Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6fadbaff by Moritz Muehlenhoff at 2023-02-20T15:51:53+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,9 +15,9 @@ CVE-2023-26095
CVE-2023-26094
RESERVED
CVE-2023-26093 (Liima before 1.17.28 allows Hibernate query language (HQL)
injection, ...)
- TODO: check
+ NOT-FOR-US: Liima
CVE-2023-26092 (Liima before 1.17.28 allows server-side template injection.
...)
- TODO: check
+ NOT-FOR-US: Liima
CVE-2023-26091
RESERVED
CVE-2023-26090
@@ -105,7 +105,7 @@ CVE-2015-10084
CVE-2015-10083
RESERVED
CVE-2023-0919 (Missing Authentication for Critical Function in GitHub
repository kare ...)
- TODO: check
+ NOT-FOR-US: Kavita
CVE-2023-0918 (A vulnerability has been found in codeprojects Pharmacy
Management Sys ...)
NOT-FOR-US: codeprojects Pharmacy Management System
CVE-2023-0917 (A vulnerability, which was classified as critical, was found in
Source ...)
@@ -141,9 +141,9 @@ CVE-2015-10080
CVE-2014-125088
RESERVED
CVE-2013-10019 (A vulnerability was found in OCLC-Research OAICat 1.5.61. It
has been ...)
- TODO: check
+ NOT-FOR-US: OAICat
CVE-2012-10008 (A vulnerability, which was classified as critical, has been
found in u ...)
- TODO: check
+ NOT-FOR-US: uakfdotb oneapp
CVE-2023-0911
RESERVED
CVE-2023-0910 (A vulnerability has been found in SourceCodester Online Pizza
Ordering ...)
@@ -165,11 +165,11 @@ CVE-2023-0903 (A vulnerability was found in
SourceCodester Employee Task Managem
CVE-2023-0902 (A vulnerability was found in SourceCodester Simple Food
Ordering Syste ...)
NOT-FOR-US: SourceCodester Simple Food Ordering System
CVE-2016-15024 (A vulnerability was found in doomsider shadow. It has been
classified ...)
- TODO: check
+ NOT-FOR-US: doomsider shadow
CVE-2014-125087 (A vulnerability was found in java-xmlbuilder up to 1.1. It
has been ra ...)
- TODO: check
+ NOT-FOR-US: java-xmlbuilder
CVE-2012-10007 (A vulnerability was found in madgicweb BuddyStream Plugin up
to 3.2.7. ...)
- TODO: check
+ NOT-FOR-US: madgicweb BuddyStream Plugin
CVE-2023-26056
RESERVED
CVE-2023-26055
@@ -11137,7 +11137,7 @@ CVE-2022-48117
CVE-2022-48116 (AyaCMS v3.1.2 was discovered to contain a remote code
execution (RCE) ...)
NOT-FOR-US: AyaCMS
CVE-2022-48115 (The dropdown menu in jspreadsheet before v4.6.0 was discovered
to be v ...)
- TODO: check
+ NOT-FOR-US: jspreadsheet
CVE-2022-48114 (RuoYi up to v4.7.5 was discovered to contain a SQL injection
vulnerabi ...)
NOT-FOR-US: RuoYi
CVE-2022-48113 (A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139
allows una ...)
@@ -41480,7 +41480,7 @@ CVE-2022-38780
CVE-2022-38779
RESERVED
CVE-2022-38778 (A flaw (CVE-2022-38900) was discovered in one of
Kibana’s third ...)
- TODO: check
+ - kibana <itp> (bug #700337)
CVE-2022-38777 (An issue was discovered in the rollback feature of Elastic
Endpoint Se ...)
NOT-FOR-US: Elastic Endpoint Security
CVE-2022-38776
@@ -77844,7 +77844,7 @@ CVE-2022-25982
CVE-2022-25981
RESERVED
CVE-2022-25979 (Versions of the package jsuites before 5.0.1 are vulnerable to
Cross-s ...)
- TODO: check
+ NOT-FOR-US: Node jsuites
CVE-2022-25978 (All versions of the package github.com/usememos/memos/server
are vulne ...)
NOT-FOR-US: github.com/usememos/memos/server
CVE-2022-25977
@@ -77868,7 +77868,7 @@ CVE-2022-25964
CVE-2022-25963
RESERVED
CVE-2022-25962 (All versions of the package vagrant.js are vulnerable to
Command Injec ...)
- TODO: check
+ NOT-FOR-US: vagrant.js
CVE-2022-25961
RESERVED
CVE-2022-25956
@@ -77894,15 +77894,15 @@ CVE-2022-25944
CVE-2022-25941
RESERVED
CVE-2022-25940 (All versions of package lite-server are vulnerable to Denial
of Servic ...)
- TODO: check
+ NOT-FOR-US: Node lite-server
CVE-2022-25939
RESERVED
CVE-2022-25938
RESERVED
CVE-2022-25937 (Versions of the package glance before 3.0.9 are vulnerable to
Director ...)
- TODO: check
+ NOT-FOR-US: Node glance
CVE-2022-25936 (Versions of the package servst before 2.0.3 are vulnerable to
Director ...)
- TODO: check
+ NOT-FOR-US: Node servst
CVE-2022-25935
RESERVED
CVE-2022-25934
@@ -77910,23 +77910,23 @@ CVE-2022-25934
CVE-2022-25933
RESERVED
CVE-2022-25931 (All versions of package easy-static-server are vulnerable to
Directory ...)
- TODO: check
+ NOT-FOR-US: Node easy-static-server
CVE-2022-25930
RESERVED
CVE-2022-25929 (The package smoothie from 1.31.0 and before 1.36.1 are
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: Node smoothie
CVE-2022-25928
RESERVED
CVE-2022-25927 (Versions of the package ua-parser-js from 0.7.30 and before
0.7.33, fr ...)
TODO: check
CVE-2022-25926 (Versions of the package window-control before 1.4.5 are
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: Node window-control
CVE-2022-25925
RESERVED
CVE-2022-25924
RESERVED
CVE-2022-25923 (Versions of the package exec-local-bin before 1.2.0 are
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: Node exec-local-bin
CVE-2022-25921 (All versions of package morgan-json are vulnerable to
Arbitrary Code E ...)
NOT-FOR-US: Node morgan-json
CVE-2022-25919
@@ -77934,7 +77934,7 @@ CVE-2022-25919
CVE-2022-25918 (The package shescape from 1.5.10 and before 1.6.1 are
vulnerable to Re ...)
NOT-FOR-US: shescape
CVE-2022-25916 (Versions of the package mt7688-wiscan before 0.8.3 are
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: Node mt7688-wiscan
CVE-2022-25914 (The package com.google.cloud.tools:jib-core before 0.22.0 are
vulnerab ...)
NOT-FOR-US: com.google.cloud.tools:jib-core
CVE-2022-25913
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fadbaff613ba1368d46c0540014e489d9f356ae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fadbaff613ba1368d46c0540014e489d9f356ae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
