[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Wed, 18 Oct 2023 14:35:50 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
dd2abda2 by Moritz Mühlenhoff at 2023-10-18T23:35:04+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -73,11 +73,11 @@ CVE-2023-35663 (In Init of protocolnetadapter.cpp, there is 
a possible out of bo
 CVE-2023-35656 (In multiple functions of protocolembmsadapter.cpp, there is a 
possible ...)
        TODO: check
 CVE-2023-32089 (Pega Platform versions 8.1 to 8.8.2 are affected by an XSS 
issue with  ...)
-       TODO: check
+       NOT-FOR-US: Pega Platform
 CVE-2023-32088 (Pega Platform versions 8.1 to Infinity 23.1.0 are affected by 
an XSS i ...)
-       TODO: check
+       NOT-FOR-US: Pega Platform
 CVE-2023-32087 (Pega Platform versions 8.1 to Infinity 23.1.0 are affected by 
an XSS i ...)
-       TODO: check
+       NOT-FOR-US: Pega Platform
 CVE-2023-5568 [Heap buffer overflow with freshness tokens in the Heimdal KDC 
in Samba 4.19]
        - samba 2:4.19.2+dfsg-1
        NOTE: https://bugzilla.samba.org/show_bug.cgi?id=15491
@@ -21846,7 +21846,7 @@ CVE-2023-31219
 CVE-2023-31218 (Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site 
Scripti ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-31217 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-31216 (Cross-Site Request Forgery (CSRF) vulnerability in Ultimate 
Member plu ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-31215
@@ -22710,7 +22710,7 @@ CVE-2023-2198 (An issue has been discovered in GitLab 
CE/EE affecting all versio
 CVE-2023-30912
        RESERVED
 CVE-2023-30911 (HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using 
iLOrest ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2023-30910 (HPE MSA Controller prior to versionIN210R004 could be remotely 
exploit ...)
        NOT-FOR-US: HPE
 CVE-2023-30909 (A remote authentication bypass issue exists in some OneView 
APIs.)
@@ -23187,7 +23187,7 @@ CVE-2023-30783
 CVE-2023-30782 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Andy Moy ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-30781 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Theme Bl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-30780 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) 
vulnerability i ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-30779 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 
Jonathan ...)
@@ -52140,7 +52140,7 @@ CVE-2023-22098 (Vulnerability in the Oracle VM 
VirtualBox product of Oracle Virt
 CVE-2023-22097 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        TODO: check
 CVE-2023-22096 (Vulnerability in the Java VM component of Oracle Database 
Server.  Sup ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2023-22095 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        TODO: check
 CVE-2023-22094 (Vulnerability in the MySQL Installer product of Oracle MySQL 
(componen ...)
@@ -65941,7 +65941,7 @@ CVE-2023-20263 (A vulnerability in the web-based 
management interface of Cisco H
 CVE-2023-20262 (A vulnerability in the SSH service of Cisco Catalyst SD-WAN 
Manager co ...)
        NOT-FOR-US: Cisco
 CVE-2023-20261 (A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager 
could a ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2023-20260
        RESERVED
 CVE-2023-20259 (A vulnerability in an API endpoint of multiple Cisco Unified 
Communica ...)
@@ -66071,7 +66071,7 @@ CVE-2023-20200 (A vulnerability in the Simple Network 
Management Protocol (SNMP)
 CVE-2023-20199 (A vulnerability in Cisco Duo Two-Factor Authentication for 
macOS could ...)
        NOT-FOR-US: Cisco
 CVE-2023-20198 (Cisco is aware of active exploitation of a previously unknown 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2023-20197 (A vulnerability in the filesystem image parser for 
Hierarchical File S ...)
        {DLA-3544-1}
        - clamav 1.0.2+dfsg-1 (bug #1050057)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd2abda26bb82aaa4e69ca38f3bf845e7dc278a9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd2abda26bb82aaa4e69ca38f3bf845e7dc278a9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to