Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
413fc10a by Moritz Muehlenhoff at 2023-10-14T12:53:18+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
CVE-2023-4263 (Potential buffer overflow vulnerability in the Zephyr IEEE
802.15.4 nR ...)
- TODO: check
+ NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2023-4257 (Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c
can ca ...)
TODO: check
CVE-2023-45856 (qdPM 9.2 allows remote code execution by using the Add
Attachments fea ...)
- TODO: check
+ NOT-FOR-US: qdPM
CVE-2023-45855 (qdPM 9.2 allows Directory Traversal to list files and
directories by n ...)
- TODO: check
+ NOT-FOR-US: qdPM
CVE-2023-45853 (MiniZip in zlib through 1.3 has an integer overflow and
resultant heap ...)
TODO: check
CVE-2023-45852 (In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an
unauthenticat ...)
- TODO: check
+ NOT-FOR-US: VitogateqdPM
CVE-2023-45674 (Farmbot-Web-App is a web control interface for the Farmbot
farm automa ...)
- TODO: check
+ NOT-FOR-US: Farmbot-Web-App
CVE-2023-44037 (An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru
v.5.8.13 and v. ...)
- TODO: check
+ NOT-FOR-US: ZPE
CVE-2023-36559 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-5573 (Allocation of Resources Without Limits or Throttling in GitHub
reposit ...)
NOT-FOR-US: Vrite
CVE-2023-5572 (Server-Side Request Forgery (SSRF) in GitHub repository
vriteio/vrite ...)
@@ -24425,7 +24425,7 @@ CVE-2023-30156
CVE-2023-30155
RESERVED
CVE-2023-30154 (Multiple improper neutralization of SQL parameters in module
AfterMail ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2023-30153 (An SQL injection vulnerability in the Payplug (payplug) module
for Pre ...)
NOT-FOR-US: PrestaShop module
CVE-2023-30152
@@ -24437,7 +24437,7 @@ CVE-2023-30150 (PrestaShop leocustomajax 1.0 and 1.0.0
are vulnerable to SQL Inj
CVE-2023-30149 (SQL injection vulnerability in the City Autocomplete
(cityautocomplete ...)
NOT-FOR-US: PrestaShop module
CVE-2023-30148 (Multiple Stored Cross Site Scripting (XSS) vulnerabilities in
Opart op ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2023-30147
RESERVED
CVE-2023-30146 (Assmann Digitus Plug&View IP Camera HT-IP211HDP, version
2.000.022 all ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/413fc10abe25c52b24bbb6c7921c7c6f22044e46
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/413fc10abe25c52b24bbb6c7921c7c6f22044e46
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
