Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
02e60846 by Salvatore Bonaccorso at 2023-08-22T22:28:25+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
CVE-2023-4475 (An Arbitrary File Movement vulnerability was found in ASUSTOR
Data Mas ...)
- TODO: check
+ NOT-FOR-US: ASUSTOR
CVE-2023-4303 (Jenkins Fortify Plugin 22.1.38 and earlier does not escape the
error m ...)
- TODO: check
+ NOT-FOR-US: Jenkins Fortify Plugin
CVE-2023-4212 (A command injection vulnerability exists in Trane XL824, XL850,
XL1050 ...)
- TODO: check
+ NOT-FOR-US: Trane and Pivot thermostats
CVE-2023-3699 (An Improper Privilege Management vulnerability was found in
ASUSTOR Da ...)
- TODO: check
+ NOT-FOR-US: ASUSTOR
CVE-2023-39599 (Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0
allows att ...)
- TODO: check
+ NOT-FOR-US: CSZ CMS
CVE-2023-39141 (webui-aria2 commit 4fe2e was discovered to contain a path
traversal vu ...)
TODO: check
CVE-2023-38996 (An issue in all versions of Douran DSGate allows a local
authenticated ...)
- TODO: check
+ NOT-FOR-US: Douran DSGate
CVE-2023-38909 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and
Tapo Applic ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2023-38908 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and
Tapo Applic ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2023-38906 (An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and
Tapo Applic ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2023-38732 (IBM Robotic Process Automation 21.0.0 through 21.0.7 server
could allo ...)
NOT-FOR-US: IBM
CVE-2023-38668 (Stack-based buffer over-read in disasm in nasm 2.16 allows
attackers t ...)
@@ -25,53 +25,53 @@ CVE-2023-38668 (Stack-based buffer over-read in disasm in
nasm 2.16 allows attac
CVE-2023-38667 (Stack-based buffer over-read in function disasm in nasm 2.16
allows at ...)
TODO: check
CVE-2023-38666 (Bento4 v1.6.0-639 was discovered to contain a segmentation
violation v ...)
- TODO: check
+ NOT-FOR-US: Bento4
CVE-2023-38665 (Null pointer dereference in ieee_write_file in nasm 2.16rc0
allows att ...)
TODO: check
CVE-2023-37440 (A vulnerability in the web-based management interfaceof
EdgeConnect SD ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37439 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37438 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37437 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37436 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37435 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37434 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37433 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37432 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37431 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37430 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37429 (Multiple vulnerabilities in the web-based managementinterface
of EdgeC ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37428 (A vulnerability in the EdgeConnect SD-WAN
Orchestratorweb-based manage ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37427 (A vulnerability in the web-based management interface
ofEdgeConnect SD ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37426 (EdgeConnect SD-WAN Orchestrator instances prior to theversions
resolve ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37425 (A vulnerability in the web-based management interfaceof
EdgeConnect SD ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37424 (A vulnerability in the web-based management interfaceof
EdgeConnect SD ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37423 (Vulnerabilities in the web-based management interface of
EdgeConnect S ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37422 (Vulnerabilities in the web-based management interface of
EdgeConnect S ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-37421 (Vulnerabilities in the web-based management interface of
EdgeConnect S ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-36281 (An issue in langchain v.0.0.171 allows a remote attacker to
execute ar ...)
TODO: check
CVE-2023-34853 (Buffer Overflow vulnerability in Supermicro motherboard
X12DPG-QR 1.4b ...)
- TODO: check
+ NOT-FOR-US: Supermicro motherboard X12DPG-QR
CVE-2022-48571 (memcached 1.6.7 allows a Denial of Service via multi-packet
uploads in ...)
TODO: check
CVE-2022-48570 (Crypto++ through 8.4 contains a timing side channel in ECDSA
signature ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02e60846978dc2ab65dd673eef8a9d43c601cbcf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02e60846978dc2ab65dd673eef8a9d43c601cbcf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
