Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2e6538a2 by Moritz Muehlenhoff at 2023-07-11T17:59:42+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,17 +7,17 @@ CVE-2023-XXXX [ESNET-SECADV-2023-0001: iperf3 memory
allocation hazard and crash
NOTE: https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
NOTE:
https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9
(3.14)
CVE-2023-3608 (A vulnerability was found in Ruijie BCR810W 2.5.10. It has been
rated ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2023-3607 (A vulnerability was found in kodbox 1.26. It has been declared
as crit ...)
- TODO: check
+ NOT-FOR-US: kodbox
CVE-2023-3606 (A vulnerability was found in TamronOS up to 20230703. It has
been clas ...)
- TODO: check
+ NOT-FOR-US: TamronOS
CVE-2023-37191 (A stored cross-site scripting (XSS) vulnerability in Issabel
issabel-p ...)
- TODO: check
+ NOT-FOR-US: Issabel
CVE-2023-37190 (A stored cross-site scripting (XSS) vulnerability in Issabel
issabel-p ...)
- TODO: check
+ NOT-FOR-US: Issabel
CVE-2023-37189 (A stored cross site scripting (XSS) vulnerability in
index.php?menu=bi ...)
- TODO: check
+ NOT-FOR-US: Issabel
CVE-2023-36925 (SAP Solution Manager (Diagnostics agent) - version 7.20,
allows an una ...)
NOT-FOR-US: SAP
CVE-2023-36924 (While using a specific function, SAP ERP Defense Forces and
Public Sec ...)
@@ -33,7 +33,7 @@ CVE-2023-36918 (In SAP Enable Now - versions WPB_MANAGER 1.0,
WPB_MANAGER_CE 10,
CVE-2023-36917 (SAP BusinessObjects Business Intelligence Platform - version
420, 430, ...)
NOT-FOR-US: SAP
CVE-2023-36517 (Cross-Site Request Forgery (CSRF) vulnerability in Kevon
Adonis WP Abs ...)
- TODO: check
+ NOT-FOR-US: Kevon
CVE-2023-35874 (SAP NetWeaver Application Server ABAP and ABAP Platform -
version KRNL ...)
NOT-FOR-US: SAP
CVE-2023-35873 (TheRuntime Workbench (RWB) of SAP NetWeaver Process
Integration- versi ...)
@@ -45,9 +45,9 @@ CVE-2023-35871 (The SAP Web Dispatcher - versions WEBDISP
7.53, WEBDISP 7.54, WE
CVE-2023-35870 (When creating a journal entry template in SAP S/4HANA (Manage
Journal ...)
NOT-FOR-US: SAP
CVE-2023-35781 (Cross-Site Request Forgery (CSRF) vulnerability in LWS Cleaner
plugin ...)
- TODO: check
+ NOT-FOR-US: LWS
CVE-2023-35774 (Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS
Tools plugi ...)
- TODO: check
+ NOT-FOR-US: LWS
CVE-2023-33992 (The SAP BW BICS communication layer in SAP Business Warehouse
and SAP ...)
NOT-FOR-US: SAP
CVE-2023-33990 (SAP SQL Anywhere- version 17.0, allows an attacker to prevent
legitima ...)
@@ -70,19 +70,19 @@ CVE-2023-3599 (A vulnerability was found in SourceCodester
Best Fee Management S
CVE-2023-3580 (Improper Handling of Additional Special Element in GitHub
repository s ...)
NOT-FOR-US: squidex
CVE-2023-3579 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: HadSky
CVE-2023-3578 (A vulnerability classified as critical was found in DedeCMS
5.7.109. A ...)
NOT-FOR-US: DedeCMS
CVE-2023-3574 (Improper Authorization in GitHub repository
pimcore/customer-data-fram ...)
NOT-FOR-US: pimcore customer-data-framework
CVE-2023-3273 (Improper Access Control in the SICK ICR890-4 could allow an
unauthenti ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-3272 (Cleartext Transmission of Sensitive Information in the SICK
ICR890-4 c ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-3271 (Improper Access Control in the SICK ICR890-4 could allow an
unauthenti ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-3270 (Exposure of Sensitive Information to an Unauthorized Actor in
the SICK ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-3225 (The Float menu WordPress plugin before 5.0.3 does not sanitise
and esc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-3219 (The EventON WordPress plugin before 2.1.2 does not validate
that the e ...)
@@ -128,7 +128,7 @@ CVE-2023-37392 (Cross-Site Request Forgery (CSRF)
vulnerability in Deepak Anand
CVE-2023-37277 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
NOT-FOR-US: XWiki
CVE-2023-37153 (KodExplorer 4.51 contains a Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: KodExplorer
CVE-2023-37152 (Projectworlds Online Art Gallery Project 1.0 allows
unauthenticated us ...)
NOT-FOR-US: Projectworlds Online Art Gallery Project
CVE-2023-37151 (Sourcecodester Online Pizza Ordering System v1.0 allows the
upload of ...)
@@ -150,13 +150,13 @@ CVE-2023-36375 (Cross Site Scripting vulnerability in
Hostel Management System v
CVE-2023-35912 (Cross-Site Request Forgery (CSRF) vulnerability in WP Zone
Potent Dona ...)
NOT-FOR-US: WordPress plugin
CVE-2023-35699 (Cleartext Storage on Disk in the SICK ICR890-4 could allow an
unauthen ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-35698 (Observable Response Discrepancy in the SICK ICR890-4 could
allow a rem ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-35697 (Improper Restriction of Excessive Authentication Attempts in
the SICK ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-35696 (Unauthenticated endpoints in the SICK ICR890-4 could allow an
unauthen ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-34432 (A heap buffer overflow vulnerability was found in sox, in the
lsx_read ...)
TODO: check
CVE-2023-34347 (Delta Electronics InfraSuite Device Master versions prior to
1.0.7 con ...)
@@ -190,9 +190,9 @@ CVE-2023-2493 (The All In One Redirection WordPress plugin
before 2.2.0 does not
CVE-2023-26590 (A floating point exception vulnerability was found in sox, in
the lsx_ ...)
TODO: check
CVE-2016-15034 (A vulnerability was found in Dynacase Webdesk and classified
as critic ...)
- TODO: check
+ NOT-FOR-US: Dynacase
CVE-2015-10121 (A vulnerability has been found in Beeliked Microsite Plugin up
to 1.0. ...)
- TODO: check
+ NOT-FOR-US: Beeliked
CVE-2015-10120 (A vulnerability, which was classified as problematic, was
found in WDS ...)
NOT-FOR-US: WordPress plugin
CVE-2015-10119 (A vulnerability, which was classified as problematic, has been
found i ...)
@@ -7749,13 +7749,13 @@ CVE-2023-30965
CVE-2023-30964
RESERVED
CVE-2023-30963 (A security defect was discovered in Foundry Frontend which
enabled use ...)
- TODO: check
+ NOT-FOR-US: Palantir
CVE-2023-30962
RESERVED
CVE-2023-30961
RESERVED
CVE-2023-30960 (A security defect was discovered in Foundry job-tracker that
enabled u ...)
- TODO: check
+ NOT-FOR-US: Palantir
CVE-2023-30959
RESERVED
CVE-2023-30958
@@ -7763,7 +7763,7 @@ CVE-2023-30958
CVE-2023-30957
RESERVED
CVE-2023-30956 (A security defect was identified in Foundry Comments that
enabled a us ...)
- TODO: check
+ NOT-FOR-US: Palantir
CVE-2023-30955 (A security defect was identified in Foundry workspace-server
that enab ...)
NOT-FOR-US: Palantir
CVE-2023-30954
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e6538a2c597677923c87984941ba9d393261b51
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e6538a2c597677923c87984941ba9d393261b51
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
