Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c83ec729 by Salvatore Bonaccorso at 2023-07-11T12:20:33+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,47 +11,47 @@ CVE-2023-37190 (A stored cross-site scripting (XSS)
vulnerability in Issabel iss
CVE-2023-37189 (A stored cross site scripting (XSS) vulnerability in
index.php?menu=bi ...)
TODO: check
CVE-2023-36925 (SAP Solution Manager (Diagnostics agent) - version 7.20,
allows an una ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-36924 (While using a specific function, SAP ERP Defense Forces and
Public Sec ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-36922 (Due to programming error in function module or report, SAP
NetWeaver A ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-36921 (SAP Solution Manager (Diagnostics agent) - version 7.20,
allows an att ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-36919 (In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE
10, WPB_M ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-36918 (In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE
10, WPB_M ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-36917 (SAP BusinessObjects Business Intelligence Platform - version
420, 430, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-36517 (Cross-Site Request Forgery (CSRF) vulnerability in Kevon
Adonis WP Abs ...)
TODO: check
CVE-2023-35874 (SAP NetWeaver Application Server ABAP and ABAP Platform -
version KRNL ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-35873 (TheRuntime Workbench (RWB) of SAP NetWeaver Process
Integration- versi ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-35872 (TheMessage Display Tool (MDT) of SAP NetWeaver Process
Integration- ve ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-35871 (The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54,
WEBDISP ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-35870 (When creating a journal entry template in SAP S/4HANA (Manage
Journal ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-35781 (Cross-Site Request Forgery (CSRF) vulnerability in LWS Cleaner
plugin ...)
TODO: check
CVE-2023-35774 (Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS
Tools plugi ...)
TODO: check
CVE-2023-33992 (The SAP BW BICS communication layer in SAP Business Warehouse
and SAP ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-33990 (SAP SQL Anywhere- version 17.0, allows an attacker to prevent
legitima ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-33989 (An attacker with non-administrative authorizations in SAP
NetWeaver (B ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-33988 (In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE
10, WPB_M ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-33987 (An unauthenticated attacker in SAP Web Dispatcher - versions
WEBDISP 7 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-31405 (SAP NetWeaver AS for Java - versions ENGINEAPI 7.50,
SERVERCORE 7.50, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-3605 (A vulnerability was found in PHPGurukul Online Shopping Portal
1.0. It ...)
NOT-FOR-US: PHPGurukul Online Shopping Portal
CVE-2023-3599 (A vulnerability was found in SourceCodester Best Fee Management
System ...)
@@ -8571,9 +8571,9 @@ CVE-2023-2081
CVE-2023-2080 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: Forcepoint
CVE-2023-2079 (The "Buy Me a Coffee \u2013 Button and Widget Plugin" plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: "Buy Me a Coffee – Button and Widget Plugin" plugin
for WordPress
CVE-2023-2078 (The "Buy Me a Coffee \u2013 Button and Widget Plugin" plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: "Buy Me a Coffee – Button and Widget Plugin" plugin
for WordPress
CVE-2021-46880 (x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD
before 7.0 er ...)
- libressl <itp> (bug #754513)
CVE-2023-30772 (The Linux kernel before 6.2.9 has a race condition and
resultant use-a ...)
@@ -43101,7 +43101,7 @@ CVE-2022-45825 (Unauth. Reflected Cross-Site Scripting
(XSS) vulnerability in iT
CVE-2022-45824 (Cross-Site Request Forgery (CSRF) vulnerability inAdvanced
Booking Cal ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45823 (Cross-Site Request Forgery (CSRF) vulnerability in
GalleryPlugins Vide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-45822 (Unauth. SQL Injection (SQLi) vulnerability in Advanced Booking
Calenda ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45821
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c83ec72961f045a18cc47e6f6c009af20d16d6a8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c83ec72961f045a18cc47e6f6c009af20d16d6a8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
