Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4bf9428e by Moritz Muehlenhoff at 2023-03-15T12:53:04+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -53,11 +53,11 @@ CVE-2023-28345
CVE-2023-28344
RESERVED
CVE-2023-28343 (OS command injection affects Altenergy Power Control Software
C1.2.5 v ...)
- TODO: check
+ NOT-FOR-US: Altenergy Power Control Software
CVE-2023-1408
RESERVED
CVE-2023-1407 (A vulnerability classified as critical was found in
SourceCodester Stu ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2023-1406
RESERVED
CVE-2022-48420
@@ -1117,7 +1117,7 @@ CVE-2023-1329
CVE-2023-1328 (A vulnerability was found in Guizhou 115cms 4.2. It has been
classifie ...)
NOT-FOR-US: Guizhou 115cms
CVE-2023-1327 (Netgear RAX30 (AX2400), prior to version 1.0.6.74, was affected
by an ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2023-1326
RESERVED
CVE-2023-1325
@@ -1199,7 +1199,7 @@ CVE-2023-28007
CVE-2023-28006
RESERVED
CVE-2023-28005 (A vulnerability in Trend Micro Endpoint Encryption Full Disk
Encryptio ...)
- TODO: check
+ NOT-FOR-US: Trend Micro
CVE-2023-1307 (Authentication Bypass by Primary Weakness in GitHub repository
froxlor ...)
- froxlor <itp> (bug #581792)
CVE-2023-1306
@@ -2048,7 +2048,7 @@ CVE-2023-27759
CVE-2023-27758
RESERVED
CVE-2023-27757 (An arbitrary file upload vulnerability in the
/admin/user/uploadImg co ...)
- TODO: check
+ NOT-FOR-US: PerfreeBlog
CVE-2023-27756
RESERVED
CVE-2023-27755
@@ -2437,7 +2437,7 @@ CVE-2023-27590 (Rizin is a UNIX-like reverse engineering
framework and command-l
CVE-2023-27589 (Minio is a Multi-Cloud Object Storage framework. Starting with
RELEASE ...)
TODO: check
CVE-2023-27588 (Hasura is an open-source product that provides users GraphQL
or REST A ...)
- TODO: check
+ NOT-FOR-US: Hasura
CVE-2023-27587 (ReadtoMyShoe, a web app that lets users upload articles and
listen to ...)
NOT-FOR-US: ReadtoMyShoe
CVE-2023-27586
@@ -3503,9 +3503,9 @@ CVE-2023-27242
CVE-2023-27241
RESERVED
CVE-2023-27240 (Tenda AX3 V16.03.12.11 was discovered to contain a command
injection v ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-27239 (Tenda AX3 V16.03.12.11 was discovered to contain a stack
overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-27238
RESERVED
CVE-2023-27237
@@ -3513,9 +3513,9 @@ CVE-2023-27237
CVE-2023-27236
RESERVED
CVE-2023-27235 (An arbitrary file upload vulnerability in the
\admin\c\CommonControlle ...)
- TODO: check
+ NOT-FOR-US: Jizhicms
CVE-2023-27234 (A Cross-Site Request Forgery (CSRF) in /Sys/index.html of
Jizhicms v2. ...)
- TODO: check
+ NOT-FOR-US: Jizhicms
CVE-2023-27233
RESERVED
CVE-2023-27232
@@ -3856,9 +3856,9 @@ CVE-2023-27072
CVE-2023-27071
RESERVED
CVE-2023-27070 (A stored cross-site scripting (XSS) vulnerability in TotalJS
OpenPlatf ...)
- TODO: check
+ NOT-FOR-US: TotalJS OpenPlatform
CVE-2023-27069 (A stored cross-site scripting (XSS) vulnerability in TotalJS
OpenPlatf ...)
- TODO: check
+ NOT-FOR-US: TotalJS OpenPlatform
CVE-2023-27068
RESERVED
CVE-2023-27067
@@ -5125,7 +5125,7 @@ CVE-2023-0998 (A vulnerability classified as critical has
been found in SourceCo
CVE-2023-0997 (A vulnerability was found in SourceCodester Moosikay E-Commerce
System ...)
NOT-FOR-US: SourceCodester Moosikay E-Commerce System
CVE-2023-26511 (A Hard Coded Admin Credentials issue in the Web-UI Admin Panel
in Prop ...)
- TODO: check
+ NOT-FOR-US: Propius MachineSelector
CVE-2023-26510 (Ghost 5.35.0 allows authorization bypass: contributors can
view draft ...)
NOT-FOR-US: Ghost CMS
CVE-2023-26509
@@ -7481,6 +7481,7 @@ CVE-2023-25696 (Improper Input Validation vulnerability
in the Apache Airflow Hi
NOT-FOR-US: Apache Airflow Hive Provider
CVE-2023-25695
RESERVED
+ - airflow <itp> (bug #819700)
CVE-2023-25694
REJECTED
CVE-2023-25693 (Improper Input Validation vulnerability in the Apache Airflow
Sqoop Pr ...)
@@ -46694,11 +46695,11 @@ CVE-2022-39218 (The JS Compute Runtime for Fastly's
Compute@Edge platform provid
CVE-2022-39217 (some-natalie/ghas-to-csv (GitHub Advanced Security to CSV) is
a GitHub ...)
NOT-FOR-US: GitHub Advanced Security to CSV
CVE-2022-39216 (Combodo iTop is an open source, web-based IT service
management platfo ...)
- TODO: check
+ NOT-FOR-US: Combodo
CVE-2022-39215 (Tauri is a framework for building binaries for all major
desktop platf ...)
NOT-FOR-US: Tauri
CVE-2022-39214 (Combodo iTop is an open source, web-based IT service
management platfo ...)
- TODO: check
+ NOT-FOR-US: Combodo
CVE-2022-39213 (go-cvss is a Go module to manipulate Common Vulnerability
Scoring Syst ...)
NOT-FOR-US: go-cvss
CVE-2022-39212 (Nextcloud Talk is an open source chat, video & audio calls
client ...)
@@ -91954,9 +91955,9 @@ CVE-2021-46402
CVE-2022-23792
RESERVED
CVE-2022-23791 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Firmanet Software and Technology Customer Relation Manager
CVE-2022-23790 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Firmanet Software and Technology Customer Relation Manager
CVE-2022-23789
RESERVED
CVE-2022-23788
@@ -97718,7 +97719,7 @@ CVE-2021-45926 (MDB Tools (aka mdbtools) 0.9.2 has a
stack-based buffer overflow
CVE-2021-4196
RESERVED
CVE-2021-4195 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Firmanet Software and Technology Customer Relation Manager
CVE-2022-22292 (Unprotected dynamic receiver in Telecom prior to SMR Feb-2022
Release ...)
NOT-FOR-US: Samsung
CVE-2022-22291 (Logging of excessive data vulnerability in telephony prior to
SMR Feb- ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bf9428ebd79ec0252f5ccddfc49fd2b2fedd63d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bf9428ebd79ec0252f5ccddfc49fd2b2fedd63d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
