Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0a9fb734 by Salvatore Bonaccorso at 2023-04-03T22:30:40+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -317,9 +317,9 @@ CVE-2023-1768
CVE-2023-1767
RESERVED
CVE-2023-1766 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Akbim Computer Panon
CVE-2023-1765 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Akbim Computer Panon
CVE-2023-29092
RESERVED
CVE-2023-29091
@@ -1161,7 +1161,7 @@ CVE-2023-28852
CVE-2023-28851 (Silverstripe Form Capture provides a method to capture simple
silverst ...)
TODO: check
CVE-2023-28850 (Pimcore Perspective Editor provides an editor for Pimcore that
allows ...)
- TODO: check
+ NOT-FOR-US: Pimcore Perspective Editor
CVE-2023-28849
RESERVED
CVE-2023-28848
@@ -7905,7 +7905,7 @@ CVE-2023-26531
CVE-2023-26530
RESERVED
CVE-2023-26529 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Dupe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26528
RESERVED
CVE-2023-26527
@@ -8477,11 +8477,11 @@ CVE-2023-0979 (Improper Neutralization of Special
Elements used in an SQL Comman
CVE-2023-0978 (A command injection vulnerability in Trellix Intelligent
Sandbox CLI f ...)
NOT-FOR-US: Trellix
CVE-2023-0977 (A heap-based overflow vulnerability in Trellix Agent (Windows
and Linu ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2023-0976
RESERVED
CVE-2023-0975 (A vulnerability exists in Trellix Agent for Windows version
5.7.8 and ...)
- TODO: check
+ NOT-FOR-US: Trellix
CVE-2023-0974
RESERVED
CVE-2023-0973 (STEPTools v18SP1 ifcmesh library (v18.1) is affected due to a
null poi ...)
@@ -21218,11 +21218,11 @@ CVE-2022-4773 (** UNSUPPORTED WHEN ASSIGNED ** A
vulnerability classified as pro
CVE-2022-4772 (A vulnerability was found in Widoco and classified as critical.
Affect ...)
NOT-FOR-US: Widoco
CVE-2022-4771 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-4770 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-4769 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-4768 (A vulnerability was found in Dropbox merou. It has been
classified as ...)
NOT-FOR-US: Dropbox merou
CVE-2022-47318 (ruby-git versions prior to v1.13.0 allows a remote
authenticated attac ...)
@@ -28786,7 +28786,7 @@ CVE-2022-46023
CVE-2022-46022
RESERVED
CVE-2022-46021 (X-Man 1.0 has a SQL injection vulnerability, which can cause
data leak ...)
- TODO: check
+ NOT-FOR-US: X-Man
CVE-2022-46020 (WBCE CMS v1.5.4 can implement getshell by modifying the upload
file ty ...)
NOT-FOR-US: WBCE CMS
CVE-2022-46019
@@ -31338,7 +31338,7 @@ CVE-2022-3962
CVE-2022-3961 (The Directorist WordPress plugin before 7.4.4 does not prevent
users w ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3960 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-45167 (An issue was discovered in Archibus Web Central
2022.03.01.107. A serv ...)
NOT-FOR-US: Archibus Web Central
CVE-2022-45166 (An issue was discovered in Archibus Web Central
2022.03.01.107. A serv ...)
@@ -37370,13 +37370,13 @@ CVE-2022-43943
CVE-2022-43942
REJECTED
CVE-2022-43941 (Hitachi Vantara Pentaho Business Analytics Server versions
before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43940 (Hitachi Vantara Pentaho Business Analytics Server versions
before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43939 (Hitachi Vantara Pentaho Business Analytics Server versions
before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43938 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43937
RESERVED
CVE-2022-43936
@@ -37724,15 +37724,15 @@ CVE-2022-43775 (The HICT_Loop class in Delta
Electronics DIAEnergy v1.9 contains
CVE-2022-43774 (The HandlerPageP_KID class in Delta Electronics DIAEnergy v1.9
contain ...)
NOT-FOR-US: Delta Electronics DIAEnergy
CVE-2022-43773 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43772 (Hitachi Vantara Pentaho Business Analytics Server versions
before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43771 (Hitachi Vantara Pentaho Business Analytics Server versions
before 9.4. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43770
RESERVED
CVE-2022-43769 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 9. ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2022-43768
RESERVED
CVE-2022-43767
@@ -41615,7 +41615,7 @@ CVE-2022-42454 (Insights for Vulnerability Remediation
(IVR) is vulnerable to ma
CVE-2022-42453 (There are insufficient warnings when a Fixlet is imported by a
user. T ...)
NOT-FOR-US: HCL
CVE-2022-42452 (HCL Launch is vulnerable to HTML injection. HTML code is
stored and in ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2022-42451
RESERVED
CVE-2022-42450
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a9fb7340f1867d787a253ba3d974077ebf77e67
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a9fb7340f1867d787a253ba3d974077ebf77e67
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
