Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
be1c96bf by Salvatore Bonaccorso at 2023-05-12T22:34:33+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2023-32306 (Time Tracker is an open source time tracking system. A
time-based blin ...)
- TODO: check
+ NOT-FOR-US: Time Tracker
CVE-2023-32305 (aiven-extras is a PostgreSQL extension. Versions prior to
1.1.9 contai ...)
TODO: check
CVE-2023-32081 (Vert.x STOMP is a vert.x implementation of the STOMP
specification tha ...)
- TODO: check
+ NOT-FOR-US: Vert.x STOMP
CVE-2023-32073 (WWBN AVideo is an open source video platform. In versions 12.4
and pri ...)
TODO: check
CVE-2023-31985 (A Command Injection vulnerability in Edimax Wireless Router
N300 Firmw ...)
- TODO: check
+ NOT-FOR-US: Edimax Wireless Router N300 Firmware BR-6428NS_v4
CVE-2023-31983 (A Command Injection vulnerability in Edimax Wireless Router
N300 Firmw ...)
- TODO: check
+ NOT-FOR-US: Edimax Wireless Router N300 Firmware BR-6428NS_v4
CVE-2023-31922 (QuickJS commit 2788d71 was discovered to contain a
stack-overflow via ...)
- TODO: check
+ NOT-FOR-US: QuickJS
CVE-2023-31921 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an
Assertio ...)
TODO: check
CVE-2023-31920 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an
Assertio ...)
@@ -27,19 +27,19 @@ CVE-2023-31914 (Jerryscript 3.0 (commit 05dbbd1) was
discovered to contain out-o
CVE-2023-31913 (Jerryscript 3.0 *commit 1a2c047) was discovered to contain an
Assertio ...)
TODO: check
CVE-2023-2682 (A vulnerability was found in Caton Live up to 2023-04-26 and
classifie ...)
- TODO: check
+ NOT-FOR-US: Caton Live
CVE-2023-2678 (A vulnerability has been found in SourceCodester File Tracker
Manager ...)
- TODO: check
+ NOT-FOR-US: SourceCodester File Tracker Manager System
CVE-2023-2677 (A vulnerability, which was classified as critical, was found in
Source ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Covid-19 Contact Tracing System
CVE-2023-2676 (A vulnerability, which was classified as critical, has been
found in H ...)
- TODO: check
+ NOT-FOR-US: H3C
CVE-2023-2675 (Improper Restriction of Excessive Authentication Attempts in
GitHub re ...)
TODO: check
CVE-2023-2672 (A vulnerability classified as critical has been found in
SourceCodeste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Lost and Found Information System
CVE-2023-2671 (A vulnerability was found in SourceCodester Lost and Found
Information ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Lost and Found Information System
CVE-2023-2515 (Mattermost fails to restrict a user with permissions to edit
other use ...)
TODO: check
CVE-2023-2514 (Mattermost Sever fails to redact the DB username and password
before e ...)
@@ -1097,9 +1097,9 @@ CVE-2023-31204
CVE-2023-31200
RESERVED
CVE-2023-31199 (Improper access control in the Intel(R) Solid State Drive
Toolbox(TM) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-31197 (Uncontrolled search path in the Intel(R) Trace Analyzer and
Collector ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-31187
RESERVED
CVE-2023-31186
@@ -1233,13 +1233,13 @@ CVE-2023-31124
CVE-2023-31123 (`effectindex/tripreporter` is a community-powered, universal
platform ...)
NOT-FOR-US: effectindex/tripreporter
CVE-2023-30768 (Improper access control in the Intel(R) Server Board S2600WTT
belongin ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-30763 (Heap-based overflow in Intel(R) SoC Watch based software
before versio ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-29502
RESERVED
CVE-2023-29242 (Improper access control for Intel(R) oneAPI Toolkits before
version 20 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-29168
RESERVED
CVE-2023-29152
@@ -3974,9 +3974,9 @@ CVE-2023-30249
CVE-2023-30248
RESERVED
CVE-2023-30247 (File Upload vulnerability found in Oretnom23 Storage Unit
Rental Manag ...)
- TODO: check
+ NOT-FOR-US: Oretnom23 Storage Unit Rental Management System
CVE-2023-30246 (SQL injection vulnerability found in Judging Management System
v.1.0 a ...)
- TODO: check
+ NOT-FOR-US: Judging Management System
CVE-2023-30245
RESERVED
CVE-2023-30244
@@ -4208,7 +4208,7 @@ CVE-2023-30132
CVE-2023-30131
RESERVED
CVE-2023-30130 (An issue found in CraftCMS v.3.8.1 allows a remote attacker to
execute ...)
- TODO: check
+ NOT-FOR-US: CraftCMS
CVE-2023-30129
RESERVED
CVE-2023-30128
@@ -4509,7 +4509,7 @@ CVE-2023-29985
CVE-2023-29984
RESERVED
CVE-2023-29983 (Cross Site Scripting vulnerability found in Maximilian Vogt
cmaps v.8. ...)
- TODO: check
+ NOT-FOR-US: Maximilian Vogt cmaps
CVE-2023-29982
RESERVED
CVE-2023-29981
@@ -4873,11 +4873,11 @@ CVE-2023-29822
CVE-2023-29821
RESERVED
CVE-2023-29820 (An issue found in Webroot SecureAnywhere Endpoint Protection
CE 23.1 v ...)
- TODO: check
+ NOT-FOR-US: Webroot SecureAnywhere Endpoint Protection
CVE-2023-29819 (An issue found in Webroot SecureAnywhere Endpoint Protection
CE 23.1 v ...)
- TODO: check
+ NOT-FOR-US: Webroot SecureAnywhere Endpoint Protection
CVE-2023-29818 (An issue found in Webroot SecureAnywhere Endpoint Protection
CE 23.1 v ...)
- TODO: check
+ NOT-FOR-US: Webroot SecureAnywhere Endpoint Protection
CVE-2023-29817
RESERVED
CVE-2023-29816
@@ -5786,7 +5786,7 @@ CVE-2023-1936
CVE-2023-1935
RESERVED
CVE-2023-1934 (The PnPSCADA system, a product of SDG Technologies CC, is
afflicted by ...)
- TODO: check
+ NOT-FOR-US: PnPSCADA
CVE-2023-1933
RESERVED
CVE-2023-1932
@@ -9419,7 +9419,7 @@ CVE-2023-28416
CVE-2023-28415
RESERVED
CVE-2023-28414 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Apex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28413
RESERVED
CVE-2023-28409
@@ -11558,7 +11558,7 @@ CVE-2023-27825
CVE-2023-27824
RESERVED
CVE-2023-27823 (An authentication bypass in Optoma 1080PSTX C02 allows an
attacker to ...)
- TODO: check
+ NOT-FOR-US: Optoma 1080PSTX C02
CVE-2023-27822
RESERVED
CVE-2023-27821 (Databasir v1.0.7 was discovered to contain a remote code
execution (RC ...)
@@ -13238,9 +13238,9 @@ CVE-2023-27240 (Tenda AX3 V16.03.12.11 was discovered
to contain a command injec
CVE-2023-27239 (Tenda AX3 V16.03.12.11 was discovered to contain a stack
overflow via ...)
NOT-FOR-US: Tenda
CVE-2023-27238 (LavaLite CMS v 9.0.0 was discovered to be vulnerable to web
cache pois ...)
- TODO: check
+ NOT-FOR-US: LavaLite CMS
CVE-2023-27237 (LavaLite CMS v 9.0.0 was discovered to be vulnerable to a host
header ...)
- TODO: check
+ NOT-FOR-US: LavaLite CMS
CVE-2023-27236
RESERVED
CVE-2023-27235 (An arbitrary file upload vulnerability in the
\admin\c\CommonControlle ...)
@@ -16470,7 +16470,7 @@ CVE-2023-25960
CVE-2023-25959
RESERVED
CVE-2023-25958 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Just ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25957 (A vulnerability has been identified in Mendix SAML (Mendix 7
compatibl ...)
NOT-FOR-US: Siemens
CVE-2023-25956 (Generation of Error Message Containing Sensitive Information
vulnerabi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be1c96bfb2f3e31be5f7b6cb6957014952e231b1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be1c96bfb2f3e31be5f7b6cb6957014952e231b1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
