Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
201b041b by Salvatore Bonaccorso at 2023-05-18T06:54:34+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2023-32767 (The web interface of Symcon IP-Symcon before 6.3 (i.e., before
2023-05 ...)
- TODO: check
+ NOT-FOR-US: Symcon
CVE-2023-31904 (savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local
File In ...)
NOT-FOR-US: savysoda Wifi HD Wireless Disk Drive
CVE-2023-31903 (GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload
which allo ...)
@@ -29,11 +29,11 @@ CVE-2023-31698 (Bludit v3.14.1 is vulnerable to Stored
Cross Site Scripting (XSS
CVE-2023-2776 (A vulnerability was found in code-projects Simple Photo Gallery
1.0. I ...)
NOT-FOR-US: code-projects Simple Photo Gallery
CVE-2023-2775 (A vulnerability was found in code-projects Bus Dispatch and
Informatio ...)
- TODO: check
+ NOT-FOR-US: code-projects Bus Dispatch and Information System
CVE-2023-2774 (A vulnerability was found in code-projects Bus Dispatch and
Informatio ...)
- TODO: check
+ NOT-FOR-US: code-projects Bus Dispatch and Information System
CVE-2023-2773 (A vulnerability has been found in code-projects Bus Dispatch
and Infor ...)
- TODO: check
+ NOT-FOR-US: code-projects Bus Dispatch and Information System
CVE-2023-2772 (A vulnerability, which was classified as critical, was found in
Source ...)
NOT-FOR-US: SourceCodester Budget and Expense Tracker System
CVE-2023-2771 (A vulnerability, which was classified as critical, has been
found in S ...)
@@ -49,13 +49,13 @@ CVE-2023-2766 (A vulnerability was found in Weaver OA 9.5
and classified as prob
CVE-2023-2765 (A vulnerability has been found in Weaver OA up to 9.5 and
classified a ...)
NOT-FOR-US: Weaver OA
CVE-2023-2756 (SQL Injection in GitHub repository
pimcore/customer-data-framework pri ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2023-2745 (WordPress Core is vulnerable to Directory Traversal in versions
up to, ...)
- wordpress <unfixed>
NOTE: https://core.trac.wordpress.org/changeset?old=55765&new=55765
NOTE:
https://wordpress.org/news/2023/05/wordpress-6-2-1-maintenance-security-release/
CVE-2023-2679 (Data leakage in Adobe connector in Snow Software SPE 9.27.0 on
Windows ...)
- TODO: check
+ NOT-FOR-US: Snow Software
CVE-2023-31848 (davinci 0.3.0-rc is vulnerable to Server-side request forgery
(SSRF).)
NOT-FOR-US: davinci
CVE-2023-31847 (In davinci 0.3.0-rc after logging in, the user can connect to
the mysq ...)
@@ -4494,7 +4494,7 @@ CVE-2023-30193
CVE-2023-30192 (Prestashop possearchproducts 1.7 is vulnerable to SQL
Injection via Po ...)
NOT-FOR-US: Prestashop
CVE-2023-30191 (PrestaShop cdesigner < 3.1.9 is vulnerable to SQL Injection
via Cdesig ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2023-30190
RESERVED
CVE-2023-30189 (Prestashop posstaticblocks <= 1.0.0 is vulnerable to SQL
Injection via ...)
@@ -5246,7 +5246,7 @@ CVE-2023-29839 (A Stored Cross Site Scripting (XSS)
vulnerability exists in mult
CVE-2023-29838
RESERVED
CVE-2023-29837 (Cross Site Scripting vulnerability found in Exelysis Unified
Communica ...)
- TODO: check
+ NOT-FOR-US: Exelysis Unified Communication Solution (EUCS)
CVE-2023-29836 (Cross Site Scripting vulnerability found in Exelysis Unified
Communica ...)
NOT-FOR-US: Exelysis Unified Communication Solutions (EUCS)
CVE-2023-29835 (Insecure Permission vulnerability found in Wondershare Dr.Fone
v.12.9. ...)
@@ -23570,7 +23570,7 @@ CVE-2023-23729
CVE-2023-23728 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Winwa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23727 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23726
RESERVED
CVE-2023-23725
@@ -23584,7 +23584,7 @@ CVE-2023-23722 (Auth. (admin+) Stored Cross-Site
Scripting (XSS) vulnerability i
CVE-2023-23721 (Cross-Site Request Forgery (CSRF) vulnerability in David Gwyer
Admin L ...)
NOT-FOR-US: David Gwyer Admin Log
CVE-2023-23720 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in NetR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23719
RESERVED
CVE-2023-23718 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in
Esstat17 Pa ...)
@@ -23606,7 +23606,7 @@ CVE-2023-23711 (Cross-Site Request Forgery (CSRF)
vulnerability in A2 Hosting A2
CVE-2023-23710 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in mini ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23709 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23708 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23707 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -23618,7 +23618,7 @@ CVE-2023-23705
CVE-2023-23704
RESERVED
CVE-2023-23703 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23702
RESERVED
CVE-2023-23701 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -23695,7 +23695,7 @@ CVE-2023-23690 (Cloud Mobility for Dell EMC Storage,
versions 1.3.0.X and below
CVE-2023-23689 (Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600,
F800, F810 ...)
NOT-FOR-US: Dell
CVE-2023-23688 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23687 (Auth.Stored Cross-Site Scripting (XSS) vulnerability inYoutube
shortco ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23686 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -23705,9 +23705,9 @@ CVE-2023-23685 (Auth. (contributor+) Stored Cross-Site
Scripting (XSS) vulnerabi
CVE-2023-23684
RESERVED
CVE-2023-23683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ozan ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23682 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Snap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23681 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23680
@@ -23719,13 +23719,13 @@ CVE-2023-23678
CVE-2023-23677 (Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix
GTmetri ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23676 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23675 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Catc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23674 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in RVOL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23673 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Hari ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23672
RESERVED
CVE-2023-23671
@@ -23757,13 +23757,13 @@ CVE-2023-23659 (Cross-Site Request Forgery (CSRF)
vulnerability in MainWP Matomo
CVE-2023-23658
RESERVED
CVE-2023-23657 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23656
RESERVED
CVE-2023-23655
RESERVED
CVE-2023-23654 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Spar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23653
RESERVED
CVE-2023-23652
@@ -23789,7 +23789,7 @@ CVE-2023-23643
CVE-2023-23642
RESERVED
CVE-2023-23641 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23640
RESERVED
CVE-2023-23639
@@ -24608,19 +24608,19 @@ CVE-2023-23452 (Missing Authentication for Critical
Function in SICK FX0-GPNT v3
CVE-2023-23451 (The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI
ETHERNE ...)
NOT-FOR-US: SICK
CVE-2023-23450 (Use of Password Hash Instead of Password for Authentication in
SICK FT ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23449 (Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR
with Part ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23448 (Inclusion of Sensitive Information in Source Code in SICK FTMg
AIR FLO ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23447 (Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR
with Pa ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23446 (Improper Access Control in SICK FTMg AIR FLOW SENSOR with
Partnumbers ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23445 (Improper Access Control in SICK FTMg AIR FLOW SENSOR with
Partnumbers ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23444 (Missing Authentication for Critical Function in SICK Flexi
Classic and ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23443
RESERVED
CVE-2023-23442
@@ -27013,7 +27013,7 @@ CVE-2023-22719
CVE-2023-22718 (Reflected Cross-Site Scripting (XSS) vulnerability in Jason
Lau User M ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22717 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22716 (Auth. (admin+) Cross-Site Scripting vulnerability in OOPSpam
OOPSpam A ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22715 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in
Lester 'GaM ...)
@@ -27035,13 +27035,13 @@ CVE-2023-22708
CVE-2023-22707 (Auth. (author+) Cross-Site Scripting (XSS) vulnerability in
Wpsoul Gre ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22706 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Property ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22705 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Collne I ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22704 (Reflected Cross-Site Scripting (XSS) vulnerability in Michael
Winkler ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22703 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Webcodin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22702 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in WPMob ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22701
@@ -27067,7 +27067,7 @@ CVE-2023-22692
CVE-2023-22691 (Cross-Site Request Forgery (CSRF) vulnerability in Tips and
Tricks HQ, ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22690 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Shop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22689
RESERVED
CVE-2023-22688
@@ -27079,7 +27079,7 @@ CVE-2023-22686 (Cross-Site Request Forgery (CSRF)
vulnerability in TriniTronic N
CVE-2023-22685 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Tips ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22684 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Subs ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Them ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22682 (Reflected Cross-Site Scripting (XSS) vulnerability in Manuel
Masia | P ...)
@@ -28559,7 +28559,7 @@ CVE-2022-48022 (An issue in the component
/api/v1/mentions of Zammad v5.3.0 allo
CVE-2022-48021 (A vulnerability in Zammad v5.3.0 allows attackers to execute
arbitrary ...)
- zammad <itp> (bug #841355)
CVE-2022-48020 (Vinteo VCC v2.36.4 was discovered to contain a reflected
cross-site sc ...)
- TODO: check
+ NOT-FOR-US: Vinteo VCC
CVE-2022-48019 (The components wfshbr64.sys and wfshbr32.sys in Another Eden
before v3 ...)
NOT-FOR-US: Another Eden
CVE-2022-48018
@@ -32247,37 +32247,37 @@ CVE-2023-21725 (Windows Malicious Software Removal
Tool Elevation of Privilege V
CVE-2023-21724 (Microsoft DWM Core Library Elevation of Privilege
Vulnerability)
NOT-FOR-US: Microsoft
CVE-2022-47393 (An authenticated, remote attacker may use a Improper
Restriction of Op ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47392 (An authenticated, remote attacker may use a improper input
validation ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47391 (In multiple CODESYS products in multiple versions an
unauthorized, rem ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47390 (An authenticated, remote attacker may use a stack based
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47389 (An authenticated, remote attacker may use a stack based
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47388 (An authenticated, remote attacker may use a stack based
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47387 (An authenticated remote attacker may use a stack based
out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47386 (An authenticated, remote attacker may use a stack based
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47385 (An authenticated, remote attacker may use a stack based
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47384 (An authenticated remote attacker may use a stack based
out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47383 (An authenticated, remote attacker may use a stack based
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47382 (An authenticated remote attacker may use a stack based
out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47381 (An authenticated remote attacker may use a stack based
out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47380 (An authenticated remote attacker may use a stack based
out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47379 (An authenticated, remote attacker may use a out-of-bounds
write vulner ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47378 (Multiple CODESYS products in multiple versions are prone to a
improper ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47377 (Password recovery vulnerability in SICK SIM2000ST Partnumber
2086502 w ...)
NOT-FOR-US: SICK SIM2000ST Partnumber 2086502
CVE-2022-47376
@@ -37898,7 +37898,7 @@ CVE-2022-4050 (The JoomSport WordPress plugin before
5.2.8 does not properly san
CVE-2022-4049 (The WP User WordPress plugin through 7.0 does not properly
sanitize an ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4048 (Inadequate Encryption Strength in CODESYS Development System V3
versio ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-4047 (The Return Refund and Exchange For WooCommerce WordPress plugin
before ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4046
@@ -39101,7 +39101,7 @@ CVE-2022-45145 (egg-compile.scm in CHICKEN 5.x before
5.3.1 allows arbitrary OS
NOTE:
https://lists.gnu.org/archive/html/chicken-announce/2022-11/msg00000.html
NOTE:
https://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=a08f8f548d772ef410c672ba33a27108d8d434f3;hp=9c6fb001c25de4390f46ffd7c3c94237f4df92a9
CVE-2022-45144 (Algoo Tracim before 4.4.2 allows XSS via HTML file upload.)
- TODO: check
+ NOT-FOR-US: Algoo Tracim
CVE-2022-3941 (A vulnerability has been found in Activity Log Plugin and
classified a ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3940 (A vulnerability, which was classified as problematic, was found
in lan ...)
@@ -43445,7 +43445,7 @@ CVE-2023-20728
CVE-2023-20727
RESERVED
CVE-2023-20726 (In mnld, there is a possible leak of GPS location due to a
missing per ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20725
RESERVED
CVE-2023-20724
@@ -43453,17 +43453,17 @@ CVE-2023-20724
CVE-2023-20723
RESERVED
CVE-2023-20722 (In m4u, there is a possible out of bounds write due to
improper input ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20721 (In isp, there is a possible out of bounds write due to
improper input ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20720 (In pqframework, there is a possible out of bounds read due to
a missin ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20719 (In pqframework, there is a possible out of bounds read due to
a missin ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20718 (In vcu, there is a possible out of bounds write due to a
missing bound ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20717 (In vcu, there is a possible leak of dma buffer due to a race
condition ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20716
RESERVED
CVE-2023-20715
@@ -43475,41 +43475,41 @@ CVE-2023-20713
CVE-2023-20712
RESERVED
CVE-2023-20711 (In keyinstall, there is a possible out of bounds read due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20710 (In keyinstall, there is a possible out of bounds read due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20709 (In keyinstall, there is a possible out of bounds read due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20708 (In keyinstall, there is a possible out of bounds read due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20707 (In ril, there is a possible out of bounds write due to a
missing bound ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20706 (In apu, there is a possible out of bounds read due to a
missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20705 (In apu, there is a possible out of bounds read due to a
missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20704 (In apu, there is a possible out of bounds read due to a
missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20703 (In apu, there is a possible out of bounds read due to a
missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20702
RESERVED
CVE-2023-20701 (In widevine, there is a possible out of bounds write due to a
logic er ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20700 (In widevine, there is a possible out of bounds write due to a
logic er ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20699 (In adsp, there is a possible out of bounds write due to a
missing boun ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20698 (In keyinstall, there is a possible out of bounds read due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20697 (In keyinstall, there is a possible out of bounds read due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20696 (In preloader, there is a possible out of bounds write due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20695 (In preloader, there is a possible out of bounds write due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20694 (In preloader, there is a possible out of bounds write due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20693
RESERVED
CVE-2023-20692
@@ -43551,7 +43551,7 @@ CVE-2023-20675 (In wlan, there is a possible out of
bounds read due to a missing
CVE-2023-20674 (In wlan, there is a possible out of bounds read due to a
missing bound ...)
NOT-FOR-US: MediaTek
CVE-2023-20673 (In vcu, there is a possible memory corruption due to type
confusion. T ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20672
RESERVED
CVE-2023-20671
@@ -107692,7 +107692,7 @@ CVE-2022-22510 (Codesys Profinet in version V4.2.0.0
is prone to null pointer de
CVE-2022-22509 (In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an
incorrect ...)
NOT-FOR-US: Phoenix Contact FL SWITCH Series
CVE-2022-22508 (Improper Input Validation vulnerability in multiple CODESYS V3
product ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-22507
RESERVED
CVE-2022-22506
@@ -226796,9 +226796,9 @@ CVE-2020-13379 (The avatar feature in Grafana 3.0.1
through 7.0.1 has an SSRF In
NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/4
NOTE:
https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/
CVE-2020-13378 (Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS
Command Inj ...)
- TODO: check
+ NOT-FOR-US: Loadbalancer.org Enterprise VA MAX
CVE-2020-13377 (The web-services interface of Loadbalancer.org Enterprise VA
MAX throu ...)
- TODO: check
+ NOT-FOR-US: Loadbalancer.org Enterprise VA MAX
CVE-2020-13376 (SecurEnvoy SecurMail 9.3.503 allows attackers to upload
executable fil ...)
NOT-FOR-US: SecurEnvoy SecurMail
CVE-2020-13375
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/201b041b0aff91d3611b6cb85b53c135b7d9c66b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/201b041b0aff91d3611b6cb85b53c135b7d9c66b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
