Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2f6438ca by Salvatore Bonaccorso at 2023-10-19T11:03:22+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35,25 +35,25 @@ CVE-2023-45146 (XXL-RPC is a high performance, distributed
RPC framework. With i
CVE-2023-45145 (Redis is an in-memory database that persists on disk. On
startup, Redi ...)
TODO: check
CVE-2023-43803 (Arduino Create Agent is a package to help manage Arduino
development. ...)
- TODO: check
+ NOT-FOR-US: Arduino Create Agent
CVE-2023-43802 (Arduino Create Agent is a package to help manage Arduino
development. ...)
- TODO: check
+ NOT-FOR-US: Arduino Create Agent
CVE-2023-43801 (Arduino Create Agent is a package to help manage Arduino
development. ...)
- TODO: check
+ NOT-FOR-US: Arduino Create Agent
CVE-2023-43800 (Arduino Create Agent is a package to help manage Arduino
development. ...)
- TODO: check
+ NOT-FOR-US: Arduino Create Agent
CVE-2023-37504 (HCL Compass is vulnerable to failure to invalidate sessions.
The appli ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-37503 (HCL Compass is vulnerable to insecure password requirements.
An attack ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-37502 (HCL Compass is vulnerable to lack of file upload security. An
attacker ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2023-36857 (Baker Hughes \u2013 Bently Nevada 3500 System TDI Firmware
version 5.0 ...)
- TODO: check
+ NOT-FOR-US: Baker Hughes - Bently Nevada 3500 System TDI Firmware
CVE-2023-34441 (Baker Hughes \u2013 Bently Nevada 3500 System TDI Firmware
version 5.0 ...)
- TODO: check
+ NOT-FOR-US: Baker Hughes - Bently Nevada 3500 System TDI Firmware
CVE-2023-34437 (Baker Hughes \u2013 Bently Nevada 3500 System TDI Firmware
version 5.0 ...)
- TODO: check
+ NOT-FOR-US: Baker Hughes - Bently Nevada 3500 System TDI Firmware
CVE-2023-34050 (In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 ,
allowed l ...)
TODO: check
CVE-2023-5642 (Advantech R-SeeNet v2.4.23 allows an unauthenticated remote
attacker t ...)
@@ -83,7 +83,7 @@ CVE-2023-45912 (WIPOTEC GmbH ComScale v4.3.29.21344 and
v4.4.12.723 fails to val
CVE-2023-45911 (An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and
v4.4.12.723 allows ...)
NOT-FOR-US: WIPOTEC GmbH ComScale
CVE-2023-45727 (Proself Enterprise/Standard Edition Ver5.62 and earlier,
Proself Gatew ...)
- TODO: check
+ NOT-FOR-US: Proself
CVE-2023-45632 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
WebDorad ...)
NOT-FOR-US: WordPress plugin
CVE-2023-45630 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in
wpdevart Ga ...)
@@ -99,7 +99,7 @@ CVE-2023-45604 (Auth. (admin+) Stored Cross-Site Scripting
(XSS) vulnerability i
CVE-2023-45602 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Shopfile ...)
NOT-FOR-US: WordPress plugin
CVE-2023-45383 (In the module "SoNice etiquetage" (sonice_etiquetage) up to
version 2. ...)
- TODO: check
+ NOT-FOR-US: PrestaShop plugin
CVE-2023-45073 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mich ...)
NOT-FOR-US: WordPress plugin
CVE-2023-45072 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Kard ...)
@@ -127,9 +127,9 @@ CVE-2023-45054 (Unauth. Reflected Cross-Site Scripting
(XSS) vulnerability in AW
CVE-2023-43250 (XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There
is a Use ...)
TODO: check
CVE-2023-35663 (In Init of protocolnetadapter.cpp, there is a possible out of
bounds r ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-35656 (In multiple functions of protocolembmsadapter.cpp, there is a
possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-32089 (Pega Platform versions 8.1 to 8.8.2 are affected by an XSS
issue with ...)
NOT-FOR-US: Pega Platform
CVE-2023-32088 (Pega Platform versions 8.1 to Infinity 23.1.0 are affected by
an XSS i ...)
@@ -36928,7 +36928,7 @@ CVE-2023-26302 (Denial of service could be caused to
the command line interface
CVE-2023-26301 (Certain HP LaserJet Pro print products are potentially
vulnerable to a ...)
NOT-FOR-US: HP
CVE-2023-26300 (A potential security vulnerability has been identified in the
system B ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2023-26299 (A potential Time-of-Check to Time-of-Use (TOCTOU)
vulnerability has be ...)
NOT-FOR-US: HP
CVE-2023-26298 (Previous versions of HP Device Manager (prior to HPDM 5.0.10)
could po ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f6438ca8fdf78d4765c7973016010ffda1a0d70
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f6438ca8fdf78d4765c7973016010ffda1a0d70
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
