Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8b902f92 by Salvatore Bonaccorso at 2023-10-18T10:48:30+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2023-5626 (Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs
prior t ...)
TODO: check
CVE-2023-5621 (The Thumbnail Slider With Lightbox plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: Thumbnail Slider With Lightbox plugin for WordPress
CVE-2023-5552 (A password disclosure vulnerability in the Secure PDF eXchange
(SPX) f ...)
TODO: check
CVE-2023-5538 (The MpOperationLogs plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: MpOperationLogs plugin for WordPress
CVE-2023-4938 (The BEAR for WordPress is vulnerable to Missing Authorization
in versi ...)
TODO: check
CVE-2023-45811 (Synchrony deobfuscator is a javascript cleaner & deobfuscator.
A `__p ...)
@@ -39,7 +39,7 @@ CVE-2023-41630 (eSST Monitoring v2.147.1 was discovered to
contain a remote code
CVE-2023-41629 (A lack of input sanitizing in the file download feature of
eSST Monito ...)
TODO: check
CVE-2023-3254 (The Widgets for Google Reviews plugin for WordPress is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: Widgets for Google Reviews plugin for WordPress
CVE-2023-3042 (In dotCMS, versions mentioned, a flaw in the
NormalizationFilter does ...)
TODO: check
CVE-2023-39332 (Various `node:fs` functions allow specifying paths as either
strings o ...)
@@ -66581,15 +66581,15 @@ CVE-2022-43895
CVE-2022-43894
RESERVED
CVE-2022-43893 (IBM Security Verify Privilege On-Premises 11.5 could allow a
privilege ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-43892 (IBM Security Verify Privilege On-Premises 11.5 does not
validate, or i ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-43891 (IBM Security Verify Privilege On-Premises 11.5 could allow a
remote at ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-43890
RESERVED
CVE-2022-43889 (IBM Security Verify Privilege On-Premises 11.5 could disclose
sensitiv ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-43888
RESERVED
CVE-2022-43887 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could be
vulnerable to ...)
@@ -129671,11 +129671,11 @@ CVE-2022-22388
CVE-2022-22387 (IBM Application Gateway is vulnerable to cross-site scripting.
This vu ...)
NOT-FOR-US: IBM
CVE-2022-22386 (IBM Security Verify Privilege On-Premises 11.5 could allow a
remote at ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22385 (IBM Security Verify Privilege On-Premises 11.5 could disclose
sensitiv ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22384 (IBM Security Verify Privilege On-Premises 11.5 could allow an
attacker ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22383
RESERVED
CVE-2022-22382
@@ -129683,17 +129683,17 @@ CVE-2022-22382
CVE-2022-22381
RESERVED
CVE-2022-22380 (IBM Security Verify Privilege On-Premises 11.5 could allow an
attacker ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22379
RESERVED
CVE-2022-22378
RESERVED
CVE-2022-22377 (IBM Security Verify Privilege On-Premises 11.5 could allow a
remote at ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22376
RESERVED
CVE-2022-22375 (IBM Security Verify Privilege On-Premises 11.5 could allow a
remote au ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22374 (The BMC (IBM Power 9 AC922 OP910, OP920, OP930, and OP940) may
be subj ...)
NOT-FOR-US: IBM
CVE-2022-22373 (An improper validation vulnerability in IBM InfoSphere
Information Ser ...)
@@ -154427,7 +154427,7 @@ CVE-2021-38861
CVE-2021-38860
RESERVED
CVE-2021-38859 (IBM Security Verify Privilege On-Premises 11.5 could allow a
user to o ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-3712 (ASN.1 strings are represented internally within OpenSSL as an
ASN1_STR ...)
{DSA-4963-1 DLA-2774-1 DLA-2766-1}
- openssl 1.1.1l-1
@@ -177748,7 +177748,7 @@ CVE-2021-29915
CVE-2021-29914
RESERVED
CVE-2021-29913 (IBM Security Verify Privilege On-Premise 11.5 could allow an
authentic ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-29912 (IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to
cross-site ...)
NOT-FOR-US: IBM
CVE-2021-29911
@@ -202156,7 +202156,7 @@ CVE-2021-20583 (IBM Security Verify (IBM Security
Verify Privilege Vault 10.9.66
CVE-2021-20582 (IBM Security Secret Server up to 11.0 stores sensitive
information in ...)
NOT-FOR-US: IBM
CVE-2021-20581 (IBM Security Verify Privilege On-Premises 11.5 could allow a
user to o ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-20580 (IBM Planning Analytics 2.0 could be vulnerable to cross-site
request f ...)
NOT-FOR-US: IBM
CVE-2021-20579 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect
Server) 9.7, ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b902f921dbbcee57f6ac726a4105c4eb747beb8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b902f921dbbcee57f6ac726a4105c4eb747beb8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
