Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
39305abf by Salvatore Bonaccorso at 2023-05-13T11:03:45+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -40,7 +40,7 @@ CVE-2023-2677 (A vulnerability, which was classified as
critical, was found in S
CVE-2023-2676 (A vulnerability, which was classified as critical, has been
found in H ...)
NOT-FOR-US: H3C
CVE-2023-2675 (Improper Restriction of Excessive Authentication Attempts in
GitHub re ...)
- TODO: check
+ NOT-FOR-US: linagora twake
CVE-2023-2672 (A vulnerability classified as critical has been found in
SourceCodeste ...)
NOT-FOR-US: SourceCodester Lost and Found Information System
CVE-2023-2671 (A vulnerability was found in SourceCodester Lost and Found
Information ...)
@@ -12970,7 +12970,7 @@ CVE-2023-1098 (An information disclosure vulnerability
has been discovered in Gi
CVE-2023-1097 (Baicells EG7035-M11 devices with firmware through
BCE-ODU-1.0.8 are v ...)
NOT-FOR-US: Baicells EG7035-M11 devices
CVE-2023-1096 (SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1
are susc ...)
- TODO: check
+ NOT-FOR-US: SnapCenter (NetAPP)
CVE-2023-1095 (In nf_tables_updtable, if nf_tables_table_enable returns an
error, nft ...)
- linux 5.19.6-1
[bullseye] - linux 5.10.140-1
@@ -16649,23 +16649,23 @@ CVE-2023-0861 (NetModule NSRW web administration
interface executes an OS comman
CVE-2023-0860 (Improper Restriction of Excessive Authentication Attempts in
GitHub re ...)
NOT-FOR-US: Modoboa
CVE-2023-0859 (Arbitrary Files can be installed in the Setting Data Import
function o ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0858 (Improper Authentication of RemoteUI of Office / Small Office
Multifunc ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0857 (Unintentional change of settings during initial registration of
system ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0856 (Buffer overflow in IPP sides attribute process of Office /
Small Offic ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0855 (Buffer overflow in IPP number-up attribute process of Office /
Small O ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0854 (Buffer overflow in NetBIOS QNAME registering and communication
process ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0853 (Buffer overflow in mDNS NSEC record registering process of
Office / Sm ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0852 (Buffer overflow in the Address Book of Mobile Device function
of Offic ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0851 (Buffer overflow in CPCA Resource Download process of Office /
Small Of ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2022-48327 (Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos
4.39.0 al ...)
NOT-FOR-US: Mapos
CVE-2022-48326 (Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos
4.39.0 al ...)
@@ -18281,7 +18281,7 @@ CVE-2023-25462
CVE-2023-25461 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in nami ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25460 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Code ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2023-25459
RESERVED
CVE-2023-25458 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in GMO ...)
@@ -18345,7 +18345,7 @@ CVE-2023-25430
CVE-2023-25429
RESERVED
CVE-2023-25428 (A DLL Hijacking issue discovered in Soft-o Free Password
Manager 1.1.2 ...)
- TODO: check
+ NOT-FOR-US: Soft-o Free Password Manager
CVE-2023-25427
RESERVED
CVE-2023-25426
@@ -18599,7 +18599,7 @@ CVE-2023-25311
CVE-2023-25310
RESERVED
CVE-2023-25309 (Cross Site Scripting (XSS) Vulnerability in Fetlife rollout-ui
version ...)
- TODO: check
+ NOT-FOR-US: Fetlife rollout-ui
CVE-2023-25308
RESERVED
CVE-2023-25307
@@ -19389,15 +19389,15 @@ CVE-2023-25011 (PC settings tool Ver10.1.26.0 and
earlier, PC settings tool Ver1
CVE-2023-25010 (A malicious actor may convince a victim to open a malicious
USD file t ...)
NOT-FOR-US: Autodesk
CVE-2023-25009 (A malicious actor may convince a user to open a malicious USD
file tha ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25008 (A malicious actor may convince a user to open a malicious USD
file tha ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25007 (A malicious actor may convince a user to open a malicious USD
file tha ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25006 (A malicious actor may convince a user to open a malicious USD
file tha ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25005 (A maliciously crafted DLL file can be forced to read beyond
allocated ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25004
RESERVED
CVE-2023-25003
@@ -22643,7 +22643,7 @@ CVE-2023-23869
CVE-2023-23868
RESERVED
CVE-2023-23867 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23866 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23865 (Cross-Site Request Forgery (CSRF) vulnerability in Checkout
Plugins St ...)
@@ -22815,7 +22815,7 @@ CVE-2023-23812 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-23811
RESERVED
CVE-2023-23810 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Snap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23809 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mori ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23808 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Serg ...)
@@ -24756,7 +24756,7 @@ CVE-2023-23171
CVE-2023-23170
RESERVED
CVE-2023-23169 (Synapsoft pdfocus 1.17 is vulnerable to local file inclusion
and serve ...)
- TODO: check
+ NOT-FOR-US: Synapsoft pdfocus
CVE-2023-23168
RESERVED
CVE-2023-23167
@@ -26642,7 +26642,7 @@ CVE-2023-22687 (Insecure Storage of Sensitive
Information vulnerability in Jose
CVE-2023-22686 (Cross-Site Request Forgery (CSRF) vulnerability in TriniTronic
Nice Pa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22685 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Tips ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22684
RESERVED
CVE-2023-22683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Them ...)
@@ -29220,9 +29220,9 @@ CVE-2022-47882
CVE-2022-47881 (Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has
an Out-of ...)
NOT-FOR-US: Foxit
CVE-2022-47880 (An Information disclosure vulnerability in /be/rpc.php in
Jedox GmbH J ...)
- TODO: check
+ NOT-FOR-US: Jedox
CVE-2022-47879 (A Remote Code Execution (RCE) vulnerability in /be/rpc.php in
Jedox 20 ...)
- TODO: check
+ NOT-FOR-US: Jedox
CVE-2022-47878 (Incorrect input validation for the default-storage-path in the
setting ...)
NOT-FOR-US: Jedox
CVE-2022-47877 (A Stored cross-site scripting vulnerability in Jedox 2020.2.5
allows r ...)
@@ -41242,13 +41242,13 @@ CVE-2023-20882
CVE-2023-20881
RESERVED
CVE-2023-20880 (VMware Aria Operations contains a privilege escalation
vulnerability. ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20879 (VMware Aria Operations contains a Local privilege escalation
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20878 (VMware Aria Operations contains a deserialization
vulnerability. A mal ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20877 (VMware Aria Operations contains a privilege escalation
vulnerability. ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20876
RESERVED
CVE-2023-20875
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39305abfa20944df1bd0d5c5f679f59a1809475b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39305abfa20944df1bd0d5c5f679f59a1809475b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
