Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a92b819c by Salvatore Bonaccorso at 2024-01-03T09:28:31+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,9 +3,9 @@ CVE-2024-21632 (omniauth-microsoft_graph provides an Omniauth
strategy for the M
CVE-2024-21629 (Rust EVM is an Ethereum Virtual Machine interpreter. In
`rust-evm`, a ...)
TODO: check
CVE-2024-21628 (PrestaShop is an open-source e-commerce platform. Prior to
version 8.1 ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2024-21627 (PrestaShop is an open-source e-commerce platform. Prior to
versions 8. ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2024-21623 (OTCLient is an alternative tibia client for otserv. Prior to
commit db ...)
TODO: check
CVE-2024-0211 (DOCSIS dissector crash in Wireshark 4.2.0 allows denial of
service via ...)
@@ -23,43 +23,43 @@ CVE-2024-0196 (A vulnerability has been found in Magic-Api
up to 2.0.1 and class
CVE-2024-0195 (A vulnerability, which was classified as critical, was found in
spider ...)
TODO: check
CVE-2024-0194 (A vulnerability, which was classified as critical, has been
found in C ...)
- TODO: check
+ NOT-FOR-US: CodeAstro Internet Banking System
CVE-2023-7027 (The POST SMTP Mailer \u2013 Email log, Delivery Failure
Notifications ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6986 (The EmbedPress \u2013 Embed PDF, YouTube, Google Docs, Vimeo,
Wistia V ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6981 (The WP SMS \u2013 Messaging & SMS Notification for WordPress,
WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6980 (The WP SMS \u2013 Messaging & SMS Notification for WordPress,
WooComme ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6629 (The POST SMTP Mailer \u2013 Email log, Delivery Failure
Notifications ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6600 (The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6524 (The MapPress Maps for WordPress plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6339 (Google Nest WiFi Pro root code-execution & user-data compromise)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50922 (An issue was discovered on GL.iNet devices through 4.5.0.
Attackers wh ...)
- TODO: check
+ NOT-FOR-US: GL.iNet devices
CVE-2023-50351 (HCL DRYiCE MyXalytics is impacted by the use of an insecure
key rotati ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-50350 (HCL DRYiCE MyXalytics is impacted by the use of a broken
cryptographic ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-50348 (HCL DRYiCE MyXalytics is impacted by an improper error
handling vulner ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-50346 (HCL DRYiCE MyXalytics is impacted by an information disclosure
vulnera ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-50345 (HCL DRYiCE MyXalytics is impacted by an Open Redirect
vulnerability wh ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-50344 (HCL DRYiCE MyXalytics is impacted by improper access control
(Unauthen ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-50343 (HCL DRYiCE MyXalytics is impacted by an Improper Access
Control (Contr ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-50342 (HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object
Referen ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-50341 (HCL DRYiCE MyXalytics is impacted by Improper Access Control
(Obsolete ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-50020 (An issue was discovered in open5gs v2.6.6. SIGPIPE can be used
to cras ...)
TODO: check
CVE-2023-50019 (An issue was discovered in open5gs v2.6.6. InitialUEMessage,
Registrat ...)
@@ -89,9 +89,9 @@ CVE-2023-49549 (An issue in Cesanta mjs 2.20.0 allows a
remote attacker to cause
CVE-2023-48418 (In checkDebuggingDisallowed of DeviceVersionFragment.java,
there is a ...)
TODO: check
CVE-2023-47473 (Directory Traversal vulnerability in fuwushe.org iFair
versions 23.8_a ...)
- TODO: check
+ NOT-FOR-US: fuwushe.org iFair
CVE-2023-47458 (An issue in SpringBlade v.3.7.0 and before allows a remote
attacker to ...)
- TODO: check
+ NOT-FOR-US: SpringBlade
CVE-2023-46308 (In Plotly plotly.js before 2.25.2, plot API calls have a risk
of __pro ...)
TODO: check
CVE-2023-45893 (An indirect Object Reference (IDOR) in the Order and Invoice
pages in ...)
@@ -99,23 +99,23 @@ CVE-2023-45893 (An indirect Object Reference (IDOR) in the
Order and Invoice pag
CVE-2023-45892 (An issue discovered in the Order and Invoice pages in
Floorsight Insig ...)
TODO: check
CVE-2023-45724 (HCL DRYiCE MyXalytics product is impacted by unauthenticated
file uplo ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-45723 (HCL DRYiCE MyXalytics is impacted by path traversal
vulnerability whic ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-45722 (HCL DRYiCE MyXalytics is impacted by path traversal arbitrary
file rea ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-45561 (An issue in A-WORLD OIRASE BEER_waiting Line v.13.6.1 allows
attackers ...)
- TODO: check
+ NOT-FOR-US: A-WORLD OIRASE BEER_waiting Line
CVE-2023-42358 (An issue was discovered in O-RAN Software Community
ric-plt-e2mgr in t ...)
TODO: check
CVE-2023-41783 (There is a command injection vulnerability of ZTE's ZXCLOUD
iRAI. Due ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2023-41780 (There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD
iRAI. Due ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2023-41779 (There is an illegal memory access vulnerability of ZTE's
ZXCLOUD iRAI ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2023-41776 (There is a local privilege escalation vulnerability of ZTE's
ZXCLOUD i ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2024-0193 (A use-after-free flaw was found in the netfilter subsystem of
the Linu ...)
- linux <unfixed>
[bookworm] - linux 6.1.69-1
@@ -231742,11 +231742,11 @@ CVE-2020-26627
CVE-2020-26626
RESERVED
CVE-2020-26625 (A SQL injection vulnerability was discovered in Gila CMS
1.15.4 and ea ...)
- TODO: check
+ NOT-FOR-US: Gila CMS
CVE-2020-26624 (A SQL injection vulnerability was discovered in Gila CMS
1.15.4 and ea ...)
- TODO: check
+ NOT-FOR-US: Gila CMS
CVE-2020-26623 (SQL Injection vulnerability discovered in Gila CMS 1.15.4 and
earlier ...)
- TODO: check
+ NOT-FOR-US: Gila CMS
CVE-2020-26622
RESERVED
CVE-2020-26621
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a92b819cde2e3f47be498a5899a5f3ad402425f5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a92b819cde2e3f47be498a5899a5f3ad402425f5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
