Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
92153217 by Salvatore Bonaccorso at 2023-07-26T15:07:13+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,13 +7,13 @@ CVE-2023-3945 (A vulnerability was found in phpscriptpoint
Lawyer 1.6. It has be
CVE-2023-3944 (A vulnerability was found in phpscriptpoint Lawyer 1.6 and
classified ...)
NOT-FOR-US: phpscriptpoint
CVE-2023-3897 (Username enumeration is possible through Bypassing CAPTCHA in
On-premi ...)
- TODO: check
+ NOT-FOR-US: On-premise SureMDM Solution
CVE-2023-3890 (A vulnerability classified as problematic has been found in
Campcodes ...)
NOT-FOR-US: Campcodes Beauty Salon Management System
CVE-2023-3548 (An unauthorized user could gain account access to IQ Wifi 6
versions p ...)
TODO: check
CVE-2023-3486 (An authentication bypass exists in PaperCut NG versions 22.0.12
and pr ...)
- TODO: check
+ NOT-FOR-US: PaperCut NG
CVE-2023-39175 (In JetBrains TeamCity before 2023.05.2 reflected XSS via
GitHub integr ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2023-39174 (In JetBrains TeamCity before 2023.05.2 a ReDoS attack was
possible via ...)
@@ -33,9 +33,9 @@ CVE-2023-39128 (GNU gdb (GDB) 13.0.50.20220805-git was
discovered to contain a s
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=30639
TODO: check details
CVE-2023-38555 (Authentication bypass vulnerability in Fujitsu network devices
Si-R se ...)
- TODO: check
+ NOT-FOR-US: Fujitsu network devices
CVE-2023-38503 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
- TODO: check
+ NOT-FOR-US: Directus
CVE-2023-38502 (TDengine is an open source, time-series database optimized for
Interne ...)
TODO: check
CVE-2023-38501 (copyparty is file server software. Prior to version 1.8.7, the
applica ...)
@@ -49,9 +49,9 @@ CVE-2023-38496 (Apptainer is an open source container
platform. Version 1.2.0-rc
CVE-2023-38493 (Armeria is a microservice framework Spring supports Matrix
variables. ...)
TODO: check
CVE-2023-38435 (An improper neutralization of input during web page generation
('Cross ...)
- TODO: check
+ NOT-FOR-US: Apache Felix Healthcheck Webconsole Plugin
CVE-2023-38433 (Fujitsu Real-time Video Transmission Gear "IP series" use
hard-coded c ...)
- TODO: check
+ NOT-FOR-US: Fujitsu
CVE-2023-37920 (Certifi is a curated collection of Root Certificates for
validating th ...)
TODO: check
CVE-2023-37919 (Cal.com is open-source scheduling software. A vulnerability
allows act ...)
@@ -59,9 +59,9 @@ CVE-2023-37919 (Cal.com is open-source scheduling software. A
vulnerability allo
CVE-2023-37907 (Cryptomator is data encryption software for users who store
their file ...)
TODO: check
CVE-2023-37902 (Vyper is a Pythonic programming language that targets the
Ethereum Vir ...)
- TODO: check
+ NOT-FOR-US: Vyper
CVE-2023-37677 (Pligg CMS v2.0.2 (also known as Kliqqi) was discovered to
contain a re ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2023-37460 (Plexis Archiver is a collection of Plexus components to create
archive ...)
TODO: check
CVE-2023-37258 (DataEase is an open source data visualization analysis tool.
Prior to ...)
@@ -73,19 +73,19 @@ CVE-2023-36826 (Sentry is an error tracking and performance
monitoring platform.
CVE-2023-36806 (Contao is an open source content management system. Starting
in versio ...)
TODO: check
CVE-2023-36503 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Max F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36502 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36501 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Michael ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36385 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
wpxpo Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35982 (There are buffer overflow vulnerabilities in multiple
underlying servi ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-35981 (There are buffer overflow vulnerabilities in multiple
underlying servi ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-35980 (There are buffer overflow vulnerabilities in multiple
underlying servi ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-35944 (Envoy is an open source edge and service proxy designed for
cloud-nati ...)
TODO: check
CVE-2023-35943 (Envoy is an open source edge and service proxy designed for
cloud-nati ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92153217123d48c77df187fffd7b3e1428494c5a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92153217123d48c77df187fffd7b3e1428494c5a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
