Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f56f6a5b by Salvatore Bonaccorso at 2023-12-04T21:30:40+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,43 +5,43 @@ CVE-2023-6481 (A serialization vulnerability in logback
receiver component part
CVE-2023-6460 (A potential logging of the firestore key via logging within
nodejs-fir ...)
TODO: check
CVE-2023-5768 (A vulnerability exists in the HCI IEC 60870-5-104 that affects
the RTU ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-5767 (A vulnerability exists in the webserver that affects the
RTU500 serie ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-48967 (Ssolon <= 2.6.0 and <=2.5.12 is vulnerable to Deserialization
of Untru ...)
- TODO: check
+ NOT-FOR-US: Ssolon
CVE-2023-48966 (An arbitrary file upload vulnerability in the component
/admin/api.upl ...)
- TODO: check
+ NOT-FOR-US: ThinkAdmin
CVE-2023-48965 (An issue in the component /admin/api.plugs/script of
ThinkAdmin v6.1.5 ...)
- TODO: check
+ NOT-FOR-US: ThinkAdmin
CVE-2023-48910 (Microcks up to 1.17.1 was discovered to contain a Server-Side
Request ...)
- TODO: check
+ NOT-FOR-US: Microcks
CVE-2023-48866 (A Cross-Site Scripting (XSS) vulnerability in the recipe
preparation c ...)
- grocy <itp> (bug #969056)
CVE-2023-48863 (SEMCMS 3.9 is vulnerable to SQL Injection. Due to the lack of
security ...)
- TODO: check
+ NOT-FOR-US: SEMCMS
CVE-2023-48815 (kkFileView v4.3.0 is vulnerable to Incorrect Access Control.)
- TODO: check
+ NOT-FOR-US: kkFileView
CVE-2023-48800 (In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd
file su ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-48799 (TOTOLINK-X6000R Firmware-V9.4.0cu.852_B20230719 is vulnerable
to Comma ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-44306 (Dell DM5500 contains a path traversal vulnerability in PPOE
Component. ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-44305 (Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow
Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-44304 (Dell DM5500 contains a privilege escalation vulnerability in
PPOE Comp ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-44302 (Dell DM5500 5.14.0.0 and prior contain an improper
authentication vuln ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-44301 (Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site
Scriptin ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-44300 (Dell DM5500 5.14.0.0, contain a Plain-text Password Storage
Vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-44291 (Dell DM5500 5.14.0.0 contains an OS command injection
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-41613 (EzViz Studio v2.2.0 is vulnerable to DLL hijacking.)
- TODO: check
+ NOT-FOR-US: EzViz Studio
CVE-2023-32804 (Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU
Userspace Dri ...)
TODO: check
CVE-2023-5332 (Patch in third party library Consul requires
'enable-script-checks' to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f56f6a5bd6e9e6bedc992c4bd7dd159f756d2727
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f56f6a5bd6e9e6bedc992c4bd7dd159f756d2727
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
