Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e4ee41e4 by Salvatore Bonaccorso at 2023-09-09T11:06:34+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2023-4845 (A vulnerability was found in SourceCodester
Simple Membership Sys
CVE-2023-4844 (A vulnerability was found in SourceCodester Simple Membership
System 1 ...)
TODO: check
CVE-2023-4838 (The Simple Download Counter plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: Simple Download Counter plugin for WordPress
CVE-2023-42278 (hutool v5.8.21 was discovered to contain a buffer overflow via
the com ...)
TODO: check
CVE-2023-42277 (hutool v5.8.21 was discovered to contain a buffer overflow via
the com ...)
@@ -17,7 +17,7 @@ CVE-2023-42276 (hutool v5.8.21 was discovered to contain a
buffer overflow via t
CVE-2023-41564 (An arbitrary file upload vulnerability in the Upload Asset
function of ...)
TODO: check
CVE-2023-40306 (SAP S/4HANA Manage Catalog Items and Cross-Catalog searches
Fiori apps ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-4853
NOT-FOR-US: Quarkus
CVE-2023-4843 (Pega Platform versions 7.1 to 8.8.3 are affected by an HTML
Injection ...)
@@ -16266,7 +16266,7 @@ CVE-2023-30997
CVE-2023-30996
RESERVED
CVE-2023-30995 (IBM Aspera Faspex 5.0.5 could allow a malicious actor to
bypass IP whi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-30994
RESERVED
CVE-2023-30993 (IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0
could allow ...)
@@ -34900,7 +34900,7 @@ CVE-2023-24967
CVE-2023-24966 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to
cross-si ...)
NOT-FOR-US: IBM
CVE-2023-24965 (IBM Aspera Faspex 5.0.5 does not restrict or incorrectly
restricts acc ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-24964 (IBM InfoSphere Information Server 11.7 could allow a local
user to obt ...)
NOT-FOR-US: IBM
CVE-2023-24963
@@ -89897,7 +89897,7 @@ CVE-2022-33166 (IBM Security Directory Suite VA 8.0.1
through 8.0.1.19 could all
CVE-2022-33165
RESERVED
CVE-2022-33164 (IBM Security Directory Server 7.2.0 could allow a remote
attacker to t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-33163 (IBM Security Directory Suite VA 8.0.1 specifies permissions
for a secu ...)
NOT-FOR-US: IBM
CVE-2022-33162
@@ -123458,7 +123458,7 @@ CVE-2022-22411 (IBM Spectrum Scale Data Access
Services (DAS) 5.1.3.1 could allo
CVE-2022-22410 (IBM Watson Query with Cloud Pak for Data as a Service could
allow an a ...)
NOT-FOR-US: IBM
CVE-2022-22409 (IBM Aspera Faspex 5.0.5 could allow a remote attacker to
gather sensit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22408
RESERVED
CVE-2022-22407
@@ -123466,15 +123466,15 @@ CVE-2022-22407
CVE-2022-22406
RESERVED
CVE-2022-22405 (IBM Aspera Faspex 5.0.5 could allow a remote attacker to
obtain sensit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22404 (IBM App Connect Enterprise Certified Container Dashboard UI
(IBM App C ...)
NOT-FOR-US: IBM
CVE-2022-22403
RESERVED
CVE-2022-22402 (IBM Aspera Faspex 5.0.5 is vulnerable to cross-site scripting.
This vu ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22401 (IBM Aspera Faspex 5.0.5 could allow a remote attacker to
gather or per ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22400
RESERVED
CVE-2022-22399
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4ee41e40a6f1e55e883484fd403e8e068d5e7ae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4ee41e40a6f1e55e883484fd403e8e068d5e7ae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
