Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
44892b34 by Salvatore Bonaccorso at 2023-08-25T23:18:21+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -34,13 +34,13 @@ CVE-2023-40798 (In Tenda AC23 v16.03.07.45_cn, the
formSetIPv6status and formGet
CVE-2023-40797 (In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does
not valida ...)
NOT-FOR-US: Tenda
CVE-2023-40796 (Phicomm k2 v22.6.529.216 is vulnerable to command injection.)
- TODO: check
+ NOT-FOR-US: Phicomm
CVE-2023-40599 (Regular expression Denial-of-Service (ReDoS) exists in
multiple add-on ...)
NOT-FOR-US: multiple addons for Mailform Pro CGI
CVE-2023-40580 (Freighter is a Stellar chrome extension. It may be possible
for a mali ...)
- TODO: check
+ NOT-FOR-US: Freighter Stellar chrome extension
CVE-2023-40579 (OpenFGA is an authorization/permission engine built for
developers and ...)
- TODO: check
+ NOT-FOR-US: OpenFGA
CVE-2023-40577 (Alertmanager handles alerts sent by client applications such
as the Pr ...)
TODO: check
CVE-2023-40570 (Datasette is an open source multi-tool for exploring and
publishing da ...)
@@ -50,19 +50,19 @@ CVE-2023-40568
CVE-2023-40530 (Improper authorization in handler for custom URL scheme issue
in 'Skyl ...)
TODO: check
CVE-2023-40182 (Silverware Games is a premium social network where people can
play gam ...)
- TODO: check
+ NOT-FOR-US: Silverware Games
CVE-2023-40179 (Silverware Games is a premium social network where people can
play gam ...)
- TODO: check
+ NOT-FOR-US: Silverware Games
CVE-2023-40036 (Notepad++ is a free and open-source source code editor.
Versions 8.5.6 ...)
- TODO: check
+ NOT-FOR-US: Notepad++
CVE-2023-40031 (Notepad++ is a free and open-source source code editor.
Versions 8.5.6 ...)
- TODO: check
+ NOT-FOR-US: Notepad++
CVE-2023-40030 (Cargo downloads a Rust project\u2019s dependencies and
compiles the pr ...)
TODO: check
CVE-2023-40022 (Rizin is a UNIX-like reverse engineering framework and
command-line to ...)
- TODO: check
+ NOT-FOR-US: Rizin
CVE-2023-40017 (GeoNode is an open source platform that facilitates the
creation, shar ...)
- TODO: check
+ NOT-FOR-US: GeoNode
CVE-2023-3425 (Out-of-bounds read issue in M-Files Server versions below
23.8.12892.6 ...)
NOT-FOR-US: M-Files
CVE-2023-3406 (Path Traversal issue in M-Files Classic Web versions below
23.6.12695. ...)
@@ -70,29 +70,29 @@ CVE-2023-3406 (Path Traversal issue in M-Files Classic Web
versions below 23.6.1
CVE-2023-39742 (giflib v5.2.1 was discovered to contain a segmentation fault
via the c ...)
TODO: check
CVE-2023-39707 (A stored cross-site scripting (XSS) vulnerability in Free and
Open Sou ...)
- TODO: check
+ NOT-FOR-US: Free and Open Source Inventory Management System
CVE-2023-39700 (IceWarp Mail Server v10.4.5 was discovered to contain a
reflected cros ...)
- TODO: check
+ NOT-FOR-US: IceWarp
CVE-2023-39699 (IceWarp Mail Server v10.4.5 was discovered to contain a local
file inc ...)
- TODO: check
+ NOT-FOR-US: IceWarp
CVE-2023-39600 (IceWarp 11.4.6.0 was discovered to contain a cross-site
scripting (XSS ...)
- TODO: check
+ NOT-FOR-US: IceWarp
CVE-2023-39521 (Tuleap is an open source suite to improve management of
software devel ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2023-39519 (Cloud Explorer Lite is an open source cloud management
platform. Prior ...)
NOT-FOR-US: Cloud Explorer Lite
CVE-2023-38974 (A stored cross-site scripting (XSS) vulnerability in the Edit
Category ...)
- TODO: check
+ NOT-FOR-US: Badaso
CVE-2023-38973 (A stored cross-site scripting (XSS) vulnerability in the Add
Tag funct ...)
- TODO: check
+ NOT-FOR-US: Badaso
CVE-2023-38508 (Tuleap is an open source suite to improve management of
software devel ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2023-38201 (A flaw was found in the Keylime registrar that could allow a
bypass of ...)
- TODO: check
+ NOT-FOR-US: Keylime
CVE-2023-37469 (CasaOS is an open-source personal cloud system. Prior to
version 0.4.4 ...)
NOT-FOR-US: CasaOS
CVE-2023-37249 (Infoblox NIOS through 8.5.1 has a faulty component that
accepts malici ...)
- TODO: check
+ NOT-FOR-US: Infoblox NIOS
CVE-2023-36199 (An issue in skalenetwork sgxwallet v.1.9.0 and below allows an
attacke ...)
TODO: check
CVE-2023-36198 (Buffer Overflow vulnerability in skalenetwork sgxwallet
v.1.9.0 allows ...)
@@ -174319,7 +174319,7 @@ CVE-2021-27934
CVE-2021-27933 (pfSense 2.5.0 allows XSS via the services_wol_edit.php
Description fie ...)
NOT-FOR-US: pfSense
CVE-2021-27932 (Stormshield Network Security (SNS) VPN SSL Client 2.1.0
through 2.8.0 ...)
- TODO: check
+ NOT-FOR-US: Stormshield Network Security (SNS)
CVE-2021-27931 (LumisXP (aka Lumis Experience Platform) before 10.0.0 allows
unauthent ...)
NOT-FOR-US: LumisXP (aka Lumis Experience Platform)
CVE-2021-27930 (Multiple stored XSS vulnerabilities in IrisNext Edition
9.5.16, which ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44892b3405bd7d6d1dfa0b927aa125fe619408e9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44892b3405bd7d6d1dfa0b927aa125fe619408e9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
