Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6fa5b6b4 by Salvatore Bonaccorso at 2023-03-06T21:21:16+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2023-1205
CVE-2023-1204
RESERVED
CVE-2023-1203 (Improper removal of sensitive data in the entry edit feature of
Hub Bu ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2023-1202
RESERVED
CVE-2023-1201
@@ -39,7 +39,7 @@ CVE-2023-1191 (A vulnerability classified as problematic has
been found in fastc
CVE-2023-1190 (A vulnerability was found in xiaozhuai imageinfo up to 3.0.3.
It has b ...)
TODO: check
CVE-2023-1189 (A vulnerability was found in WiseCleaner Wise Folder Hider
4.4.3.202. ...)
- TODO: check
+ NOT-FOR-US: WiseCleaner Wise Folder Hider
CVE-2023-1188 (A vulnerability was found in FabulaTech Webcam for Remote
Desktop 2.8. ...)
TODO: check
CVE-2023-1187 (A vulnerability was found in FabulaTech Webcam for Remote
Desktop 2.8. ...)
@@ -47,7 +47,7 @@ CVE-2023-1187 (A vulnerability was found in FabulaTech Webcam
for Remote Desktop
CVE-2023-1186 (A vulnerability has been found in FabulaTech Webcam for Remote
Desktop ...)
TODO: check
CVE-2023-1185 (A vulnerability, which was classified as problematic, was found
in ECs ...)
- TODO: check
+ NOT-FOR-US: ECshop
CVE-2020-36666
RESERVED
CVE-2023-XXXX [Transaction cache overrides the current user]
@@ -581,7 +581,7 @@ CVE-2023-1175 (Incorrect Calculation of Buffer Size in
GitHub repository vim/vim
NOTE: https://huntr.dev/bounties/7e93fc17-92eb-4ae7-b01a-93bb460b643e
NOTE:
https://github.com/vim/vim/commit/c99cbf8f289bdda5d4a77d7ec415850a520330ba
(v9.0.1378)
CVE-2022-4930 (A vulnerability classified as problematic was found in nuxsmin
sysPass ...)
- TODO: check
+ NOT-FOR-US: nuxsmin sysPass
CVE-2017-20181
RESERVED
CVE-2017-20180 (A vulnerability classified as critical has been found in
Zerocoin libz ...)
@@ -589,7 +589,7 @@ CVE-2017-20180 (A vulnerability classified as critical has
been found in Zerocoi
CVE-2015-10095
RESERVED
CVE-2015-10094 (A vulnerability was found in Fastly Plugin up to 0.97. It has
been rat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2015-10093 (A vulnerability was found in Mark User as Spammer Plugin
1.0.0/1.0.1. ...)
NOT-FOR-US: Mark User as Spammer Plugin
CVE-2015-10092 (A vulnerability was found in Qtranslate Slug Plugin up to
1.1.16. It h ...)
@@ -5269,7 +5269,7 @@ CVE-2023-0841 (A vulnerability, which was classified as
critical, has been found
CVE-2023-0840 (A vulnerability classified as problematic was found in PHPCrazy
1.1.1. ...)
NOT-FOR-US: PHPCrazy
CVE-2023-0839 (Improper Protection for Outbound Error Messages and Alert
Signals vuln ...)
- TODO: check
+ NOT-FOR-US: ProMIS Process Co. InSCADA
CVE-2023-0838
RESERVED
CVE-2023-0837
@@ -15267,7 +15267,7 @@ CVE-2017-20154 (A vulnerability was found in
ghostlander Phoenixcoin. It has bee
CVE-2022-4863 (Improper Handling of Insufficient Permissions or Privileges in
GitHub ...)
NOT-FOR-US: usememos
CVE-2022-4862 (Rendering of HTML provided by another authenticated user is
possible i ...)
- TODO: check
+ NOT-FOR-US: M-Files Web
CVE-2022-4861 (Incorrect implementation in authentication protocol in M-Files
Client ...)
NOT-FOR-US: M-Files
CVE-2022-4860 (A vulnerability was found in KBase Metrics. It has been
classified as ...)
@@ -39606,7 +39606,7 @@ CVE-2022-3286 (Lack of IP address checking in GitLab EE
affecting all versions f
CVE-2022-3285 (Bypass of healthcheck endpoint allow list affecting all
versions from ...)
- gitlab <unfixed>
CVE-2022-3284 (Download key for a file in a vault was passed in an insecure
way that ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2022-3283 (A potential DOS vulnerability was discovered in GitLab CE/EE
affecting ...)
- gitlab <unfixed>
CVE-2022-3282 (The Drag and Drop Multiple File Upload WordPress plugin before
1.3.6.5 ...)
@@ -58778,7 +58778,7 @@ CVE-2022-2180 (The GREYD.SUITE WordPress theme does not
properly validate upload
CVE-2022-2179 (The X-Frame-Options header in Rockwell Automation MicroLogix
1100/1400 ...)
NOT-FOR-US: Rockwell
CVE-2022-2178 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: Saysis Computer Starcities
CVE-2022-2177 (Kayrasoft product before version 2 has an unauthenticated SQL
Injectio ...)
NOT-FOR-US: Kayrasoft
CVE-2022-2176 (This CVE ID has been rejected or withdrawn by its CVE Numbering
Author ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fa5b6b4d35113c420ea8191c83e1d35f6f64d26
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6fa5b6b4d35113c420ea8191c83e1d35f6f64d26
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
