Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
65698136 by Salvatore Bonaccorso at 2023-08-29T22:23:22+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,9 +3,9 @@ CVE-2023-4572 (Use after free in MediaStream in Google Chrome
prior to 116.0.584
CVE-2023-4346 (KNX devices that use KNX Connection Authorization and support
Option 1 ...)
TODO: check
CVE-2023-41376 (Nokia Service Router Operating System (SR OS) 22.10 and SR
Linux, when ...)
- TODO: check
+ NOT-FOR-US: Nokia Service Router Operating System (SR OS) and SR Linux
CVE-2023-41362 (MyBB before 1.8.36 allows Code Injection by users with certain
high pr ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2023-41037 (OpenPGP.js is a JavaScript implementation of the OpenPGP
protocol. In ...)
TODO: check
CVE-2023-40890 (A stack-based buffer overflow vulnerability exists in the
lookup_seque ...)
@@ -15,7 +15,7 @@ CVE-2023-40889 (A heap-based buffer overflow exists in the
qr_reader_match_cente
CVE-2023-40787 (In SpringBlade V3.6.0 when executing SQL query, the parameters
submitt ...)
TODO: check
CVE-2023-3646 (On affected platforms running Arista EOS with mirroring to
multiple de ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2023-3253 (An improper authorization vulnerability exists where an
authenticated, ...)
TODO: check
CVE-2023-3252 (An arbitrary file write vulnerability exists where an
authenticated, r ...)
@@ -33,17 +33,17 @@ CVE-2023-39615 (Xmlsoft Libxml2 v2.11.0 was discovered to
contain a global buffe
CVE-2023-39522 (goauthentik is an open-source Identity Provider. In affected
versions ...)
TODO: check
CVE-2023-39268 (A memory corruption vulnerability in ArubaOS-Switch could lead
to unau ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-39267 (An authenticated remote code execution vulnerability exists in
the com ...)
TODO: check
CVE-2023-39266 (A vulnerability in the ArubaOS-Switch web management interface
could a ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-38802 (FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow
a remote ...)
TODO: check
CVE-2023-38283 (In OpenBGPD before 8.1, incorrect handling of BGP update data
(length ...)
TODO: check
CVE-2023-34039 (Aria Operations for Networks contains an Authentication Bypass
vulnera ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-4585
- firefox <unfixed>
- firefox-esr <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65698136929bfc88bdaa0b870b40204d78dadad1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65698136929bfc88bdaa0b870b40204d78dadad1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
