Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
becc85f0 by Moritz Muehlenhoff at 2023-10-09T22:58:14+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,105 +11,105 @@ CVE-2023-45359
- mediawiki 1:1.39.5-1
NOTE: https://phabricator.wikimedia.org/T340217
CVE-2023-5461 (A vulnerability was found in Delta Electronics WPLSoft 2.51. It
has be ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2023-5460 (A vulnerability was found in Delta Electronics WPLSoft up to
2.51 and ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2023-5459 (A vulnerability has been found in Delta Electronics DVP32ES2
PLC 1.48 ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2023-5365 (HP LIFE Android Mobile application is potentially vulnerable to
escala ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2023-5333 (Mattermost fails to deduplicate input IDs allowing asimple user
to cau ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2023-5331 (Mattermost fails to properly check the creator of an attached
file whe ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2023-5330 (Mattermost fails toenforce a limit for the size of the cache
entry for ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2023-5103 (Improper Restriction of Rendered UI Layers or Frames in RDT400
in SICK ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-5102 (Insufficient Control Flow Management in RDT400 in SICK APU
allows an u ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-5101 (Files or Directories Accessible to External Parties in RDT400
in SICK ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-5100 (Cleartext Transmission of Sensitive Information in RDT400 in
SICK APU ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-45613 (In JetBrains Ktor before 2.3.5 server certificates were not
verified)
- TODO: check
+ NOT-FOR-US: JetBrains Ktor
CVE-2023-45612 (In JetBrains Ktor before 2.3.5 default configuration of
ContentNegotia ...)
- TODO: check
+ NOT-FOR-US: JetBrains Ktor
CVE-2023-45248 (Local privilege escalation due to DLL hijacking vulnerability.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-45247 (Sensitive information disclosure and manipulation due to
missing autho ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44993 (Cross-Site Request Forgery (CSRF) vulnerability in
QuantumCloud AI Cha ...)
- TODO: check
+ NOT-FOR-US: QuantumCloud
CVE-2023-44821 (Buffer Overflow vulnerability in gifsicle v.1.92 allows a
remote attac ...)
TODO: check
CVE-2023-44812 (Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8
allows a ...)
- TODO: check
+ NOT-FOR-US: mooSocial
CVE-2023-44811 (Cross Site Request Forgery (CSRF) vulnerability in MooSocial
v.3.1.8 a ...)
- TODO: check
+ NOT-FOR-US: mooSocial
CVE-2023-44473 (Cross-Site Request Forgery (CSRF) vulnerability in Michael
Tran Table ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44467 (langchain_experimental 0.0.14 allows an attacker to bypass the
CVE-202 ...)
- TODO: check
+ NOT-FOR-US: langchain_experimental
CVE-2023-44400 (Uptime Kuma is a self-hosted monitoring tool. Prior to version
1.23.3, ...)
- TODO: check
+ NOT-FOR-US: Uptime Kuma
CVE-2023-44393 (Piwigo is an open source photo gallery application. Prior to
version 1 ...)
- TODO: check
+ - piwigo <removed>
CVE-2023-44392 (Garden provides automation for Kubernetes development and
testing. Pri ...)
- TODO: check
+ NOT-FOR-US: Garden
CVE-2023-44378 (gnark is a zk-SNARK library that offers a high-level API to
design cir ...)
- TODO: check
+ NOT-FOR-US: gnark
CVE-2023-44260 (Cross-Site Request Forgery (CSRF) vulnerability in Mikk Mihkel
Nurges, ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44246 (Cross-Site Request Forgery (CSRF) vulnerability in Matias s
Shockingly ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44240 (Cross-Site Request Forgery (CSRF) vulnerability in Peter
Butler Timthu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44238 (Cross-Site Request Forgery (CSRF) vulnerability in Joakim Ling
Remove ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44237 (Cross-Site Request Forgery (CSRF) vulnerability in Moriyan Jay
WP Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44236 (Cross-Site Request Forgery (CSRF) vulnerability in Devnath
verma WP Ca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44232 (Cross-Site Request Forgery (CSRF) vulnerability in Huseyin
Berberoglu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44231 (Cross-Site Request Forgery (CSRF) vulnerability in NickDuncan
Contact ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-43700 (Missing Authorization in RDT400 in SICK APU allows an
unprivileged rem ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43699 (Improper Restriction of Excessive Authentication Attempts in
RDT400 in ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43698 (Improper Neutralization of Input During Web Page Generation
(\u2019Cro ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43697 (Modification of Assumed-Immutable Data (MAID) in RDT400 in
SICK APU al ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43696 (Improper Access Control in SICK APU allows an unprivileged
remote atta ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43643 (AntiSamy is a library for performing fast, configurable
cleansing of H ...)
TODO: check
CVE-2023-42455 (Wazuh is a security detection, visibility, and compliance open
source ...)
- TODO: check
+ NOT-FOR-US: Wazuh
CVE-2023-41672 (Cross-Site Request Forgery (CSRF) vulnerability in R\xe9mi
Leclercq Hi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41670 (Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel
(in per ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41669 (Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Live
News plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41668 (Cross-Site Request Forgery (CSRF) vulnerability in Leadster
plugin <=1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41667 (Cross-Site Request Forgery (CSRF) vulnerability in Ulf
Benjaminsson WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41660 (Cross-Site Request Forgery (CSRF) vulnerability in WPSynchro
WP Synchr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41047 (OctoPrint is a web interface for 3D printers. OctoPrint
versions up un ...)
- TODO: check
+ NOT-FOR-US: OctoPrint
CVE-2023-3589 (A Cross-Site Request Forgery (CSRF) vulnerability affecting
Teamwork C ...)
- TODO: check
+ NOT-FOR-US: Teamwork Cloudt
CVE-2023-39189 (A flaw was found in the Netfilter subsystem in the Linux
kernel. The n ...)
TODO: check
CVE-2023-36820 (Micronaut Security is a security solution for applications.
Prior to v ...)
- TODO: check
+ NOT-FOR-US: Micronaut Security
CVE-2023-43641
- libcue <unfixed>
NOTE:
https://github.com/lipnitsk/libcue/security/advisories/GHSA-5982-x7hv-r9cj
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/becc85f0ca98eba43e4503d0f47022f008d23198
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/becc85f0ca98eba43e4503d0f47022f008d23198
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
