Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c7323ee6 by Salvatore Bonaccorso at 2023-03-01T10:46:20+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57,19 +57,19 @@ CVE-2023-1107
CVE-2023-1106
RESERVED
CVE-2023-1105 (External Control of File Name or Path in GitHub repository
flatpressbl ...)
- TODO: check
+ NOT-FOR-US: flatpressblog
CVE-2023-1104 (Cross-site Scripting (XSS) - Stored in GitHub repository
flatpressblog ...)
- TODO: check
+ NOT-FOR-US: flatpressblog
CVE-2023-1103 (Cross-site Scripting (XSS) - Stored in GitHub repository
flatpressblog ...)
- TODO: check
+ NOT-FOR-US: flatpressblog
CVE-2023-1102
RESERVED
CVE-2023-1101
RESERVED
CVE-2023-1100 (A vulnerability classified as critical has been found in
SourceCodeste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Catering Reservation System
CVE-2023-1099 (A vulnerability was found in SourceCodester Online Student
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Online Student Management System
CVE-2023-27371 (GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of
Service) ...)
- libmicrohttpd <unfixed>
NOTE:
https://git.gnunet.org/libmicrohttpd.git/commit/?id=e0754d1638c602382384f1eface30854b1defeec
(v0.9.76)
@@ -1726,7 +1726,7 @@ CVE-2023-26610
CVE-2023-26609 (ABUS TVIP 20000-21150 devices allows remote attackers to
execute arbit ...)
NOT-FOR-US: ABUS TVIP 20000-21150 devices
CVE-2023-26608 (SOLDR (System of Orchestration, Lifecycle control, Detection
and Respo ...)
- TODO: check
+ NOT-FOR-US: SOLDR (System of Orchestration, Lifecycle control,
Detection and Response)
CVE-2023-26607 (In the Linux kernel 6.0.8, there is an out-of-bounds read in
ntfs_attr ...)
- linux 4.19.37-1
NOTE: https://lkml.org/lkml/2023/2/21/1353
@@ -27164,7 +27164,7 @@ CVE-2023-20935
CVE-2023-20934 (In resolveAttributionSource of ServiceUtilities.cpp, there is
a possib ...)
NOT-FOR-US: Android
CVE-2023-20933 (In several functions of MediaCodec.cpp, there is a possible
way to cor ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-20932 (In onCreatePreferences of EditInfoFragment.java, there is a
possible w ...)
NOT-FOR-US: Android
CVE-2023-20931
@@ -27657,7 +27657,7 @@ CVE-2023-20859
CVE-2023-20858 (VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x
prior to 8 ...)
NOT-FOR-US: VMware
CVE-2023-20857 (VMware Workspace ONE Content contains a passcode bypass
vulnerability. ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20856 (VMware vRealize Operations (vROps) contains a CSRF bypass
vulnerabilit ...)
NOT-FOR-US: VMware
CVE-2023-20855 (VMware vRealize Orchestrator contains an XML External Entity
(XXE) vul ...)
@@ -46578,7 +46578,7 @@ CVE-2022-38222 (There is a use-after-free issue in
JBIG2Stream::close() located
CVE-2022-38221 (A buffer overflow in the FTcpListener thread in The Isle
Evrima (the d ...)
NOT-FOR-US: The Isle Evrima
CVE-2022-38220 (An XSS vulnerability exists within Quest KACE Systems
Management Appli ...)
- TODO: check
+ NOT-FOR-US: Quest KACE Systems Management Appliance (SMA)
CVE-2022-38219
RESERVED
CVE-2022-38218
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7323ee6ab19c350913a5bac116f98cd41d15f79
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7323ee6ab19c350913a5bac116f98cd41d15f79
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
