Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7d8ac380 by Salvatore Bonaccorso at 2023-09-27T22:20:27+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,135 +1,135 @@
CVE-2023-5223 (A vulnerability, which was classified as critical, has been
found in H ...)
- TODO: check
+ NOT-FOR-US: HimitZH HOJ
CVE-2023-5222 (A vulnerability classified as critical was found in Viessmann
Vitogate ...)
- TODO: check
+ NOT-FOR-US: Viessmann Vitogate
CVE-2023-5221 (A vulnerability classified as critical has been found in ForU
CMS. Thi ...)
- TODO: check
+ NOT-FOR-US: ForU CMS
CVE-2023-5184 (Two potential signed to unsigned conversion errors and buffer
overflow ...)
- TODO: check
+ NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2023-4523 (Real Time Automation 460 Series products with versions prior to
v8.9.8 ...)
- TODO: check
+ NOT-FOR-US: Real Time Automation 460 Series products
CVE-2023-4129 (Dell Data Protection Central, version 19.9, contains an
Inadequate Enc ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-4003 (One Identity Password Manager version 5.9.7.1 -An
unauthenticated atta ...)
- TODO: check
+ NOT-FOR-US: One Identity Password Manager
CVE-2023-44207 (Stored cross-site scripting (XSS) vulnerability in protection
plan nam ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44206 (Sensitive information disclosure and manipulation due to
improper auth ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44205 (Sensitive information disclosure due to improper
authorization. The fo ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44161 (Sensitive information manipulation due to cross-site request
forgery. ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44160 (Sensitive information manipulation due to cross-site request
forgery. ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44159 (Sensitive information disclosure due to cleartext storage of
sensitive ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44158 (Sensitive information disclosure due to insufficient token
field maski ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44157 (Local privilege escalation due to insecure folder permissions.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44156 (Sensitive information disclosure due to spell-jacking. The
following p ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44155 (Sensitive information leak through log files. The following
products a ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44154 (Sensitive information disclosure and manipulation due to
improper auth ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44153 (Sensitive information disclosure due to cleartext storage of
sensitive ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44152 (Sensitive information disclosure and manipulation due to
improper auth ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44129 (The vulnerability is that the Messaging ("com.android.mms")
app patche ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44128 (he vulnerability is to delete arbitrary files in
LGInstallService ("co ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44127 (he vulnerability is that the Call management
("com.android.server.tele ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44126 (The vulnerability is that the Call management
("com.android.server.tel ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44125 (The vulnerability is the use of implicit PendingIntents
without the Pe ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44124 (The vulnerability is to theft of arbitrary files with system
privilege ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44123 (The vulnerability is the use of implicit PendingIntents with
the Pendi ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44122 (The vulnerability is to theft of arbitrary files with system
privilege ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44121 (The vulnerability is an intent redirection in LG ThinQ Service
("com.l ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44048 (Sourcecodester Expense Tracker App v1 is vulnerable to Cross
Site Scri ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Expense Tracker App
CVE-2023-44047 (Sourcecodester Toll Tax Management System v1 is vulnerable to
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Toll Tax Management System
CVE-2023-44023 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44022 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44021 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44020 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44019 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44018 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44017 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44016 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44015 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44014 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44013 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was
discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-43830 (A Cross-site scripting (XSS) vulnerability in
/panel/configuration/fin ...)
- TODO: check
+ NOT-FOR-US: Subrion CMS
CVE-2023-43828 (A Cross-site scripting (XSS) vulnerability in
/panel/languages/ of Sub ...)
- TODO: check
+ NOT-FOR-US: Subrion CMS
CVE-2023-43652 (JumpServer is an open source bastion host. As an
unauthenticated user, ...)
- TODO: check
+ NOT-FOR-US: JumpServer
CVE-2023-43650 (JumpServer is an open source bastion host. The verification
code for r ...)
- TODO: check
+ NOT-FOR-US: JumpServer
CVE-2023-43125 (BIG-IP APM clients may send IP traffic outside of the VPN
tunnel. Note ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2023-43124 (BIG-IP APM clients may send IP traffic outside of the VPN
tunnel.Note: ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2023-42822 (xrdp is an open source remote desktop protocol server. Access
to the f ...)
TODO: check
CVE-2023-42657 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a
directory traver ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-42487 (Soundminer \u2013 CWE-22: Improper Limitation of a Pathname to
a Restr ...)
TODO: check
CVE-2023-42486 (Fortect - CWE-428: Unquoted Search Path or Element, may be
used by loc ...)
- TODO: check
+ NOT-FOR-US: Fortect
CVE-2023-41653 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Beplus S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41242 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Hass ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41241 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Sure ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41238 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Ultimate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41237 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Everest ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-41236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Happy ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41235 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Everest ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-40333 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Qode Int ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40049 (In WS_FTP Server version prior to 8.8.2, an unauthenticated
user cou ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40048 (In WS_FTP Server version prior to 8.8.2, the WS_FTP Server
Manager i ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40047 (In WS_FTP Server version prior to 8.8.2,a stored cross-site
scripting ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40046 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a SQL
injection ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40045 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a
reflected cros ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40044 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a
pre-authenticate ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-33972 (Scylladb is a NoSQL data store using the seastar framework,
compatible ...)
TODO: check
CVE-2023-32458 (Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service
Pack relea ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d8ac38002eb3f765c1d6feb20ac458fb9bd5e16
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d8ac38002eb3f765c1d6feb20ac458fb9bd5e16
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
