Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6364c44f by Salvatore Bonaccorso at 2023-03-07T14:44:47+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -741,7 +741,7 @@ CVE-2022-4930 (A vulnerability classified as problematic
was found in nuxsmin sy
CVE-2017-20181 (A vulnerability classified as critical was found in hgzojer
Vocable Tr ...)
NOT-FOR-US: hgzojer Vocable Trainer
CVE-2017-20180 (A vulnerability classified as critical has been found in
Zerocoin libz ...)
- TODO: check
+ NOT-FOR-US: Zerocoin libzerocoin
CVE-2015-10095 (A vulnerability classified as problematic has been found in
woo-popup ...)
NOT-FOR-US: WordPress plugin
CVE-2015-10094 (A vulnerability was found in Fastly Plugin up to 0.97. It has
been rat ...)
@@ -1141,7 +1141,7 @@ CVE-2023-27474 (Directus is a real-time API and App
dashboard for managing SQL d
CVE-2023-27473
RESERVED
CVE-2023-27472 (quickentity-editor-next is an open source, system local, video
game as ...)
- TODO: check
+ NOT-FOR-US: quickentity-editor-next
CVE-2023-27471
RESERVED
CVE-2023-27470
@@ -2415,7 +2415,7 @@ CVE-2023-26951
CVE-2023-26950
RESERVED
CVE-2023-26949 (An arbitrary file upload vulnerability in the component
/admin1/config ...)
- TODO: check
+ NOT-FOR-US: onekeyadmin
CVE-2023-26948
RESERVED
CVE-2023-26947
@@ -3122,9 +3122,9 @@ CVE-2022-48363 (In MPD before 0.23.8, as used on
Automotive Grade Linux and othe
CVE-2023-26602 (ASUS ASMB8 iKVM firmware through 1.14.51 allows remote
attackers to ex ...)
NOT-FOR-US: ASUS ASMB8 iKVM firmware
CVE-2023-26601 (Zoho ManageEngine ServiceDesk Plus through 14104, Asset
Explorer throu ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2023-26600 (ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus
MSP thro ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2023-26599
RESERVED
CVE-2023-26598
@@ -7372,7 +7372,7 @@ CVE-2023-25171 (Kiwi TCMS, an open source test management
system, does not impos
CVE-2023-25170
RESERVED
CVE-2023-25169 (discourse-yearly-review is a discourse plugin which publishes
an autom ...)
- TODO: check
+ NOT-FOR-US: Discourse plugin
CVE-2023-25168 (Wings is Pterodactyl's server control plane. This
vulnerability can be ...)
NOT-FOR-US: Wings
CVE-2023-25167 (Discourse is an open source discussion platform. In affected
versions ...)
@@ -8419,7 +8419,7 @@ CVE-2023-24778
CVE-2023-24777
RESERVED
CVE-2023-24776 (Funadmin v3.2.0 was discovered to contain a remote code
execution (RCE ...)
- TODO: check
+ NOT-FOR-US: Funadmin
CVE-2023-24775
RESERVED
CVE-2023-24774
@@ -8445,7 +8445,7 @@ CVE-2023-24765
CVE-2023-24764
RESERVED
CVE-2023-24763 (In the module "Xen Forum" (xenforum) for PrestaShop, an
authenticated ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2023-24762
RESERVED
CVE-2023-24761
@@ -8518,15 +8518,15 @@ CVE-2023-24739
CVE-2023-24738
RESERVED
CVE-2023-24737 (PMB v7.4.6 was discovered to contain a reflected cross-site
scripting ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24736 (PMB v7.4.6 was discovered to contain a remote code execution
(RCE) vul ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24735 (PMB v7.4.6 was discovered to contain an open redirect
vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24734 (An arbitrary file upload vulnerability in the
camera_upload.php compon ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24733 (PMB v7.4.6 was discovered to contain a reflected cross-site
scripting ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24732
RESERVED
CVE-2023-24731
@@ -9994,7 +9994,7 @@ CVE-2023-24219 (LuckyframeWEB v3.5 was discovered to
contain a SQL injection vul
CVE-2023-24218
RESERVED
CVE-2023-24217 (AgileBio Electronic Lab Notebook v4.234 was discovered to
contain a lo ...)
- TODO: check
+ NOT-FOR-US: AgileBio Electronic Lab Notebook
CVE-2023-24216
RESERVED
CVE-2023-24215
@@ -14701,7 +14701,7 @@ CVE-2023-22666
CVE-2023-0094
RESERVED
CVE-2023-0093 (Okta Advanced Server Access Client versions 1.13.1 through
1.65.0 are ...)
- TODO: check
+ NOT-FOR-US: Okta Advanced Server Access Client
CVE-2023-0092
RESERVED
CVE-2023-0090
@@ -15533,7 +15533,7 @@ CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a
CommonMark parsing and re
CVE-2023-22482 (Argo CD is a declarative, GitOps continuous delivery tool for
Kubernet ...)
NOT-FOR-US: Argo CD
CVE-2023-22481 (FreshRSS is a self-hosted RSS feed aggregator. When using the
greader ...)
- TODO: check
+ NOT-FOR-US: FreshRSS
CVE-2023-22480 (KubeOperator is an open source Kubernetes distribution focused
on help ...)
NOT-FOR-US: KubeOperator
CVE-2023-22479 (KubePi is a modern Kubernetes panel. A session fixation attack
allows ...)
@@ -37365,7 +37365,7 @@ CVE-2022-42250 (Simple Cold Storage Management System
v1.0 is vulnerable to SQL
CVE-2022-42249 (Simple Cold Storage Management System v1.0 is vulnerable to
SQL inject ...)
NOT-FOR-US: Simple Cold Storage Management System
CVE-2022-42248 (QlikView 12.60.2 was discovered to contain a stored cross-site
scripti ...)
- TODO: check
+ NOT-FOR-US: QlikView
CVE-2022-42247 (pfSense v2.5.2 was discovered to contain a cross-site
scripting (XSS) ...)
NOT-FOR-US: pfSense
CVE-2022-42246 (Doufox 0.0.4 contains a CSRF vulnerability that can add system
adminis ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6364c44f5e8084baf0d621c904ca0235a1e6796e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6364c44f5e8084baf0d621c904ca0235a1e6796e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
