerability) NOT-FOR-US: Microsoft CVE-2023-24881 (Microsoft Teams Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-24880 (Windows SmartScreen Security Feature Bypass Vulnerability) NOT-FOR-US: Microsoft CVE-2023-24879 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...) @@ -28556,19 +28556,19 @@ CVE-2023-24494 (A stored cross-site scripting (XSS) vulnerability exists in Tena CVE-2023-24493 (A formula injection vulnerability exists in Tenable.sc due to improper ...) NOT-FOR-US: Tenable CVE-2023-24492 (A vulnerability has been discovered in the Citrix Secure Access client ...) - TODO: check + NOT-FOR-US: Citrix CVE-2023-24491 (A vulnerability has been discovered in the Citrix Secure Access client ...) - TODO: check + NOT-FOR-US: Citrix CVE-2023-24490 (Users with only access to launch VDA applications can launch an unauth ...) - TODO: check + NOT-FOR-US: Citrix CVE-2023-24489 (A vulnerability has been discovered in the customer-managed ShareFile ...) - TODO: check + NOT-FOR-US: Citrix CVE-2023-24488 (Cross site scripting vulnerabilityin Citrix ADC and Citrix Gatewayin a ...) - TODO: check + NOT-FOR-US: Citrix CVE-2023-24487 (Arbitrary file readin Citrix ADC and Citrix Gateway) - TODO: check + NOT-FOR-US: Citrix CVE-2023-24486 (A vulnerability has been identified in Citrix Workspace app for Linux ...) - TODO: check + NOT-FOR-US: Citrix CVE-2023-24485 (Vulnerabilities have been identified that, collectively, allow a stand ...) NOT-FOR-US: Citrix CVE-2023-24484 (A malicious user can cause log files to be written to a directory that ...) @@ -28794,7 +28794,7 @@ CVE-2023-24423 (A cross-site request forgery (CSRF) vulnerability in Jenkins Ger CVE-2023-24422 (A sandbox bypass vulnerability involving map constructors in Jenkins S ...) NOT-FOR-US: Jenkins plugin CVE-2023-24421 (Cross-Site Request Forgery (CSRF) vulnerability in WP Engine PHP Compa ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-24420 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Zestard ...) NOT-FOR-US: WordPress plugin CVE-2023-24419 (Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Form Bui ...) @@ -28802,7 +28802,7 @@ CVE-2023-24419 (Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Fo CVE-2023-24418 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi ...) NOT-FOR-US: WordPress plugin CVE-2023-24417 (Cross-Site Request Forgery (CSRF) vulnerability in tiggersWelt.Net Wor ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-24416 RESERVED CVE-2023-24415 (Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud ChatBo ...) @@ -29805,7 +29805,7 @@ CVE-2023-23999 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi CVE-2023-23998 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J ...) NOT-FOR-US: WordPress plugin CVE-2023-23997 (Cross-Site Request Forgery (CSRF) vulnerability in Dave Jesch Database ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23996 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Prof ...) NOT-FOR-US: WordPress plugin CVE-2023-23995 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tim ...) @@ -30361,7 +30361,7 @@ CVE-2023-23805 CVE-2023-23804 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Feed p ...) NOT-FOR-US: WordPress plugin CVE-2023-23803 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes JustTable ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23802 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Easy G ...) NOT-FOR-US: WordPress plugin CVE-2023-23801 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Really Si ...) @@ -30383,9 +30383,9 @@ CVE-2023-23794 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-23793 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eigh ...) NOT-FOR-US: WordPress plugin CVE-2023-23792 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Swatchly ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23791 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Menu p ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23790 (Cross-Site Request Forgery (CSRF) vulnerability in Pods Framework Team ...) NOT-FOR-US: WordPress plugin CVE-2023-23789 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Prem ...) @@ -30413,7 +30413,7 @@ CVE-2023-23779 (Multiple improper neutralization of special elements used in an CVE-2023-23778 (A relative path traversal vulnerability [CWE-23] in FortiWeb version 7 ...) NOT-FOR-US: FortiGuard CVE-2023-23777 (An improper neutralization of special elements used in an OS command ( ...) - TODO: check + NOT-FOR-US: Fortinet CVE-2023-23776 (An exposure of sensitive information to an unauthorized actor [CWE-200 ...) NOT-FOR-US: Fortinet CVE-2023-23775 @@ -30550,7 +30550,7 @@ CVE-2023-23758 CVE-2023-23757 RESERVED CVE-2023-23756 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: Joomla addon CVE-2023-23755 (An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of ra ...) NOT-FOR-US: Joomla! CVE-2023-23754 (An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input ...) @@ -30661,7 +30661,7 @@ CVE-2023-23733 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-23732 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel ...) NOT-FOR-US: WordPress plugin CVE-2023-23731 (Cross-Site Request Forgery (CSRF) vulnerability in HasTheme WishSuite ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23730 RESERVED CVE-2023-23729 @@ -30715,7 +30715,7 @@ CVE-2023-23706 (Cross-Site Request Forgery (CSRF) vulnerability in miniOrange Wo CVE-2023-23705 (Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress ...) NOT-FOR-US: WordPress plugin CVE-2023-23704 (Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23703 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2023-23702 @@ -30828,7 +30828,7 @@ CVE-2023-23673 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-23672 RESERVED CVE-2023-23671 (Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Layer Slider ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-23670 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Team ...) NOT-FOR-US: WordPress plugin CVE-2023-23669 @@ -33782,7 +33782,7 @@ CVE-2023-22837 CVE-2023-22836 RESERVED CVE-2023-22835 (A security defect was identified that enabled a user of Foundry Issues ...) - TODO: check + NOT-FOR-US: Palantir CVE-2023-22834 (The Contour Service was not checking that users had permission to crea ...) NOT-FOR-US: Palantir CVE-2023-22833 (Palantir Foundry deployments running Lime2 versions between 2.519.0 an ...) @@ -39302,7 +39302,7 @@ CVE-2023-21758 (Windows Internet Key Exchange (IKE) Extension Denial of Service CVE-2023-21757 (Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerabil ...) NOT-FOR-US: Microsoft CVE-2023-21756 (Windows Win32k Elevation of Privilege Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-21755 (Windows Kernel Elevation of Privilege Vulnerability) NOT-FOR-US: Microsoft CVE-2023-21754 (Windows Kernel Elevation of Privilege Vulnerability) @@ -42556,7 +42556,7 @@ CVE-2023-21528 (Microsoft SQL Server Remote Code Execution Vulnerability) CVE-2023-21527 (Windows iSCSI Service Denial of Service Vulnerability) NOT-FOR-US: Microsoft CVE-2023-21526 (Windows Netlogon Information Disclosure Vulnerability) - TODO: check + NOT-FOR-US: Microsoft CVE-2023-21525 (Remote Procedure Call Runtime Denial of Service Vulnerability) NOT-FOR-US: Microsoft CVE-2023-21524 (Windows Local Security Authority (LSA) Elevation of Privilege Vulnerab ...) @@ -47704,7 +47704,7 @@ CVE-2023-21264 CVE-2023-21263 RESERVED CVE-2023-21262 (In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way ...) - TODO: check + NOT-FOR-US: Android CVE-2023-21261 (In ft_open_face_internal of ftobjs.c, there is a possible out of bound ...) TODO: check CVE-2023-21260 (In notification access permission dialog box, malicious application ca ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5cecbd4624baec6e6d15fcbc7361f87d1380a00 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5cecbd4624baec6e6d15fcbc7361f87d1380a00 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits