Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4a1e2680 by Moritz Muehlenhoff at 2023-10-26T22:22:13+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -93,33 +93,33 @@ CVE-2023-45868 (The Learning Module in ILIAS 7.25
(2023-09-12 release) allows an
CVE-2023-45867 (ILIAS (2013-09-12 release) contains a medium-criticality
Directory Tra ...)
NOT-FOR-US: ILIAS
CVE-2023-45317 (The application interface allows users to perform certain
actions via ...)
- TODO: check
+ NOT-FOR-US: Sielco
CVE-2023-45228 (The application suffers from improper access control when
editing user ...)
- TODO: check
+ NOT-FOR-US: Sielco
CVE-2023-44267 (Online Art Gallery v1.0 is vulnerable to multiple
Unauthenticated SQL ...)
- TODO: check
+ NOT-FOR-US: Online Art Gallery
CVE-2023-43208 (NextGen Healthcare Mirth Connect before version 4.4.1 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: NextGen Healthcare Mirth Connect
CVE-2023-42769 (The cookie session ID is of insufficient length and can be
exploited b ...)
- TODO: check
+ NOT-FOR-US: Sielco
CVE-2023-41966 (The application suffers from a privilege escalation
vulnerability. A ...)
- TODO: check
+ NOT-FOR-US: Sielco
CVE-2023-41096 (Missing Encryption of Security Keys vulnerability in Silicon
Labs Embe ...)
- TODO: check
+ NOT-FOR-US: Silabs
CVE-2023-41095 (Missing Encryption of Security Keys vulnerability in Silicon
Labs Open ...)
- TODO: check
+ NOT-FOR-US: Silabs
CVE-2023-39936 (In Ashlar-Vellum Graphite v13.0.48, the affected application
lacks pro ...)
- TODO: check
+ NOT-FOR-US: Ashlar-Vellum
CVE-2023-39427 (In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt
Share v12 S ...)
- TODO: check
+ NOT-FOR-US: Ashlar-Vellum
CVE-2023-32116 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Tota ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31419 (A flaw was discovered in Elasticsearch, affecting the _search
API that ...)
- TODO: check
+ - elasticsearch <removed>
CVE-2023-31418 (An issue has been identified with how Elasticsearch handled
incoming r ...)
- TODO: check
+ - elasticsearch <removed>
CVE-2023-31416 (Secret token configuration is never applied when using ECK
<2.8 with A ...)
- TODO: check
+ NOT-FOR-US: Elastic Cloud on Kubernetes
CVE-2023-5139 (Potential buffer overflow vulnerability at the following
location in t ...)
NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2023-46754 (The admin panel for Obl.ong before 1.1.2 allows authorization
bypass b ...)
@@ -133,9 +133,9 @@ CVE-2023-46752 (An issue was discovered in FRRouting FRR
through 9.0.1. It misha
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/b08afc81c60607a4f736f418f2e3eb06087f1a35
(master)
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/30b5c2a434d25981e16792f6f50162beb517ae4d
(stable/8.5 branch)
CVE-2023-46668 (If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a
non-defa ...)
- TODO: check
+ NOT-FOR-US: Elastic Endpoint
CVE-2023-46667 (An issue was discovered in Fleet Server >= v8.10.0 and <
v8.10.3 where ...)
- TODO: check
+ NOT-FOR-US: Elastic Fleet Server
CVE-2023-46584 (SQL Injection vulnerability in PHPGurukul Nipah virus (NiV) "
Testing ...)
NOT-FOR-US: PHPGurukul
CVE-2023-46583 (Cross-Site Scripting (XSS) vulnerability in PHPGurukul Nipah
virus (Ni ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a1e2680f9c8049b27b06672cc26bb291e3bfaec
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a1e2680f9c8049b27b06672cc26bb291e3bfaec
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
