Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8b940955 by Salvatore Bonaccorso at 2023-08-12T19:20:52+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19119,7 +19119,7 @@ CVE-2023-28832 (A vulnerability has been identified in
SIMATIC Cloud Connect 7 C
CVE-2023-28831
RESERVED
CVE-2023-28830 (A vulnerability has been identified in JT2Go (All versions <
V14.2.0.5 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-28829 (A vulnerability has been identified in SIMATIC NET PC Software
V14 (Al ...)
NOT-FOR-US: Siemens
CVE-2023-28828 (A vulnerability has been identified in Polarion ALM (All
versions < V2 ...)
@@ -20069,7 +20069,7 @@ CVE-2023-28579
CVE-2023-28578
RESERVED
CVE-2023-28577 (In the function call related to CAM_REQ_MGR_RELEASE_BUF there
is no ch ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28576 (The buffer obtained from kernel APIs such as
cam_mem_get_cpu_buf() may ...)
NOT-FOR-US: Qualcomm
CVE-2023-28575 (The cam_get_device_priv function does not check the type of
handle bei ...)
@@ -26777,11 +26777,11 @@ CVE-2023-26313
CVE-2023-26312
RESERVED
CVE-2023-26311 (A remote code execution vulnerability in the webview component
of OPPO ...)
- TODO: check
+ NOT-FOR-US: Oppo
CVE-2023-26310 (There is a command injection problem in the old version of the
mobile ...)
- TODO: check
+ NOT-FOR-US: Oppo
CVE-2023-26309 (A remote code execution vulnerability in the webview component
of OneP ...)
- TODO: check
+ NOT-FOR-US: Oppo
CVE-2023-26308
RESERVED
CVE-2023-26307
@@ -32591,7 +32591,7 @@ CVE-2023-24483 (A vulnerability has been identified
that, if exploited, could re
CVE-2023-24482 (A vulnerability has been identified in COMOS V10.2 (All
versions), COM ...)
NOT-FOR-US: Siemens
CVE-2023-24477 (In certain conditions, depending on timing and the usage of
the Chrome ...)
- TODO: check
+ NOT-FOR-US: Guardian/CMC
CVE-2023-24471 (An access control vulnerability was found, due to the
restrictions tha ...)
TODO: check
CVE-2023-24015 (A partial DoS vulnerability has been detected in the Reports
section, ...)
@@ -32599,11 +32599,11 @@ CVE-2023-24015 (A partial DoS vulnerability has been
detected in the Reports sec
CVE-2023-23903 (An authenticated administrator can upload a SAML configuration
file wi ...)
TODO: check
CVE-2023-23574 (A blind SQL Injection vulnerability in Nozomi Networks
Guardian and CM ...)
- TODO: check
+ NOT-FOR-US: Nozomi Networks Guardian and CMC
CVE-2023-22843 (An authenticated attacker with administrative access to the
appliance ...)
- TODO: check
+ NOT-FOR-US: Nozomi Networks
CVE-2023-22378 (A blind SQL Injection vulnerability in Nozomi Networks
Guardian and CM ...)
- TODO: check
+ NOT-FOR-US: Nozomi Networks
CVE-2023-0479
RESERVED
CVE-2023-0478
@@ -38275,7 +38275,7 @@ CVE-2023-22668
CVE-2023-22667 (Memory Corruption in Audio while allocating the ion buffer
during the ...)
NOT-FOR-US: Qualcomm
CVE-2023-22666 (Memory Corruption in Audio while playing amrwbplus clips with
modified ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-0094
RESERVED
CVE-2023-0093 (Okta Advanced Server Access Client versions 1.13.1 through
1.65.0 are ...)
@@ -41317,7 +41317,7 @@ CVE-2022-47638
CVE-2022-47637
RESERVED
CVE-2022-47636 (A DLL hijacking vulnerability has been discovered in
OutSystems Servic ...)
- TODO: check
+ NOT-FOR-US: OutSystems Service Studio
CVE-2022-47635 (Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214,
and WMS ...)
NOT-FOR-US: Wildix CMS
CVE-2022-47634 (M-Link Archive Server in Isode M-Link R16.2v1 through R17.0
before R17 ...)
@@ -59580,7 +59580,7 @@ CVE-2022-42480
CVE-2022-41997
RESERVED
CVE-2022-41984 (Protection mechanism failure for some Intel(R) Arc(TM)
graphics cards ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-41982 (Uncontrolled search path element in the Intel(R) VTune(TM)
Profiler so ...)
NOT-FOR-US: Intel
CVE-2022-41784 (Improper access control in kernel mode driver for the Intel(R)
OFU sof ...)
@@ -62424,7 +62424,7 @@ CVE-2022-41621 (Improper access control in some
Intel(R) QAT drivers for Windows
CVE-2022-40972 (Improper access control in some Intel(R) QAT drivers for
Windows befor ...)
NOT-FOR-US: Intel
CVE-2022-38973 (Improper access control for some Intel(R) Arc(TM) graphics
cards A770 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-3367
RESERVED
CVE-2022-3366 (The PublishPress Capabilities WordPress plugin before 2.5.2,
PublishPr ...)
@@ -71473,7 +71473,7 @@ CVE-2022-38402 (Adobe InCopy version 17.3 (and earlier)
and 16.4.2 (and earlier)
CVE-2022-38401 (Adobe InCopy version 17.3 (and earlier) and 16.4.2 (and
earlier) are a ...)
NOT-FOR-US: Adobe
CVE-2022-38102 (Improper Input validation in firmware for some Intel(R)
Converged Secu ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-38090 (Improper isolation of shared resources in some Intel(R)
Processors whe ...)
{DLA-3379-1}
- intel-microcode 3.20230214.1 (bug #1031334)
@@ -71483,7 +71483,7 @@ CVE-2022-38090 (Improper isolation of shared resources
in some Intel(R) Processo
CVE-2022-38084
RESERVED
CVE-2022-38083 (Improper initialization in the BIOS firmware for some Intel(R)
Process ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-38072 (An improper array index validation vulnerability exists in the
stl_fix ...)
NOT-FOR-US: ADMesh
CVE-2022-38071
@@ -71491,7 +71491,7 @@ CVE-2022-38071
CVE-2022-37408
RESERVED
CVE-2022-37343 (Improper access control in the BIOS firmware for some Intel(R)
Process ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-36788 (A heap-based buffer overflow vulnerability exists in the
TriangleMesh ...)
- slic3r <unfixed> (bug #1034848)
[bookworm] - slic3r <no-dsa> (Minor issue)
@@ -72524,7 +72524,7 @@ CVE-2022-38060 (A privilege escalation vulnerability
exists in the sudo function
CVE-2022-38056 (Improper neutralization in the Intel(R) EMA software before
version 1. ...)
NOT-FOR-US: Intel
CVE-2022-37336 (Improper input validation in BIOS firmware for some Intel(R)
NUC may a ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-37329 (Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro
and Sta ...)
NOT-FOR-US: Intel
CVE-2022-36406
@@ -76834,7 +76834,7 @@ CVE-2017-20144 (A vulnerability has been found in
Anvsoft PDFMate PDF Converter
CVE-2022-36400 (Path traversal in the installer software for some Intel(r) NUC
Kit Wir ...)
NOT-FOR-US: Intel
CVE-2022-36392 (Improper input validation in some firmware for Intel(R) AMT
and Intel( ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-36384 (Unquoted search path in the installer software for some
Intel(r) NUC K ...)
NOT-FOR-US: Intel
CVE-2022-36382 (Out-of-bounds write in firmware for some Intel(R) Ethernet
Network Con ...)
@@ -77023,7 +77023,7 @@ CVE-2022-2511 (Cross-site Scripting (XSS) vulnerability
in the "commonuserinterf
CVE-2022-2510 (Cross-site Scripting (XSS) vulnerability in
"Extension:ExtendedSearch" ...)
NOT-FOR-US: BlueSpice
CVE-2022-36372 (Improper buffer restrictions in some Intel(R) NUC BIOS
firmware may al ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-36367 (Incorrect default permissions in the Intel(R) Support Android
applicat ...)
NOT-FOR-US: Intel
CVE-2022-36364 (Apache Calcite Avatica JDBC driver creates HTTP client
instances based ...)
@@ -77037,7 +77037,7 @@ CVE-2022-34848 (Uncontrolled search path for the
Intel(R) NUC Pro Software Suite
CVE-2022-34846
RESERVED
CVE-2022-34657 (Improper input validation in firmware for some Intel(R) PCSD
BIOS befo ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-33196 (Incorrect default permissions in some memory controller
configurations ...)
{DLA-3379-1}
- intel-microcode 3.20230214.1 (bug #1031334)
@@ -83862,7 +83862,7 @@ CVE-2022-30530 (Protection mechanism failure in the
Intel(R) DSA software before
CVE-2022-29895
RESERVED
CVE-2022-29871 (Improper access control in the Intel(R) CSME software
installer before ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-33981 (drivers/block/floppy.c in the Linux kernel before 5.17.6 is
vulnerable ...)
{DSA-5173-1 DLA-3065-1}
- linux 5.17.6-1
@@ -93491,7 +93491,7 @@ CVE-2022-29919 (Use after free in the Intel(R) VROC
software before version 7.7.
CVE-2022-29893 (Improper authentication in firmware for Intel(R) AMT before
versions 1 ...)
NOT-FOR-US: Intel
CVE-2022-29887 (Cross-site Scripting (XSS) in some Intel(R) Manageability
Commander so ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-29515 (Missing release of memory after effective lifetime in firmware
for Int ...)
NOT-FOR-US: Intel
CVE-2022-29508 (Null pointer dereference in the Intel(R) VROC software before
version ...)
@@ -93501,7 +93501,7 @@ CVE-2022-29507 (Insufficiently protected credentials in
the Intel(R) Team Blue m
CVE-2022-29478
RESERVED
CVE-2022-29470 (Improper access control in the Intel DTT Software before
version 8.7.1 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-28693
RESERVED
NOT-FOR-US: Intel
@@ -98906,7 +98906,7 @@ CVE-2022-28611 (Improper input validation in some
Intel(R) XMM(TM) 7560 Modem so
CVE-2022-28126 (Improper input validation in some Intel(R) XMM(TM) 7560 Modem
software ...)
NOT-FOR-US: Intel
CVE-2022-27879 (Improper buffer restrictions in the BIOS firmware for some
Intel(R) Pr ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-27876
RESERVED
CVE-2022-27874 (Improper authentication in some Intel(R) XMM(TM) 7560 Modem
software b ...)
@@ -101611,7 +101611,7 @@ CVE-2022-27863 (Sensitive Information Exposure in E4J
s.r.l. VikBooking Hotel Bo
CVE-2022-27862 (Arbitrary File Upload leading to RCE in E4J s.r.l. VikBooking
Hotel Bo ...)
NOT-FOR-US: Vikbooking
CVE-2022-27861 (Unauth. Open Redirect vulnerability in Arscode Ninja Popups
plugin <=4 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-27860 (Cross-Site Request Forgery (CSRF) leading to Cross-Site
Scripting (XSS ...)
NOT-FOR-US: WordPress plugin
CVE-2022-27859 (Multiple Authenticated (contributor or higher user role)
Stored Cross- ...)
@@ -106002,7 +106002,7 @@ CVE-2022-25909
CVE-2022-25870
RESERVED
CVE-2022-25864 (Uncontrolled search path in some Intel(R) oneMKL software
before versi ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2022-0822 (Cross-site Scripting (XSS) - Reflected in GitHub repository
orchardcms ...)
NOT-FOR-US: Orchard CMS
CVE-2022-0821 (Improper Authorization in GitHub repository
orchardcms/orchardcore pri ...)
@@ -169516,7 +169516,7 @@ CVE-2021-29059 (A vulnerability was discovered in
IS-SVG version 2.1.0 to 4.2.2
CVE-2021-29058
RESERVED
CVE-2021-29057 (An issue was discovered in StaticPool in SUCHMOKUO
node-worker-threads ...)
- TODO: check
+ NOT-FOR-US: SUCHMOKUO
CVE-2021-29056 (Cross Site Scripting (XSS) vulnerability exists in Pixelimity
1.0 via ...)
NOT-FOR-US: Pixelimity
CVE-2021-29055 (Cross Site Scripting (XSS) vulnerability in sourcecodester
School File ...)
@@ -170066,7 +170066,7 @@ CVE-2021-28837
CVE-2021-28836
RESERVED
CVE-2021-28835 (Buffer Overflow vulnerability in XNView before 2.50, allows
local atta ...)
- TODO: check
+ NOT-FOR-US: XNView
CVE-2021-28834 (Kramdown before 2.3.1 does not restrict Rouge formatters to
the Rouge: ...)
{DSA-4890-1}
- ruby-kramdown 2.3.0-5 (bug #985569)
@@ -171110,7 +171110,7 @@ CVE-2021-28429 (Integer overflow vulnerability in
av_timecode_make_string in lib
CVE-2021-28428 (File upload vulnerability in HorizontCMS before 1.0.0-beta.3
via uploa ...)
NOT-FOR-US: HorizontCMS
CVE-2021-28427 (Buffer Overflow vulnerability in XNView version 2.49.3, allows
local a ...)
- TODO: check
+ NOT-FOR-US: XNView
CVE-2021-28426
RESERVED
CVE-2021-28425
@@ -171142,7 +171142,7 @@ CVE-2021-28413
CVE-2021-28412
RESERVED
CVE-2021-28411 (An issue was discovered in getRememberedSerializedIdentity
function in ...)
- TODO: check
+ NOT-FOR-US: lerry903 RuoYi
CVE-2021-28410
RESERVED
CVE-2021-28409
@@ -175869,7 +175869,7 @@ CVE-2021-26507
CVE-2021-26506
RESERVED
CVE-2021-26505 (Prototype pollution vulnerability in MrSwitch hello.js version
1.18.6, ...)
- TODO: check
+ NOT-FOR-US: MrSwitch hello.js
CVE-2021-26504 (Directory Traversal vulnerability in Foddy
node-red-contrib-huemagic v ...)
TODO: check
CVE-2021-26503
@@ -177734,9 +177734,9 @@ CVE-2021-25859
CVE-2021-25858
RESERVED
CVE-2021-25857 (An issue was discovered in pcmt superMicro-CMS version 3.11,
allows au ...)
- TODO: check
+ NOT-FOR-US: pcmt superMicro-CMS
CVE-2021-25856 (An issue was discovered in pcmt superMicro-CMS version 3.11,
allows at ...)
- TODO: check
+ NOT-FOR-US: pcmt superMicro-CMS
CVE-2021-25855
RESERVED
CVE-2021-25854
@@ -188047,7 +188047,7 @@ CVE-2020-36138 (An issue was discovered in
decode_frame in libavcodec/tiff.c in
CVE-2020-36137
RESERVED
CVE-2020-36136 (SQL Injection vulnerability in cskaza cszcms version 1.2.9,
allows att ...)
- TODO: check
+ NOT-FOR-US: cskaza cszcms
CVE-2020-36135 (AOM v2.0.1 was discovered to contain a NULL pointer
dereference via th ...)
- aom 3.2.0-1
[bullseye] - aom <no-dsa> (Minor issue)
@@ -188187,7 +188187,7 @@ CVE-2020-36084
CVE-2020-36083
RESERVED
CVE-2020-36082 (File Upload vulnerability in bloofoxCMS version 0.5.2.1,
allows remote ...)
- TODO: check
+ NOT-FOR-US: bloofoxCMS
CVE-2020-36081
RESERVED
CVE-2020-36080
@@ -188287,13 +188287,13 @@ CVE-2020-36039
CVE-2020-36038
RESERVED
CVE-2020-36037 (An issue was disocvered in wuzhicms version 4.1.0, allows
remote attac ...)
- TODO: check
+ NOT-FOR-US: wuzhicms
CVE-2020-36036
RESERVED
CVE-2020-36035
RESERVED
CVE-2020-36034 (SQL Injection vulnerability in oretnom23 School Faculty
Scheduling Sys ...)
- TODO: check
+ NOT-FOR-US: oretnom23 School Faculty Scheduling System
CVE-2020-36033 (SQL injection vulnerability in SourceCodester Water Billing
System 1.0 ...)
NOT-FOR-US: SourceCodester
CVE-2020-36032
@@ -188387,7 +188387,7 @@ CVE-2020-35992 (Fiserv Prologue through 2020-12-16
does not properly protect the
CVE-2020-35991
RESERVED
CVE-2020-35990 (Buffer Overflow vulnerability in cFilenameInit parameter in
browseForD ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2020-35989
RESERVED
CVE-2020-35988
@@ -194464,11 +194464,11 @@ CVE-2020-35143
CVE-2020-35142
RESERVED
CVE-2020-35141 (An issue was discovered in OFPQueueGetConfigReply in parser.py
in Fauc ...)
- TODO: check
+ NOT-FOR-US: Faucet SDN Ryu
CVE-2020-35140
RESERVED
CVE-2020-35139 (An issue was discovered in OFPBundleCtrlMsg in parser.py in
Faucet SDN ...)
- TODO: check
+ NOT-FOR-US: Faucet SDN Ryu
CVE-2020-35138 (The MobileIron agents through 2021-03-22 for Android and iOS
contain a ...)
NOT-FOR-US: MobileIron
CVE-2020-35137 (The MobileIron agents through 2021-03-22 for Android and iOS
contain a ...)
@@ -198459,9 +198459,9 @@ CVE-2020-28851 (In x/text in Go 1.15.4, an "index out
of range" panic occurs in
CVE-2020-28850
RESERVED
CVE-2020-28849 (Cross Site Scripting (XSS) vulnerability in ChurchCRM version
4.2.1, a ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2020-28848 (CSV Injection vulnerability in ChurchCRM version 4.2.0, allows
remote ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2020-28847 (Cross Site Scripting (XSS) vulnerability in xCss Valine
v1.4.14 via th ...)
NOT-FOR-US: Valine
CVE-2020-28846 (Cross Site Request Forgery (CSRF) vulnerability exists in
SeaCMS 10.7 ...)
@@ -198725,7 +198725,7 @@ CVE-2020-28719
CVE-2020-28718
RESERVED
CVE-2020-28717 (Cross Site Scripting (XSS) vulnerability in content1 parameter
in demo ...)
- TODO: check
+ NOT-FOR-US: kindsoft kindeditor
CVE-2020-28716
RESERVED
CVE-2020-28715
@@ -205322,7 +205322,7 @@ CVE-2020-27545 (libdwarf before 20201017 has a
one-byte out-of-bounds read becau
NOTE: https://www.prevanders.net/dwarfbug.html#DW202010-001
NOTE:
https://github.com/davea42/libdwarf-code/commit/95f634808c01f1c61bbec56ed2395af997f397ea
CVE-2020-27544 (An issue was discovered in FoldingAtHome Client Advanced
Control GUI b ...)
- TODO: check
+ NOT-FOR-US: FoldingAtHome Client Advanced Control GUI
CVE-2020-27543 (The restify-paginate package 0.0.5 for Node.js allows remote
attackers ...)
NOT-FOR-US: Node restify-paginate
CVE-2020-27542 (Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command
injection. ...)
@@ -205523,7 +205523,7 @@ CVE-2020-27451
CVE-2020-27450
RESERVED
CVE-2020-27449 (Cross Site Scripting (XSS) vulnerability in Query Report
feature in Zo ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2020-27448
RESERVED
CVE-2020-27447
@@ -209110,7 +209110,7 @@ CVE-2020-25917 (Stratodesk NoTouch Center before
4.4.68 is affected by: Incorrec
CVE-2020-25916
RESERVED
CVE-2020-25915 (Cross Site Scripting (XSS) vulnerability in UserController.php
in Thin ...)
- TODO: check
+ NOT-FOR-US: ThinkCMF
CVE-2020-25914
RESERVED
CVE-2020-25913
@@ -211650,7 +211650,7 @@ CVE-2020-24952
CVE-2020-24951
RESERVED
CVE-2020-24950 (SQL Injection vulnerability in file Base_module_model.php in
Daylight ...)
- TODO: check
+ NOT-FOR-US: Daylight Studio FUEL-CMS
CVE-2020-24949 (Privilege escalation in PHP-Fusion 9.03.50
downloads/downloads.php all ...)
NOT-FOR-US: PHP-Fusion
CVE-2020-24948 (The ao_ccss_import AJAX call in Autoptimize Wordpress Plugin
2.7.6 doe ...)
@@ -211708,7 +211708,7 @@ CVE-2020-24924 (A Persistent Cross-site Scripting
vulnerability is found in Elka
CVE-2020-24923
RESERVED
CVE-2020-24922 (Cross Site Request Forgery (CSRF) vulnerability in
xxl-job-admin/user/ ...)
- TODO: check
+ NOT-FOR-US: XXL-Job
CVE-2020-24921
RESERVED
CVE-2020-24920
@@ -211817,7 +211817,7 @@ CVE-2020-24874
CVE-2020-24873
RESERVED
CVE-2020-24872 (Cross Site Scripting (XSS) vulnerability in
backend/pages/modify.php i ...)
- TODO: check
+ NOT-FOR-US: Lepton-CMS
CVE-2020-24871
RESERVED
CVE-2020-24870 (Libraw before 0.20.1 has a stack buffer overflow via
LibRaw::identify_ ...)
@@ -212012,7 +212012,7 @@ CVE-2020-24806
CVE-2020-24805
RESERVED
CVE-2020-24804 (Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms
v1.4.rc ...)
- TODO: check
+ NOT-FOR-US: cms-dev/cms
CVE-2020-24803
RESERVED
CVE-2020-24802
@@ -213399,7 +213399,7 @@ CVE-2020-24224
CVE-2020-24223 (Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php
via the ...)
NOT-FOR-US: Mara CMS
CVE-2020-24222 (Buffer Overflow vulnerability in jfif_decode() function in
rockcarry f ...)
- TODO: check
+ NOT-FOR-US: ffjpeg
CVE-2020-24221 (An issue was discovered in GetByte function in miniupnp
ngiflib versio ...)
TODO: check
CVE-2020-24220 (ShopXO v1.8.1 has a command execution vulnerability. Attackers
can use ...)
@@ -213695,7 +213695,7 @@ CVE-2020-24077
CVE-2020-24076
RESERVED
CVE-2020-24075 (Cross Site Scripting (XSS) vulnerability in Name Input Field
in Contac ...)
- TODO: check
+ NOT-FOR-US: Laborator Kalium
CVE-2020-24074 (The decode program in silk-v3-decoder Version:20160922 Build
By kn007 ...)
NOT-FOR-US: silk-v3-decoder
CVE-2020-24073
@@ -214722,7 +214722,7 @@ CVE-2020-23597
CVE-2020-23596
RESERVED
CVE-2020-23595 (Cross Site Request Forgery (CSRF) vulnerability in yzmcms
version 5.6, ...)
- TODO: check
+ NOT-FOR-US: yzmcms
CVE-2020-23594
RESERVED
CVE-2020-23593 (A vulnerability in OPTILINK OP-XT71000N Hardware Version:
V2.2, Firmwa ...)
@@ -221358,7 +221358,7 @@ CVE-2020-20525
CVE-2020-20524
RESERVED
CVE-2020-20523 (Cross Site Scripting (XSS) vulnerability in adm_user parameter
in Gila ...)
- TODO: check
+ NOT-FOR-US: Gila CMS
CVE-2020-20522 (Cross Site Scripting vulnerability found in KiteCMS v.1.1
allows a rem ...)
NOT-FOR-US: KiteCMS
CVE-2020-20521 (Cross Site Scripting vulnerability found in KiteCMS v.1.1
allows a rem ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b940955f504a4a91e09c2f385dff9a7cdf18c9b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b940955f504a4a91e09c2f385dff9a7cdf18c9b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
