Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ab4080e6 by Salvatore Bonaccorso at 2023-09-01T22:32:44+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14,29 +14,29 @@ CVE-2023-4720 (Floating Point Comparison with Incorrect
Operator in GitHub repos
NOTE:
https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a
NOTE: https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad
CVE-2023-4714 (A vulnerability was found in PlayTube 3.0.1 and classified as
problema ...)
- TODO: check
+ NOT-FOR-US: PlayTube
CVE-2023-4713 (A vulnerability has been found in IBOS OA 4.5.5 and classified
as crit ...)
- TODO: check
+ NOT-FOR-US: IBOS OA
CVE-2023-4712 (A vulnerability, which was classified as critical, was found in
Xintia ...)
TODO: check
CVE-2023-4711 (A vulnerability, which was classified as critical, has been
found in D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2023-4710 (A vulnerability classified as problematic was found in TOTVS RM
12.1. ...)
- TODO: check
+ NOT-FOR-US: TOTVS RM
CVE-2023-4709 (A vulnerability classified as problematic has been found in
TOTVS RM 1 ...)
- TODO: check
+ NOT-FOR-US: TOTVS RM
CVE-2023-4708 (A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has
been r ...)
- TODO: check
+ NOT-FOR-US: Infosoftbd Clcknshop
CVE-2023-4707 (A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has
been d ...)
- TODO: check
+ NOT-FOR-US: Infosoftbd Clcknshop
CVE-2023-4704 (External Control of System or Configuration Setting in GitHub
reposito ...)
- TODO: check
+ NOT-FOR-US: icms2
CVE-2023-41633 (Catdoc v0.95 was discovered to contain a NULL pointer
dereference via ...)
TODO: check
CVE-2023-41628 (An issue in O-RAN Software Community E2 G-Release allows
attackers to ...)
- TODO: check
+ NOT-FOR-US: O-RAN
CVE-2023-41627 (O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not
validate the ...)
- TODO: check
+ NOT-FOR-US: O-RAN
CVE-2023-41364 (In tine through 2023.01.14.325, the sort parameter of the
/index.php e ...)
TODO: check
CVE-2023-41051 (In a typical Virtual Machine Monitor (VMM) there are several
component ...)
@@ -44,51 +44,51 @@ CVE-2023-41051 (In a typical Virtual Machine Monitor (VMM)
there are several com
CVE-2023-41049 (@dcl/single-sign-on-client is an open source npm library which
deals w ...)
TODO: check
CVE-2023-41046 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-40980 (File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and
before ...)
- TODO: check
+ NOT-FOR-US: DWSurvey DWSurvey-OSS
CVE-2023-40970 (Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: Senayan Library Management Systems SLIMS 9 Bulian
CVE-2023-40969 (Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: Senayan Library Management Systems SLIMS 9 Bulian
CVE-2023-40968 (Buffer Overflow vulnerability in hzeller timg v.1.5.2 and
before allow ...)
TODO: check
CVE-2023-40771 (SQL injection vulnerability in DataEase v.1.18.9 allows a
remote attac ...)
TODO: check
CVE-2023-40239 (Certain Lexmark devices (such as CS310) before 2023-08-25
allow XXE at ...)
- TODO: check
+ NOT-FOR-US: Lexmark
CVE-2023-3210 (An issue has been discovered in GitLab affecting all versions
starting ...)
TODO: check
CVE-2023-39714 (Multiple cross-site scripting (XSS) vulnerabilities in Free
and Open S ...)
- TODO: check
+ NOT-FOR-US: Free and Open Source Inventory Management System
CVE-2023-39710 (Multiple cross-site scripting (XSS) vulnerabilities in Free
and Open S ...)
- TODO: check
+ NOT-FOR-US: Free and Open Source Inventory Management System
CVE-2023-39703 (A cross site scripting (XSS) vulnerability in the Markdown
Editor comp ...)
- TODO: check
+ NOT-FOR-US: Typora
CVE-2023-39685 (An issue in hjson-java up to v3.0.0 allows attackers to cause
a Denial ...)
TODO: check
CVE-2023-39631 (An issue in LanChain-ai Langchain v.0.0.245 allows a remote
attacker t ...)
TODO: check
CVE-2023-39582 (SQL Injection vulnerability in Chamilo LMS v.1.11 thru
v.1.11.20 allow ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2023-37997 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Dharmesh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37994 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37986 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in mini ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37893 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Chop-Cho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37830 (A cross-site scripting (XSS) vulnerability in General
Solutions Steine ...)
- TODO: check
+ NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
CVE-2023-37829 (A cross-site scripting (XSS) vulnerability in General
Solutions Steine ...)
- TODO: check
+ NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
CVE-2023-37828 (A cross-site scripting (XSS) vulnerability in General
Solutions Steine ...)
- TODO: check
+ NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
CVE-2023-37827 (A cross-site scripting (XSS) vulnerability in General
Solutions Steine ...)
- TODO: check
+ NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
CVE-2023-37826 (A cross-site scripting (XSS) vulnerability in General
Solutions Steine ...)
- TODO: check
+ NOT-FOR-US: General Solutions Steiner GmbH CASE 3 Taskmanagement
CVE-2023-36328 (Integer Overflow vulnerability in mp_grow in libtom libtommath
before ...)
TODO: check
CVE-2023-36327 (Integer Overflow vulnerability in RELIC before commit
421f2e91cf2ba424 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab4080e607a8991ec6ab45c6e874d3b416a28fd9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab4080e607a8991ec6ab45c6e874d3b416a28fd9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
