Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: ad2aa325 by Moritz Muehlenhoff at 2023-08-28T10:31:00+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,35 +1,35 @@ CVE-2023-4561 (Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s ...) - TODO: check + NOT-FOR-US: Omeka S CVE-2023-4560 (Improper Authorization of Index Containing Sensitive Information in Gi ...) - TODO: check + NOT-FOR-US: Omeka S CVE-2023-4559 (A vulnerability, which was classified as critical, has been found in B ...) - TODO: check + NOT-FOR-US: Bettershop LaikeTui CVE-2023-4558 (A vulnerability classified as critical was found in SourceCodester Inv ...) - TODO: check + NOT-FOR-US: SourceCodester CVE-2023-4557 (A vulnerability classified as critical has been found in SourceCodeste ...) - TODO: check + NOT-FOR-US: SourceCodester CVE-2023-40195 (Deserialization of Untrusted Data, Inclusion of Functionality from Unt ...) - TODO: check + NOT-FOR-US: Apache Airflow Spark Provider CVE-2023-38730 (IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-38030 (Saho\u2019s attendance devices ADM100 and ADM-100FP have a vulnerabili ...) - TODO: check + NOT-FOR-US: Saho CVE-2023-38029 (Saho\u2019s attendance devices ADM100 and ADM-100FP has insufficient f ...) - TODO: check + NOT-FOR-US: Saho CVE-2023-38028 (Saho\u2019s attendance devices ADM100 and ADM-100FP have insufficient ...) - TODO: check + NOT-FOR-US: Saho CVE-2023-38027 (SpotCam Co., Ltd. SpotCam Sense\u2019s hidden Telnet function has a vu ...) - TODO: check + NOT-FOR-US: SpotCam CVE-2023-38026 (SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-code ...) - TODO: check + NOT-FOR-US: SpotCam CVE-2023-38025 (SpotCam Co., Ltd. SpotCam FHD 2\u2019s hidden Telnet function has a vu ...) - TODO: check + NOT-FOR-US: SpotCam CVE-2023-38024 (SpotCam Co., Ltd. SpotCam FHD 2\u2019s hidden Telnet function has a vu ...) - TODO: check + NOT-FOR-US: SpotCam CVE-2023-33852 (IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote at ...) - TODO: check + NOT-FOR-US: IBM CVE-2016-15035 (A vulnerability was found in Doc2k RE-Chat 1.0. It has been classified ...) - TODO: check + NOT-FOR-US: Doc2k RE-Chat CVE-2023-4556 (A vulnerability was found in SourceCodester Online Graduate Tracer Sys ...) NOT-FOR-US: SourceCodester Online Graduate Tracer System CVE-2023-4555 (A vulnerability has been found in SourceCodester Inventory Management ...) @@ -69,11 +69,11 @@ CVE-2023-40587 (Pyramid is an open source Python web framework. A path traversal CVE-2023-40586 (OWASP Coraza WAF is a golang modsecurity compatible web application fi ...) NOT-FOR-US: OWASP Coraza WAF CVE-2023-40585 (ironic-image is a container image to run OpenStack Ironic as part of M ...) - TODO: check + NOT-FOR-US: ironic-image container image CVE-2023-40583 (libp2p is a networking stack and library modularized out of The IPFS P ...) NOT-FOR-US: go-libp2p CVE-2023-40571 (weblogic-framework is a tool for detecting weblogic vulnerabilities. V ...) - TODO: check + NOT-FOR-US: weblogic-framework CVE-2023-40166 (Notepad++ is a free and open-source source code editor. Versions 8.5.6 ...) NOT-FOR-US: Notepad++ CVE-2023-40164 (Notepad++ is a free and open-source source code editor. Versions 8.5.6 ...) @@ -119,7 +119,7 @@ CVE-2023-41249 (In JetBrains TeamCity before 2023.05.3 reflected XSS was possibl CVE-2023-41248 (In JetBrains TeamCity before 2023.05.3 stored XSS was possible during ...) NOT-FOR-US: JetBrains TeamCity CVE-2023-41173 (AdGuard DNS before 2.2 allows remote attackers to cause a denial of se ...) - TODO: check + NOT-FOR-US: AdGuard CVE-2023-41167 (@webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by c ...) NOT-FOR-US: Webiny CVE-2023-40915 (Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detec ...) @@ -484,7 +484,7 @@ CVE-2023-41105 (An issue was discovered in Python 3.11 through 3.11.4. If a path NOTE: Backport for 3.12: https://github.com/python/cpython/pull/107981 NOTE: Backport for 3.11: https://github.com/python/cpython/pull/107982 CVE-2023-41104 (libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x befor ...) - TODO: check + NOT-FOR-US: libvmod-digest CVE-2023-41100 (An issue was discovered in the hcaptcha (aka hCaptcha for EXT:form) ex ...) NOT-FOR-US: TYPO3 extension CVE-2023-41098 (An issue was discovered in MISP 2.4.174. In app/Controller/DashboardsC ...) @@ -16288,11 +16288,11 @@ CVE-2023-30439 CVE-2023-30438 (An internally discovered vulnerability in PowerVM on IBM Power9 and Po ...) NOT-FOR-US: IBM CVE-2023-30437 (IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-30436 (IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-30435 (IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cro ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-30434 (IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 ...) NOT-FOR-US: IBM CVE-2023-30433 (IBM Security Verify Access 10.0 could allow a remote attacker to condu ...) @@ -28660,11 +28660,11 @@ CVE-2023-26274 (IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. Thi CVE-2023-26273 (IBM QRadar SIEM 7.5.0 could allow an authenticated user to perform una ...) NOT-FOR-US: IBM CVE-2023-26272 (IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-26271 (IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-26270 (IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-26269 (Apache James server version 3.7.3 and earlier provides a JMX managemen ...) NOT-FOR-US: Apache James CVE-2023-26268 (Design documents with matching document IDs, from databases on the sam ...) @@ -32828,7 +32828,7 @@ CVE-2023-24961 CVE-2023-24960 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...) NOT-FOR-US: IBM CVE-2023-24959 (IBM InfoSphere Information Systems 11.7 could expose information about ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-24958 (A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52 ...) NOT-FOR-US: IBM CVE-2023-24957 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0. ...) @@ -37374,7 +37374,7 @@ CVE-2023-23475 (IBM Infosphere Information Server 11.7 is vulnerable to cross-si CVE-2023-23474 RESERVED CVE-2023-23473 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site req ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-23472 RESERVED CVE-2023-23471 @@ -39302,7 +39302,7 @@ CVE-2023-22879 CVE-2023-22878 (IBM InfoSphere Information Server 11.7 stores user credentials in plai ...) NOT-FOR-US: IBM CVE-2023-22877 (IBM InfoSphere Information Server 11.7 is potentially vulnerable to CS ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-22876 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 a ...) NOT-FOR-US: IBM CVE-2023-22875 (IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/T ...) @@ -58303,17 +58303,17 @@ CVE-2022-43911 CVE-2022-43910 (IBM Security Guardium 11.3 could allow a local user to escalate their ...) NOT-FOR-US: IBM CVE-2022-43909 (IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-43908 (IBM Security Guardium 11.3 could allow an authenticated user to cause ...) NOT-FOR-US: IBM CVE-2022-43907 (IBM Security Guardium 11.4 could allow a remote authenticated attacker ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-43906 RESERVED CVE-2022-43905 RESERVED CVE-2022-43904 (IBM Security Guardium 11.3 and 11.4 could disclose sensitive informati ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-43903 RESERVED CVE-2022-43902 (IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS is vulnerable to a denial ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad2aa3250959efd4cb1e63e15a81d7172ee48c09 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad2aa3250959efd4cb1e63e15a81d7172ee48c09 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits