Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1f537283 by Salvatore Bonaccorso at 2023-07-14T22:34:58+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2023-3673 (SQL Injection in GitHub repository pimcore/pimcore prior to
10.5.24.)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2023-3672 (Cross-site Scripting (XSS) - DOM in GitHub repository
plaidweb/webment ...)
TODO: check
CVE-2023-3633 (An out-of-bounds writevulnerability in Bitdefender Engines on
Windows ...)
- TODO: check
+ NOT-FOR-US: Bitdefender
CVE-2023-3434 (Improper Input Validation in the hyperlink interpretation
inSavoir-fai ...)
TODO: check
CVE-2023-3433 (The "nickname" field within Savoir-faire Linux's Jami
application is s ...)
@@ -19,47 +19,47 @@ CVE-2023-37474 (Copyparty is a portable file server.
Versions prior to 1.8.2 are
CVE-2023-37473 (zenstruck/collections is a set of helpers for
iterating/paginating/fil ...)
TODO: check
CVE-2023-37224 (An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6
and v.6. ...)
- TODO: check
+ NOT-FOR-US: Archer
CVE-2023-37223 (Cross Site Scripting (XSS) vulnerability in Archer Platform
before v.6 ...)
- TODO: check
+ NOT-FOR-US: Archer
CVE-2023-36888 (Microsoft Edge for Android (Chromium-based) Tampering
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36887 (Microsoft Edge (Chromium-based) Remote Code Execution
Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36883 (Microsoft Edge for iOS Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36850 (An Improper Validation of Specified Index, Position, or Offset
in Inpu ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36849 (An Improper Check or Handling of Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36848 (An Improper Handling of Undefined Values vulnerability in the
periodic ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36840 (A Reachable Assertion vulnerability in Routing Protocol Daemon
(RPD) o ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36838 (An Out-of-bounds Read vulnerability in the flow processing
daemon (flo ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36836 (A Use of an Uninitialized Resource vulnerability in the
routing protoc ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36835 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36834 (An Incomplete Internal State Distinction vulnerability in the
packet f ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36833 (A Use After Free vulnerability in the packet forwarding engine
(PFE) o ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36832 (An Improper Handling of Exceptional Conditions vulnerability
in packet ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36831 (An Improper Check or Handling of Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-36119 (File upload vulnerability in PHPGurukul Online Security Guards
Hiring ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Online Security Guards Hiring System
CVE-2023-35692 (In getLocationCache of GeoLocation.java, there is a possible
way to se ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-32761 (Cross Site Request Forgery (CSRF) vulnerability in Archer
Platform bef ...)
- TODO: check
+ NOT-FOR-US: Archer
CVE-2023-32760 (An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6
and v.6. ...)
- TODO: check
+ NOT-FOR-US: Archer
CVE-2023-32759 (An issue in Archer Platform before v.6.13 and fixed in
6.12.0.6 and 6. ...)
- TODO: check
+ NOT-FOR-US: Archer
CVE-2023-2975 (Issue summary: The AES-SIV cipher implementation contains a bug
that c ...)
TODO: check
CVE-2023-3668 (Improper Encoding or Escaping of Output in GitHub repository
froxlor/f ...)
@@ -14651,7 +14651,7 @@ CVE-2023-28987
CVE-2023-28986 (Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider,
wpaffil ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28985 (An Improper Validation of Syntactic Correctness of Input
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2023-28984 (A Use After Free vulnerability in the Layer 2 Address Learning
Manager ...)
NOT-FOR-US: Juniper
CVE-2023-28983 (An OS Command Injection vulnerability in gRPC Network
Operations Inter ...)
@@ -27253,7 +27253,7 @@ CVE-2023-24898 (Windows SMB Denial of Service
Vulnerability)
CVE-2023-24897 (.NET, .NET Framework, and Visual Studio Remote Code Execution
Vulnerab ...)
NOT-FOR-US: .NET
CVE-2023-24896 (Dynamics 365 Finance Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-24895 (.NET, .NET Framework, and Visual Studio Remote Code Execution
Vulnerab ...)
NOT-FOR-US: .NET
CVE-2023-24894
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f537283b61f16e9a2ceebc56dd92050441732e2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f537283b61f16e9a2ceebc56dd92050441732e2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
