Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c03a94fc by Salvatore Bonaccorso at 2024-01-04T21:33:02+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2024-21625 (SideQuest is a place to get virtual reality applications for
Oculus Qu ...)
- TODO: check
+ NOT-FOR-US: SideQuest
CVE-2023-7044 (The Essential Addons for Elementor \u2013 Best Elementor
Templates, Wi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6992 (Cloudflare version of zlib library was found to be vulnerable
to memor ...)
TODO: check
CVE-2023-6551 (As a simple library, class.upload.php does not perform an
in-depth che ...)
- TODO: check
+ NOT-FOR-US: class.upload.php library
CVE-2023-6270 (A flaw was found in the ATA over Ethernet (AoE) driver in the
Linux ke ...)
- linux <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-CAN-22236
@@ -14,45 +14,45 @@ CVE-2023-5619
CVE-2023-5442
REJECTED
CVE-2023-51812 (Tenda AX3 v16.03.12.11 was discovered to contain a remote code
executi ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-51154 (Jizhicms v2.5 was discovered to contain an arbitrary file
download vul ...)
- TODO: check
+ NOT-FOR-US: Jizhicms
CVE-2023-50867 (Travel Website v1.0 is vulnerable to multiple Unauthenticated
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Travel Website
CVE-2023-50866 (Travel Website v1.0 is vulnerable to multiple Unauthenticated
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Travel Website
CVE-2023-50865 (Travel Website v1.0 is vulnerable to multiple Unauthenticated
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Travel Website
CVE-2023-50864 (Travel Website v1.0 is vulnerable to multiple Unauthenticated
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Travel Website
CVE-2023-50863 (Travel Website v1.0 is vulnerable to multiple Unauthenticated
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Travel Website
CVE-2023-50862 (Travel Website v1.0 is vulnerable to multiple Unauthenticated
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Travel Website
CVE-2023-50760 (Online Notice Board System v1.0 is vulnerable to an Insecure
File Uplo ...)
- TODO: check
+ NOT-FOR-US: Online Notice Board System
CVE-2023-50753 (Online Notice Board System v1.0 is vulnerable to multiple
Unauthentica ...)
- TODO: check
+ NOT-FOR-US: Online Notice Board System
CVE-2023-50752 (Online Notice Board System v1.0 is vulnerable to multiple
Unauthentica ...)
- TODO: check
+ NOT-FOR-US: Online Notice Board System
CVE-2023-50743 (Online Notice Board System v1.0 is vulnerable to multiple
Unauthentica ...)
- TODO: check
+ NOT-FOR-US: Online Notice Board System
CVE-2023-49666 (Billing Software v1.0 is vulnerable to multiple
Unauthenticated SQL In ...)
- TODO: check
+ NOT-FOR-US: Billing Software
CVE-2023-49665 (Billing Software v1.0 is vulnerable to multiple
Unauthenticated SQL In ...)
- TODO: check
+ NOT-FOR-US: Billing Software
CVE-2023-49658 (Billing Software v1.0 is vulnerable to multiple
Unauthenticated SQL In ...)
- TODO: check
+ NOT-FOR-US: Billing Software
CVE-2023-49639 (Billing Software v1.0 is vulnerable to multiple
Unauthenticated SQL In ...)
- TODO: check
+ NOT-FOR-US: Billing Software
CVE-2023-49633 (Billing Software v1.0 is vulnerable to multiple
Unauthenticated SQL In ...)
- TODO: check
+ NOT-FOR-US: Billing Software
CVE-2023-49625 (Billing Software v1.0 is vulnerable to multiple
Unauthenticated SQL In ...)
- TODO: check
+ NOT-FOR-US: Billing Software
CVE-2023-49624 (Billing Software v1.0 is vulnerable to multiple
Unauthenticated SQL In ...)
- TODO: check
+ NOT-FOR-US: Billing Software
CVE-2023-49622 (Billing Software v1.0 is vulnerable to multiple
Unauthenticated SQL In ...)
- TODO: check
+ NOT-FOR-US: Billing Software
CVE-2023-3726 (OCSInventory allow stored email template with special
characters that ...)
TODO: check
CVE-2024-21634 (Amazon Ion is a Java implementation of the Ion data notation.
Prior to ...)
@@ -146207,7 +146207,7 @@ CVE-2021-45467 (In CWP (aka Control Web Panel or
CentOS Web Panel) before 0.9.8.
CVE-2021-45466 (In CWP (aka Control Web Panel or CentOS Web Panel) before
0.9.8.1107, ...)
NOT-FOR-US: CentOS Web Panel
CVE-2021-45465 (A vulnerability has been identified in syngo fastView (All
versions). ...)
- TODO: check
+ NOT-FOR-US: syngo fastView
CVE-2021-4160 (There is a carry propagation bug in the MIPS32 and MIPS64
squaring pro ...)
{DSA-5103-1}
- openssl 1.1.1m-1
@@ -160598,7 +160598,7 @@ CVE-2021-42030
CVE-2021-42029 (A vulnerability has been identified in SIMATIC STEP 7 (TIA
Portal) V15 ...)
NOT-FOR-US: Siemens
CVE-2021-42028 (A vulnerability has been identified in syngo fastView (All
versions). ...)
- TODO: check
+ NOT-FOR-US: syngo fastView
CVE-2021-42027 (A vulnerability has been identified in SINUMERIK Edge (All
versions < ...)
NOT-FOR-US: Siemens
CVE-2021-42026 (A vulnerability has been identified in Mendix Applications
using Mendi ...)
@@ -164949,7 +164949,7 @@ CVE-2021-40369 (A carefully crafted plugin link
invocation could trigger an XSS
CVE-2021-40368 (A vulnerability has been identified in SIMATIC S7-400 CPU
412-1 DP V7 ...)
NOT-FOR-US: Siemens
CVE-2021-40367 (A vulnerability has been identified in syngo fastView (All
versions). ...)
- TODO: check
+ NOT-FOR-US: syngo fastView
CVE-2021-40366 (A vulnerability has been identified in Climatix POL909 (AWB
module) (A ...)
NOT-FOR-US: Siemens
CVE-2021-40365 (Affected devices don't process correctly certain special
crafted packe ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c03a94fcb0576d377cacfce5c0790e8e2843890e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c03a94fcb0576d377cacfce5c0790e8e2843890e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
