Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
223950e9 by Salvatore Bonaccorso at 2023-09-20T22:40:12+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45,47 +45,47 @@ CVE-2023-43373 (Hoteldruid v3.0.5 was discovered to contain
a SQL injection vuln
CVE-2023-43371 (Hoteldruid v3.0.5 was discovered to contain a SQL injection
vulnerabil ...)
- hoteldruid <unfixed>
CVE-2023-43207 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a
command ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43206 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a
command ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43204 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a
command ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43203 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a
stack ov ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43202 (D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a
command ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43201 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to
contain a st ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43200 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to
contain a st ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43199 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to
contain a st ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43198 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to
contain a st ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43197 (D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to
contain a st ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43196 (D-Link DI-7200GV2.E1 v21.04.09E1 was discovered to contain a
stack ove ...)
- TODO: check
+ NOT-FOR-US: D-LINK
CVE-2023-43138 (TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a
command inje ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-43137 (TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a
command inje ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-43134 (There is an unauthorized access vulnerability in Netis
360RAC1200 v1.3 ...)
TODO: check
CVE-2023-42660 (In Progress MOVEit Transfer versions released before 2021.1.8
(13.1.8) ...)
- TODO: check
+ NOT-FOR-US: Progress MOVEit Transfer
CVE-2023-42656 (In Progress MOVEit Transfer versions released before 2021.1.8
(13.1.8) ...)
- TODO: check
+ NOT-FOR-US: Progress MOVEit Transfer
CVE-2023-42335 (Unrestricted File Upload vulnerability in Fl3xx Dispatch
2.10.37 and f ...)
- TODO: check
+ NOT-FOR-US: Fl3xx Dispatch
CVE-2023-42334 (An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37
and fl3x ...)
- TODO: check
+ NOT-FOR-US: Fl3xx Dispatch
CVE-2023-42331 (A file upload vulnerability in EliteCMS 1.01 allows a remote
attacker ...)
- TODO: check
+ NOT-FOR-US: EliteCMS
CVE-2023-42147 (An issue in CloudExplorer Lite 1.3.1 allows an attacker to
obtain sens ...)
- TODO: check
+ NOT-FOR-US: CloudExplorer Lite
CVE-2023-41902 (An XPC misconfiguration vulnerability in CoreCode MacUpdater
before 2. ...)
- TODO: check
+ NOT-FOR-US: CoreCode MacUpdater
CVE-2023-41484 (An issue in cimg.eu Cimg Library v2.9.3 allows an attacker to
obtain s ...)
TODO: check
CVE-2023-41375 (Use after free vulnerability exists in Kostac PLC Programming
Software ...)
@@ -99,25 +99,25 @@ CVE-2023-40619 (phpPgAdmin 7.14.4 and earlier is vulnerable
to deserialization o
CVE-2023-40618 (A reflected cross-site scripting (XSS) vulnerability in
OpenKnowledgeM ...)
TODO: check
CVE-2023-40368 (IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a
privileged ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-40043 (In Progress MOVEit Transfer versions released before 2021.1.8
(13.1.8) ...)
- TODO: check
+ NOT-FOR-US: Progress MOVEit Transfer
CVE-2023-39052 (An information leak in Earthgarden_waiting 13.6.1 allows
attackers to ...)
- TODO: check
+ NOT-FOR-US: Earthgarden_waiting
CVE-2023-39045 (An information leak in kokoroe_members card Line 13.6.1 allows
attacke ...)
- TODO: check
+ NOT-FOR-US: kokoroe_members card Line
CVE-2023-39044 (An information leak in ajino-Shiretoko Line v13.6.1 allows
attackers t ...)
- TODO: check
+ NOT-FOR-US: ajino-Shiretoko Line
CVE-2023-39041 (An information leak in KUKURUDELI Line v13.6.1 allows
attackers to obt ...)
- TODO: check
+ NOT-FOR-US: KUKURUDELI Line
CVE-2023-38718 (IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could
disclose ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-37410 (IBM Personal Communications 14.05, 14.06, and 15.0.0 could
allow a loc ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-34047 (A batch loader function in Spring for GraphQL versions 1.1.0 -
1.1.5 a ...)
TODO: check
CVE-2023-2508 (The `PaperCutNG Mobility Print` version 1.0.3512 application
allows an ...)
- TODO: check
+ NOT-FOR-US: PaperCutNG
CVE-2023-4504 [Postscript parsing heap-based buffer overflow]
- cups 2.4.2-6
[bookworm] - cups <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/223950e92354a89c197605377b185377edf51a22
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/223950e92354a89c197605377b185377edf51a22
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
