Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2ecbe59d by Salvatore Bonaccorso at 2023-07-11T22:25:01+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,105 +1,105 @@
CVE-2023-3627 (Cross-Site Request Forgery (CSRF) in GitHub repository
salesagility/su ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM core
CVE-2023-3626 (A vulnerability, which was classified as critical, has been
found in S ...)
- TODO: check
+ NOT-FOR-US: Suncreate Mountain Flood Disaster Prevention Monitoring and
Early Warning System
CVE-2023-3625 (A vulnerability classified as critical was found in Suncreate
Mountain ...)
- TODO: check
+ NOT-FOR-US: Suncreate Mountain Flood Disaster Prevention Monitoring and
Early Warning System
CVE-2023-3624 (A vulnerability classified as critical has been found in Nesote
Inout ...)
TODO: check
CVE-2023-3623 (A vulnerability was found in Suncreate Mountain Flood Disaster
Prevent ...)
- TODO: check
+ NOT-FOR-US: Suncreate Mountain Flood Disaster Prevention Monitoring and
Early Warning System
CVE-2023-3621 (A vulnerability was found in IBOS OA 4.5.5. It has been
classified as ...)
- TODO: check
+ NOT-FOR-US: IBOS OA
CVE-2023-3620 (Cross-site Scripting (XSS) - Stored in GitHub repository
amauric/tarte ...)
TODO: check
CVE-2023-3619 (A vulnerability was found in SourceCodester AC Repair and
Services Sys ...)
- TODO: check
+ NOT-FOR-US: SourceCodester AC Repair and Services System
CVE-2023-3617 (A vulnerability was found in SourceCodester Best POS Management
System ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Best POS Management System
CVE-2023-37659 (xalpha v0.11.4 is vulnerable to Remote Command Execution
(RCE).)
TODO: check
CVE-2023-37658 (fast-poster v2.15.0 is vulnerable to Cross Site Scripting
(XSS). File ...)
TODO: check
CVE-2023-37657 (TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting
(XSS).)
- TODO: check
+ NOT-FOR-US: TwoNav
CVE-2023-37656 (WebsiteGuide v0.2 is vulnerable to Remote Command Execution
(RCE) via ...)
- TODO: check
+ NOT-FOR-US: WebsiteGuide
CVE-2023-37597 (Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx
v.4.0.0 ...)
TODO: check
CVE-2023-37596 (Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx
v.4.0.0 ...)
TODO: check
CVE-2023-37391 (Cross-Site Request Forgery (CSRF) vulnerability in
WPMobilePack.Com Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37376 (A vulnerability has been identified in Tecnomatix Plant
Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37375 (A vulnerability has been identified in Tecnomatix Plant
Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37374 (A vulnerability has been identified in Tecnomatix Plant
Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37280 (Pimcore Admin Classic Bundle provides a Backend UI for Pimcore
based o ...)
- TODO: check
+ NOT-FOR-US: Pimcore Admin Classic Bundle
CVE-2023-37271 (RestrictedPython is a tool that helps to define a subset of
the Python ...)
TODO: check
CVE-2023-37248 (A vulnerability has been identified in Tecnomatix Plant
Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37247 (A vulnerability has been identified in Tecnomatix Plant
Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37246 (A vulnerability has been identified in Tecnomatix Plant
Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36884 (Microsoft is investigating reports of a series of remote code
executio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36874 (Windows Error Reporting Service Elevation of Privilege
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36872 (VP9 Video Extensions Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36871 (Azure Active Directory Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36868 (Azure Service Fabric on Windows Information Disclosure
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36867 (Visual Studio Code GitHub Pull Requests and Issues Extension
Remote Co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36825 (Decidim is a participatory democracy framework, written in
Ruby on Rai ...)
TODO: check
CVE-2023-36824 (Redis is an in-memory database that persists on disk. In Redit
7.0 pri ...)
TODO: check
CVE-2023-36755 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36754 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36753 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36752 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36751 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36750 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36749 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36748 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36693 (Cross-Site Request Forgery (CSRF) vulnerability in Alain
Gonzalez WP R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36690 (Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes
WPLMS th ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-36687 (Cross-Site Request Forgery (CSRF) vulnerability in Andrea
Tarantini Me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36538 (Improper access control in Zoom Rooms before version 5.15.0
may allow ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-36537 (Improper privilege management in Zoom Rooms before version
5.14.5 may ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-36536 (Untrusted search path in the installer for Zoom Rooms before
version 5 ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-36522 (Cross-Site Request Forgery (CSRF) vulnerability in WePupil
Quiz Expert ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36521 (A vulnerability has been identified in SIMATIC MV540 H (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36390 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36389 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36386 (A vulnerability has been identified in RUGGEDCOM ROX MX5000
(All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36293 (SQL injection vulnerability in wmanager v.1.0.7 and before
allows a re ...)
TODO: check
CVE-2023-36167 (An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to
execute a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ecbe59d990f6fe728a78cf76ec52a5f52a6799f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ecbe59d990f6fe728a78cf76ec52a5f52a6799f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
