Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 223950e9 by Salvatore Bonaccorso at 2023-09-20T22:40:12+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -45,47 +45,47 @@ CVE-2023-43373 (Hoteldruid v3.0.5 was discovered to contain a SQL injection vuln CVE-2023-43371 (Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...) - hoteldruid <unfixed> CVE-2023-43207 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43206 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43204 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43203 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a stack ov ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43202 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43201 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a st ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43200 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a st ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43199 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a st ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43198 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a st ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43197 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a st ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43196 (D-Link DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack ove ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2023-43138 (TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command inje ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2023-43137 (TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command inje ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2023-43134 (There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3 ...) TODO: check CVE-2023-42660 (In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8) ...) - TODO: check + NOT-FOR-US: Progress MOVEit Transfer CVE-2023-42656 (In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8) ...) - TODO: check + NOT-FOR-US: Progress MOVEit Transfer CVE-2023-42335 (Unrestricted File Upload vulnerability in Fl3xx Dispatch 2.10.37 and f ...) - TODO: check + NOT-FOR-US: Fl3xx Dispatch CVE-2023-42334 (An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37 and fl3x ...) - TODO: check + NOT-FOR-US: Fl3xx Dispatch CVE-2023-42331 (A file upload vulnerability in EliteCMS 1.01 allows a remote attacker ...) - TODO: check + NOT-FOR-US: EliteCMS CVE-2023-42147 (An issue in CloudExplorer Lite 1.3.1 allows an attacker to obtain sens ...) - TODO: check + NOT-FOR-US: CloudExplorer Lite CVE-2023-41902 (An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2. ...) - TODO: check + NOT-FOR-US: CoreCode MacUpdater CVE-2023-41484 (An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to obtain s ...) TODO: check CVE-2023-41375 (Use after free vulnerability exists in Kostac PLC Programming Software ...) @@ -99,25 +99,25 @@ CVE-2023-40619 (phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization o CVE-2023-40618 (A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeM ...) TODO: check CVE-2023-40368 (IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-40043 (In Progress MOVEit Transfer versions released before 2021.1.8 (13.1.8) ...) - TODO: check + NOT-FOR-US: Progress MOVEit Transfer CVE-2023-39052 (An information leak in Earthgarden_waiting 13.6.1 allows attackers to ...) - TODO: check + NOT-FOR-US: Earthgarden_waiting CVE-2023-39045 (An information leak in kokoroe_members card Line 13.6.1 allows attacke ...) - TODO: check + NOT-FOR-US: kokoroe_members card Line CVE-2023-39044 (An information leak in ajino-Shiretoko Line v13.6.1 allows attackers t ...) - TODO: check + NOT-FOR-US: ajino-Shiretoko Line CVE-2023-39041 (An information leak in KUKURUDELI Line v13.6.1 allows attackers to obt ...) - TODO: check + NOT-FOR-US: KUKURUDELI Line CVE-2023-38718 (IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-37410 (IBM Personal Communications 14.05, 14.06, and 15.0.0 could allow a loc ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-34047 (A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 a ...) TODO: check CVE-2023-2508 (The `PaperCutNG Mobility Print` version 1.0.3512 application allows an ...) - TODO: check + NOT-FOR-US: PaperCutNG CVE-2023-4504 [Postscript parsing heap-based buffer overflow] - cups 2.4.2-6 [bookworm] - cups <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/223950e92354a89c197605377b185377edf51a22 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/223950e92354a89c197605377b185377edf51a22 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits