Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
89f9542c by Salvatore Bonaccorso at 2023-08-26T09:06:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18,7 +18,7 @@ CVE-2023-41248 (In JetBrains TeamCity before 2023.05.3 stored
XSS was possible d
CVE-2023-41173 (AdGuard DNS before 2.2 allows remote attackers to cause a
denial of se ...)
TODO: check
CVE-2023-41167 (@webiny/react-rich-text-renderer before 5.37.2 allows XSS
attacks by c ...)
- TODO: check
+ NOT-FOR-US: Webiny
CVE-2023-40915 (Tenda AX3 v16.03.12.11 has a stack buffer overflow
vulnerability detec ...)
NOT-FOR-US: Tenda
CVE-2023-40802 (The get_parentControl_list_Info function does not verify the
parameter ...)
@@ -44,11 +44,11 @@ CVE-2023-40579 (OpenFGA is an authorization/permission
engine built for develope
CVE-2023-40577 (Alertmanager handles alerts sent by client applications such
as the Pr ...)
TODO: check
CVE-2023-40570 (Datasette is an open source multi-tool for exploring and
publishing da ...)
- TODO: check
+ NOT-FOR-US: Datasette
CVE-2023-40568
REJECTED
CVE-2023-40530 (Improper authorization in handler for custom URL scheme issue
in 'Skyl ...)
- TODO: check
+ NOT-FOR-US: 'Skylark' App
CVE-2023-40182 (Silverware Games is a premium social network where people can
play gam ...)
NOT-FOR-US: Silverware Games
CVE-2023-40179 (Silverware Games is a premium social network where people can
play gam ...)
@@ -96,9 +96,9 @@ CVE-2023-37469 (CasaOS is an open-source personal cloud
system. Prior to version
CVE-2023-37249 (Infoblox NIOS through 8.5.1 has a faulty component that
accepts malici ...)
NOT-FOR-US: Infoblox NIOS
CVE-2023-36199 (An issue in skalenetwork sgxwallet v.1.9.0 and below allows an
attacke ...)
- TODO: check
+ NOT-FOR-US: skalenetwork sgxwallet
CVE-2023-36198 (Buffer Overflow vulnerability in skalenetwork sgxwallet
v.1.9.0 allows ...)
- TODO: check
+ NOT-FOR-US: skalenetwork sgxwallet
CVE-2023-32797 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
I Thirte ...)
NOT-FOR-US: WordPress plugin
CVE-2023-32757 (e-Excellence U-Office Force file uploading function does not
restrict ...)
@@ -108,7 +108,7 @@ CVE-2023-32756 (e-Excellence U-Office Force has a path
traversal vulnerability w
CVE-2023-32755 (e-Excellence U-Office Force generates an error message in
webiste serv ...)
NOT-FOR-US: e-Excellence U-Office Force
CVE-2023-32678 (Zulip is an open-source team collaboration tool with
topic-based threa ...)
- TODO: check
+ NOT-FOR-US: Zulip
CVE-2023-32603 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
RedNao D ...)
NOT-FOR-US: WordPress plugin
CVE-2023-32598 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
A. R. Jo ...)
@@ -225004,7 +225004,7 @@ CVE-2020-19727
CVE-2020-19726 (An issue was discovered in binutils libbfd.c 2.36 relating to
the auxi ...)
TODO: check
CVE-2020-19725 (There is a use-after-free vulnerability in file
pdd_simplifier.cpp in ...)
- TODO: check
+ NOT-FOR-US: Z3Prover Z3
CVE-2020-19724 (A memory consumption issue in get_data function in
binutils/nm.c in GN ...)
TODO: check
CVE-2020-19723
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89f9542c2592eade203c74717b2e141ec4a5e848
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89f9542c2592eade203c74717b2e141ec4a5e848
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
