Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c1735d69 by Salvatore Bonaccorso at 2023-09-02T10:24:36+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2023-4718 (The Font Awesome 4 Menus plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: Font Awesome 4 Menus plugin for WordPress
CVE-2023-4722 (Integer Overflow or Wraparound in GitHub repository gpac/gpac
prior to ...)
- gpac <unfixed>
[buster] - gpac <end-of-life> (EOL in buster LTS)
@@ -20,7 +20,7 @@ CVE-2023-4714 (A vulnerability was found in PlayTube 3.0.1
and classified as pro
CVE-2023-4713 (A vulnerability has been found in IBOS OA 4.5.5 and classified
as crit ...)
NOT-FOR-US: IBOS OA
CVE-2023-4712 (A vulnerability, which was classified as critical, was found in
Xintia ...)
- TODO: check
+ NOT-FOR-US: Xintian Smart Table Integrated Management System
CVE-2023-4711 (A vulnerability, which was classified as critical, has been
found in D ...)
NOT-FOR-US: D-Link
CVE-2023-4710 (A vulnerability classified as problematic was found in TOTVS RM
12.1. ...)
@@ -56,7 +56,7 @@ CVE-2023-40969 (Senayan Library Management Systems SLIMS 9
Bulian v9.6.1 is vuln
CVE-2023-40968 (Buffer Overflow vulnerability in hzeller timg v.1.5.2 and
before allow ...)
TODO: check
CVE-2023-40771 (SQL injection vulnerability in DataEase v.1.18.9 allows a
remote attac ...)
- TODO: check
+ NOT-FOR-US: DataEase
CVE-2023-40239 (Certain Lexmark devices (such as CS310) before 2023-08-25
allow XXE at ...)
NOT-FOR-US: Lexmark
CVE-2023-3210 (An issue has been discovered in GitLab affecting all versions
starting ...)
@@ -70,7 +70,7 @@ CVE-2023-39703 (A cross site scripting (XSS) vulnerability in
the Markdown Edito
CVE-2023-39685 (An issue in hjson-java up to v3.0.0 allows attackers to cause
a Denial ...)
TODO: check
CVE-2023-39631 (An issue in LanChain-ai Langchain v.0.0.245 allows a remote
attacker t ...)
- TODO: check
+ NOT-FOR-US: LanChain-ai Langchain
CVE-2023-39582 (SQL Injection vulnerability in Chamilo LMS v.1.11 thru
v.1.11.20 allow ...)
NOT-FOR-US: Chamilo LMS
CVE-2023-37997 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Dharmesh ...)
@@ -98,15 +98,15 @@ CVE-2023-36327 (Integer Overflow vulnerability in RELIC
before commit 421f2e91cf
CVE-2023-36326 (Integer Overflow vulnerability in RELIC before commit
34580d840469361b ...)
TODO: check
CVE-2023-36187 (Buffer Overflow vulnerability in NETGEAR R6400v2 before
version 1.0.4. ...)
- TODO: check
+ NOT-FOR-US: NETGEAR
CVE-2023-36100 (An issue was discovered in IceCMS version 2.0.1, allows
attackers to e ...)
- TODO: check
+ NOT-FOR-US: IceCMS
CVE-2023-36088 (Server Side Request Forgery (SSRF) vulnerability in
NebulaGraph Studio ...)
- TODO: check
+ NOT-FOR-US: NebulaGraph Studio
CVE-2023-36076 (SQL Injection vulnerability in smanga version 3.1.9 and
earlier, allow ...)
TODO: check
CVE-2023-34011 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Shop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4647 (An issue has been discovered in GitLab affecting all versions
starting ...)
- gitlab <unfixed>
CVE-2023-3205 (An issue has been discovered in GitLab affecting all versions
starting ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1735d698450d71e60083889b6876b8d252b4a3d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1735d698450d71e60083889b6876b8d252b4a3d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
