Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9bd00f5c by Moritz Muehlenhoff at 2023-07-16T10:38:29+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2023-3692 (Unrestricted Upload of File with Dangerous Type in GitHub
repository a ...)
- TODO: check
+ NOT-FOR-US: admidio
CVE-2023-3683 (A vulnerability has been found in LivelyWorks Articart 2.0.1
and class ...)
- TODO: check
+ NOT-FOR-US: LivelyWorks Articart
CVE-2023-37811
REJECTED
CVE-2023-37810
@@ -35,15 +35,15 @@ CVE-2023-36166
CVE-2023-36165
REJECTED
CVE-2023-3682 (A vulnerability, which was classified as critical, was found in
Nesote ...)
- TODO: check
+ NOT-FOR-US: Nesote Inout Blockchain
CVE-2023-3681 (A vulnerability classified as problematic was found in
Campcodes Retro ...)
- TODO: check
+ NOT-FOR-US: Campcodes Retro Cellphone Online Store
CVE-2023-3680 (A vulnerability classified as critical has been found in
SourceCodeste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2023-3679 (A vulnerability was found in SourceCodester Lost and Found
Information ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2023-2507 (CleverTap Cordova Plugin version 2.6.2 allows a remote attacker
to exe ...)
- TODO: check
+ NOT-FOR-US: CleverTap Cordova Plugin
CVE-2023-3678 (A vulnerability was found in SourceCodester AC Repair and
Services Sys ...)
NOT-FOR-US: SourceCodester AC Repair and Services System
CVE-2023-38350 (PNP4Nagios through 81ebfc5 has stored XSS in the AJAX
controller via t ...)
@@ -53,7 +53,7 @@ CVE-2023-38349 (PNP4Nagios through 81ebfc5 lacks CSRF
protection in the AJAX con
- pnp4nagios <removed>
NOTE: https://github.com/pnp4nagios/pnp4nagios/pull/17
CVE-2023-38337 (rswag before 2.10.1 allows remote attackers to read arbitrary
JSON and ...)
- TODO: check
+ NOT-FOR-US: rswag
CVE-2023-38336 (netkit-rcp in rsh-client 0.17-24 allows command injection via
filename ...)
- netkit-rsh <unfixed> (bug #1039689)
CVE-2023-37794 (WAYOS FBM-291W 19.09.11V was discovered to contain a command
injection ...)
@@ -75,7 +75,7 @@ CVE-2023-36466 (Discourse is an open source discussion
platform. When editing a
CVE-2023-35802 (IQ Engine before 10.6r1 on Extreme Network AP devices has a
Buffer Ove ...)
NOT-FOR-US: Extreme Network AP devices
CVE-2023-34236 (Weave GitOps Terraform Controller (aka Weave TF-controller) is
a contr ...)
- TODO: check
+ NOT-FOR-US: Weave GitOps Terraform Controller
CVE-2023-3673 (SQL Injection in GitHub repository pimcore/pimcore prior to
10.5.24.)
NOT-FOR-US: pimcore
CVE-2023-3672 (Cross-site Scripting (XSS) - DOM in GitHub repository
plaidweb/webment ...)
@@ -8486,7 +8486,7 @@ CVE-2023-2269 (A denial of service problem was found, due
to a possible recursiv
- linux 6.3.7-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2189388
CVE-2023-2268 (Plane version 0.7.1 allows an unauthenticated attacker to view
all sto ...)
- TODO: check
+ NOT-FOR-US: Plane
CVE-2023-2267
RESERVED
CVE-2023-2266
@@ -9552,7 +9552,7 @@ CVE-2023-2130 (A vulnerability classified as critical has
been found in SourceCo
CVE-2023-30792 (Anchor tag hrefs in Lexical prior to v0.10.0 would render
javascript: ...)
NOT-FOR-US: Facebook lexical text editor
CVE-2023-30791 (Plane version 0.7.1-dev allows an attacker to change the
avatar of his ...)
- TODO: check
+ NOT-FOR-US: Plane
CVE-2023-30790 (MonicaHQ version 4.0.0 allows an authenticated remote attacker
to exec ...)
NOT-FOR-US: MonicaHQ
CVE-2023-30789 (MonicaHQ version 4.0.0 allows an authenticated remote attacker
to exec ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bd00f5c3001b456f5b0f41cb67fce1d436bef1d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bd00f5c3001b456f5b0f41cb67fce1d436bef1d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
