Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f358a027 by Salvatore Bonaccorso at 2023-07-19T22:52:47+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,45 +9,45 @@ CVE-2023-38408 [Remote Code Execution in OpenSSH's forwarded
ssh-agent]
NOTE: Remote exploitation requires that the agent was forwarded to an
attacker-controlled
NOTE: system.
CVE-2023-3765 (Absolute Path Traversal in GitHub repository mlflow/mlflow
prior to 2. ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2023-3763 (A vulnerability was found in Intergard SGS 8.7.0. It has been
declared ...)
- TODO: check
+ NOT-FOR-US: Intergard SGS
CVE-2023-3762 (A vulnerability was found in Intergard SGS 8.7.0. It has been
classifi ...)
- TODO: check
+ NOT-FOR-US: Intergard SGS
CVE-2023-3761 (A vulnerability was found in Intergard SGS 8.7.0 and classified
as pro ...)
- TODO: check
+ NOT-FOR-US: Intergard SGS
CVE-2023-3760 (A vulnerability has been found in Intergard SGS 8.7.0 and
classified a ...)
- TODO: check
+ NOT-FOR-US: Intergard SGS
CVE-2023-3759 (A vulnerability, which was classified as critical, was found in
Interg ...)
- TODO: check
+ NOT-FOR-US: Intergard SGS
CVE-2023-3757 (A vulnerability classified as problematic has been found in GZ
Script ...)
- TODO: check
+ NOT-FOR-US: GZ Script Car Rental Script
CVE-2023-3756 (A vulnerability was found in Creativeitem Atlas Business
Directory Lis ...)
- TODO: check
+ NOT-FOR-US: Creativeitem Atlas Business Directory Listing
CVE-2023-3755 (A vulnerability has been found in Creativeitem Atlas Business
Director ...)
- TODO: check
+ NOT-FOR-US: Creativeitem Atlas Business Directory Listing
CVE-2023-3754 (A vulnerability, which was classified as problematic, was found
in Cre ...)
- TODO: check
+ NOT-FOR-US: Creativeitem Ekushey Project Manager CRM
CVE-2023-3753 (A vulnerability classified as problematic has been found in
Creativeit ...)
- TODO: check
+ NOT-FOR-US: Creativeitem Mastery LMS
CVE-2023-3752 (A vulnerability was found in Creativeitem Academy LMS 5.15. It
has bee ...)
- TODO: check
+ NOT-FOR-US: Creativeitem Academy LMS
CVE-2023-3751 (A vulnerability was found in Super Store Finder 3.6. It has
been decla ...)
- TODO: check
+ NOT-FOR-US: Super Store Finder
CVE-2023-3722 (An OS command injection vulnerability was found in the Avaya
Aura Devi ...)
- TODO: check
+ NOT-FOR-US: Avaya
CVE-2023-3638 (In GeoVision GV-ADR2701 cameras, an attacker could edit the
login resp ...)
- TODO: check
+ NOT-FOR-US: GeoVision
CVE-2023-3527 (A CSV injection vulnerability was found in theAvaya Call
Management Sy ...)
- TODO: check
+ NOT-FOR-US: Avaya
CVE-2023-3519 (Unauthenticated remote code execution)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2023-3467 (Privilege Escalation to root administrator (nsroot))
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2023-3466 (Reflected Cross-Site Scripting (XSS))
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2023-3463 (All versions of GE Digital CIMPLICITY that are not adhering to
SDG gui ...)
- TODO: check
+ NOT-FOR-US: GE Digital CIMPLICITY
CVE-2023-37899 (Feathersjs is a framework for creating web APIs and real-time
applicat ...)
TODO: check
CVE-2023-37897 (Grav is a file-based Web-platform built in PHP. Grav is
subject to a s ...)
@@ -77,7 +77,7 @@ CVE-2023-32635 (XBRL data create application version 7.0 and
earlier improperly
CVE-2023-32263 (A potential vulnerability has been identified in the Micro
Focus Dimen ...)
NOT-FOR-US: Micro Focus Dimensions CM Plugin for Jenkins
CVE-2023-27379 (A use-after-free vulnerability exists in the JavaScript engine
of Foxi ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2023-3347 [SMB2 packet signing not enforced]
- samba 2:4.18.5+dfsg-1
[bullseye] - samba <not-affected> (Vulnerable code not present)
@@ -9930,7 +9930,7 @@ CVE-2023-30801
CVE-2023-30800
RESERVED
CVE-2023-30799 (MikroTik RouterOS stable before 6.49.7 and long-term through
6.48.6 ar ...)
- TODO: check
+ NOT-FOR-US: MikroTik RouterOS
CVE-2023-30798 (There MultipartParser usage in Encode's Starlette python
framework bef ...)
- starlette 0.25.0-1
[bullseye] - starlette <no-dsa> (Minor issue)
@@ -15482,7 +15482,7 @@ CVE-2023-28936 (Attacker can access arbitrary
recording/room Vendor: The Apache
CVE-2023-28935 (** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of
Special Ele ...)
NOT-FOR-US: Apache UIMA UICC
CVE-2023-28744 (A use-after-free vulnerability exists in the JavaScript engine
of Foxi ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2023-1672 (A race condition exists in the Tang server functionality for
key gener ...)
- tang 14-1 (bug #1038119)
[bookworm] - tang <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f358a0278e897905d5b5775be7e30c2ff85606bb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f358a0278e897905d5b5775be7e30c2ff85606bb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
