Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6327991e by Salvatore Bonaccorso at 2023-08-17T22:32:44+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4,17 +4,17 @@ CVE-2023-4394 (A use-after-free flaw was found in
btrfs_get_dev_args_from_path i
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9ea0106a7a3d8116860712e3f17cd52ce99f6707 (6.0-rc3)
CVE-2023-4030 (A vulnerability was reported in BIOS for ThinkPad P14s Gen 2,
P15s Gen ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-4029 (A buffer overflow has been identified in the BoardUpdateAcpiDxe
driver ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-4028 (A buffer overflow has been identified in the
SystemUserMasterHddPwdDxe ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-40315 (In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and
related ...)
- TODO: check
+ NOT-FOR-US: OpenMNS
CVE-2023-40313 (A BeanShell interpreter in remote server mode runs in OpenMNS
Horizon ...)
- TODO: check
+ NOT-FOR-US: OpenMNS
CVE-2023-40272 (Apache Airflow Spark Provider, versions before 4.1.3, is
affected by a ...)
- TODO: check
+ NOT-FOR-US: Apache Airflow Spark Provider
CVE-2023-40168 (TurboWarp is a desktop application that compiles scratch
projects to J ...)
TODO: check
CVE-2023-40165 (rubygems.org is the Ruby community's primary gem (library)
hosting ser ...)
@@ -24,7 +24,7 @@ CVE-2023-3698 (Printer service fails to adequately handle
user input, allowing a
CVE-2023-3697 (Printer service fails to adequately handle user input, allowing
an rem ...)
TODO: check
CVE-2023-3078 (An uncontrolled search path vulnerability was reported in the
Lenovo U ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-39974 (Exposure of Sensitive Information vulnerability in AcyMailing
Enterpri ...)
TODO: check
CVE-2023-39973 (Improper Access Control vulnerability in AcyMailing Enterprise
compone ...)
@@ -40,15 +40,15 @@ CVE-2023-39743 (lrzip-next LZMA v23.01 was discovered to
contain an access viola
CVE-2023-39741 (lrzip v0.651 was discovered to contain a heap overflow via the
libzpaq ...)
TODO: check
CVE-2023-38905 (SQL injection vulnerability in Jeecg-boot v.3.5.0 and before
allows a ...)
- TODO: check
+ NOT-FOR-US: JeecgBoot
CVE-2023-38902 (An issue in RG-EW series home routers and repeaters
v.EW_3.0(1)B11P204 ...)
TODO: check
CVE-2023-38843 (An issue in Atlos v.1.0 allows an authenticated attacker to
execute ar ...)
- TODO: check
+ NOT-FOR-US: Atlos
CVE-2023-38838 (SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a
remote ...)
- TODO: check
+ NOT-FOR-US: Kidus Minimati
CVE-2023-37914 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-36847 (A Missing Authentication for Critical Function vulnerability
in Junipe ...)
TODO: check
CVE-2023-36846 (A Missing Authentication for Critical Function vulnerability
in Junipe ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6327991e0ad5df775eb76598f5bd79491e28a0d9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6327991e0ad5df775eb76598f5bd79491e28a0d9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
