Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dfe66ac3 by Salvatore Bonaccorso at 2023-04-21T13:45:20+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,9 +29,9 @@ CVE-2023-2207
CVE-2023-2206
RESERVED
CVE-2023-2205 (A vulnerability was found in Campcodes Retro Basketball Shoes
Online S ...)
- TODO: check
+ NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store
CVE-2023-2204 (A vulnerability was found in Campcodes Retro Basketball Shoes
Online S ...)
- TODO: check
+ NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store
CVE-2023-2203
RESERVED
CVE-2023-2202 (Improper Access Control in GitHub repository
francoisjacquet/rosariosi ...)
@@ -454,7 +454,7 @@ CVE-2023-2133 (Out of bounds memory access in Service
Worker API in Google Chrom
CVE-2023-2132
RESERVED
CVE-2023-2131 (Versions of INEA ME RTU firmware prior to 3.36 are vulnerable
to OS co ...)
- TODO: check
+ NOT-FOR-US: INEA ME RTU firmware
CVE-2023-2130 (A vulnerability classified as critical has been found in
SourceCodeste ...)
NOT-FOR-US: SourceCodester Purchase Order Management System
CVE-2023-30792
@@ -10763,13 +10763,13 @@ CVE-2023-27357
CVE-2023-27356
RESERVED
CVE-2023-27355 (This vulnerability allows network-adjacent attackers to
execute arbitr ...)
- TODO: check
+ NOT-FOR-US: Sonos One Speaker
CVE-2023-27354 (This vulnerability allows network-adjacent attackers to
disclose sensi ...)
- TODO: check
+ NOT-FOR-US: Sonos One Speaker
CVE-2023-27353 (This vulnerability allows network-adjacent attackers to
disclose sensi ...)
- TODO: check
+ NOT-FOR-US: Sonos One Speaker
CVE-2023-27352 (This vulnerability allows network-adjacent attackers to
execute arbitr ...)
- TODO: check
+ NOT-FOR-US: Sonos One Speaker
CVE-2023-27351 (This vulnerability allows remote attackers to bypass
authentication on ...)
NOT-FOR-US: PaperCut
CVE-2023-27350 (This vulnerability allows remote attackers to bypass
authentication on ...)
@@ -11446,7 +11446,7 @@ CVE-2023-27092 (Cross Site Scripting vulnerability
found in Jbootfly allows atta
CVE-2023-27091 (An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3
allows a ...)
NOT-FOR-US: XiaoBingby TeaCMS
CVE-2023-27090 (Cross Site Scripting vulnerability found in TeaCMS storage
allows atta ...)
- TODO: check
+ NOT-FOR-US: TeaCMS
CVE-2023-27089 (Cross Site Scripting vulnerability found in Ehuacui BBS allows
attacke ...)
NOT-FOR-US: Ehuacui
CVE-2023-27088 (feiqu-opensource Background Vertical authorization
vulnerability exist ...)
@@ -39015,9 +39015,9 @@ CVE-2023-20867
CVE-2023-20866 (In Spring Session version 3.0.0, the session id can be logged
to the s ...)
NOT-FOR-US: Spring Session
CVE-2023-20865 (VMware Aria Operations for Logs contains a command injection
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20864 (VMware Aria Operations for Logs contains a deserialization
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20863 (In spring framework versions prior to 5.2.24 release+ ,5.3.27+
and 6.0 ...)
- libspring-java <unfixed> (unimportant)
NOTE: https://spring.io/security/cve-2023-20863
@@ -135981,7 +135981,7 @@ CVE-2021-36438
CVE-2021-36437
RESERVED
CVE-2021-36436 (An issue in Mobicint Backend for Credit Unions v3 allows
attackers to ...)
- TODO: check
+ NOT-FOR-US: Mobicint Backend for Credit Unions
CVE-2021-36435
RESERVED
CVE-2021-36434 (SQL injection vulnerability in jocms 0.8 allows remote
attackers to ru ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfe66ac380bdd5df6f22123a60c61853e816e305
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfe66ac380bdd5df6f22123a60c61853e816e305
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
