Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
989661e5 by Salvatore Bonaccorso at 2023-06-30T19:10:44+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19,9 +19,9 @@ CVE-2023-3249 (The Web3 \u2013 Crypto wallet Login & NFT
token gating plugin for
CVE-2023-3063 (The SP Project & Document Manager plugin for WordPress is
vulnerable t ...)
NOT-FOR-US: SP Project & Document Manager plugin for WordPress
CVE-2023-36607 (The affected TBox RTUs are missing authorization for running
some API ...)
- TODO: check
+ NOT-FOR-US: Ovarro
CVE-2023-36539 (Exposure of information intended to be encrypted by some Zoom
clients ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-36470 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
NOT-FOR-US: XWiki
CVE-2023-36469 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
@@ -31,7 +31,7 @@ CVE-2023-36468 (XWiki Platform is a generic wiki platform
offering runtime servi
CVE-2023-36347 (A broken authentication mechanism in the endpoint excel.php of
POS Cod ...)
NOT-FOR-US: POS Codekop
CVE-2023-36146 (A Stored Cross-Site Scripting (XSS) vulnerability was found in
Multila ...)
- TODO: check
+ NOT-FOR-US: Multilaser RE 170
CVE-2023-36143 (Maxprint Maxlink 1200G v3.4.11E has an OS command injection
vulnerabil ...)
NOT-FOR-US: Maxprint Maxlink 1200G
CVE-2023-33336 (Reflected cross site scripting (XSS) vulnerability was
discovered in S ...)
@@ -81,9 +81,9 @@ CVE-2023-36471 (Xwiki commons is the common modules used by
other XWiki top leve
CVE-2023-35938 (Tuleap is a Free & Open Source Suite to improve management of
software ...)
NOT-FOR-US: Tuleap
CVE-2023-35830 (STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module
Deploymen ...)
- TODO: check
+ NOT-FOR-US: STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity
CVE-2023-34849 (An unauthorized command injection vulnerability exists in the
ActionLo ...)
- TODO: check
+ NOT-FOR-US: Ikuai router OS
CVE-2023-34844 (Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN
privileged mode ...)
TODO: check
CVE-2023-34735 (Property Cloud Platform Management Center 1.0 is vulnerable to
error-b ...)
@@ -93,9 +93,9 @@ CVE-2023-34658 (Telegram v9.6.3 on iOS allows attackers to
hide critical informa
CVE-2023-34656 (An issue was discovered with the JSESSION IDs in Xiamen Si Xin
Communi ...)
NOT-FOR-US: Xiamen Si Xin Communication Technology Video management
system
CVE-2023-34599 (Multiple Cross-Site Scripting (XSS) vulnerabilities have been
identifi ...)
- TODO: check
+ NOT-FOR-US: Gibbon CMS
CVE-2023-34598 (Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI)
where it' ...)
- TODO: check
+ NOT-FOR-US: Gibbon CMS
CVE-2023-34487 (itsourcecode Online Hotel Management System Project In PHP
v1.0.0 is v ...)
NOT-FOR-US: itsourcecode Online Hotel Management System Project
CVE-2023-34486 (itsourcecode Online Hotel Management System Project In PHP
v1.0.0 is v ...)
@@ -141,9 +141,9 @@ CVE-2023-34843 (Traggo Server 0.3.0 is vulnerable to
directory traversal via a c
CVE-2023-34834 (A Directory Browsing vulnerability in MCL-Net version
4.3.5.8788 webse ...)
NOT-FOR-US: MCL-Net
CVE-2023-34831 (The "Submission Web Form" of Turnitin LTI tool/plugin version
1.3 is a ...)
- TODO: check
+ NOT-FOR-US: "Submission Web Form" of Turnitin LTI tool/plugin
CVE-2023-34738 (Chemex through 3.7.1 is vulnerable to arbitrary file upload.)
- TODO: check
+ NOT-FOR-US: Chemex
CVE-2023-34736 (Guantang Equipment Management System version 4.12 is
vulnerable to Arb ...)
NOT-FOR-US: Guantang Equipment Management System
CVE-2023-34734 (Annet AC Centralized Management Platform 1.02.040 is
vulnerable to Sto ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/989661e5c4e5a6207ea949a808ba27e2119acf33
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/989661e5c4e5a6207ea949a808ba27e2119acf33
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
