Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b0fbf8ee by Salvatore Bonaccorso at 2023-06-27T22:44:55+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,37 +7,37 @@ CVE-2023-3431 (Improper Access Control in GitHub repository
plantuml/plantuml pr
NOTE: https://huntr.dev/bounties/fa741f95-b53c-4ed7-b157-e32c5145164c/
NOTE:
https://github.com/plantuml/plantuml/commit/fbe7fa3b25b4c887d83927cffb1009ec6cb8ab1e
(v1.2023.9)
CVE-2023-3405 (Unchecked parameter value in M-Files Server in versions before
23.6.12 ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2023-36463 (Meldekarten generator is an open source project to create a
program, r ...)
- TODO: check
+ NOT-FOR-US: Meldekarten generator
CVE-2023-36002 (A missing authorization check in multiple URL validation
endpoints of ...)
- TODO: check
+ NOT-FOR-US: Insider Threat Management Server
CVE-2023-36000 (A missing authorization check in the MacOS agent configuration
endpoin ...)
- TODO: check
+ NOT-FOR-US: Insider Threat Management Server
CVE-2023-35998 (A missing authorization check in multiple SOAP endpoints of
the Inside ...)
- TODO: check
+ NOT-FOR-US: Insider Threat Management Server
CVE-2023-35800 (Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2
has Insecu ...)
- TODO: check
+ NOT-FOR-US: Stormshield Endpoint Security Evolution
CVE-2023-35799 (Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2
has Insecu ...)
- TODO: check
+ NOT-FOR-US: Stormshield Endpoint Security Evolution
CVE-2023-34839 (A Cross Site Request Forgery (CSRF) vulnerability in Issabel
issabel-p ...)
- TODO: check
+ NOT-FOR-US: Issabel
CVE-2023-34838 (A Cross Site Scripting vulnerability in Microworld
Technologies eScan ...)
- TODO: check
+ NOT-FOR-US: Microworld Technologies eScan Management console
CVE-2023-34837 (A Cross Site Scripting vulnerability in Microworld
Technologies eScan ...)
- TODO: check
+ NOT-FOR-US: Microworld Technologies eScan Management console
CVE-2023-34836 (A Cross Site Scripting vulnerability in Microworld
Technologies eScan ...)
- TODO: check
+ NOT-FOR-US: Microworld Technologies eScan Management console
CVE-2023-34835 (A Cross Site Scripting vulnerability in Microworld
Technologies eScan ...)
- TODO: check
+ NOT-FOR-US: Microworld Technologies eScan Management console
CVE-2023-34830 (i-doit Open v24 was discovered to contain a reflected
cross-site scrip ...)
TODO: check
CVE-2023-34240 (Cloudexplorer-lite is an open source cloud software stack.
Weak passwo ...)
TODO: check
CVE-2023-34099 (Shopware is an open source e-commerce software. The mail
validation in ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2023-34098 (Shopware is an open source e-commerce software. Due to an
incorrect co ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2023-33567 (An unauthorized access vulnerability has been discovered in
ROS2 Foxy ...)
TODO: check
CVE-2023-33566 (An unauthorized node injection vulnerability has been
identified in RO ...)
@@ -51,7 +51,7 @@ CVE-2023-2877 (The Formidable Forms WordPress plugin before
6.3.1 does not adequ
CVE-2023-2842 (The WP Inventory Manager WordPress plugin before 2.1.0.14 does
not hav ...)
NOT-FOR-US: WordPress plugin
CVE-2023-2818 (An insecure filesystem permission in the Insider Threat
Management Age ...)
- TODO: check
+ NOT-FOR-US: Insider Threat Management Agent for Windows
CVE-2023-2795 (The CodeColorer WordPress plugin before 0.10.1 does not
sanitise and e ...)
NOT-FOR-US: WordPress plugin
CVE-2023-2744 (The ERP WordPress plugin before 1.12.4 does not properly
sanitise and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0fbf8eeb8c070ac4e950098f87d16e482710a92
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0fbf8eeb8c070ac4e950098f87d16e482710a92
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
