[Git][security-tracker-team/security-tracker][master] NFUs

Fri, 27 Oct 2023 08:07:54 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ea444445 by Moritz Muehlenhoff at 2023-10-27T17:05:19+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,33 +47,33 @@ CVE-2023-46093 (Auth. (admin+) Stored Cross-Site Scripting 
(XSS) vulnerability i
 CVE-2023-46091 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Bala ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-45499 (VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* 
was disco ...)
-       TODO: check
+       NOT-FOR-US: VinChin Backup & Recovery
 CVE-2023-45498 (VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* 
was disco ...)
-       TODO: check
+       NOT-FOR-US: VinChin Backup & Recovery
 CVE-2023-44375 (Online Art Gallery v1.0 is vulnerable to multiple 
Unauthenticated SQL  ...)
-       TODO: check
+       NOT-FOR-US: Online Art Gallery
 CVE-2023-44268 (Online Art Gallery v1.0 is vulnerable to multiple 
Unauthenticated SQL  ...)
-       TODO: check
+       NOT-FOR-US: Online Art Gallery
 CVE-2023-44220 (SonicWall NetExtender Windows (32-bit and 64-bit) client 
10.2.336 and  ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2023-44219 (A local privilege escalation vulnerability in SonicWall 
Directory Serv ...)
-       TODO: check
+       NOT-FOR-US: SonicWall
 CVE-2023-44162 (Online Art Gallery v1.0 is vulnerable to multiple 
Unauthenticated SQL  ...)
-       TODO: check
+       NOT-FOR-US: Online Art Gallery
 CVE-2023-43738 (Online Art Gallery v1.0 is vulnerable to multiple 
Unauthenticated SQL  ...)
-       TODO: check
+       NOT-FOR-US: Online Art Gallery
 CVE-2023-43737 (Online Art Gallery v1.0 is vulnerable to multiple 
Unauthenticated SQL  ...)
-       TODO: check
+       NOT-FOR-US: Online Art Gallery
 CVE-2023-43352 (An issue in CMSmadesimple v.2.2.18 allows a local attacker to 
execute  ...)
-       TODO: check
+       NOT-FOR-US: CMSmadesimple
 CVE-2023-42406 (SQL injection vulnerability in D-Link Online behavior audit 
gateway DA ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2023-42188 (IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery 
(CSRF).)
-       TODO: check
+       NOT-FOR-US: IceCMS
 CVE-2023-39726 (An issue in Mintty v.3.6.4 and before allows a remote attacker 
to exec ...)
-       TODO: check
+       NOT-FOR-US: Mintty
 CVE-2023-38328 (An issue was discovered in eGroupWare 17.1.20190111. An 
Improper Passw ...)
-       TODO: check
+       - egroupware <removed>
 CVE-2023-34059 (open-vm-tools contains a file descriptor hijack vulnerability 
in the v ...)
        - open-vm-tools <unfixed>
        NOTE: https://www.openwall.com/lists/oss-security/2023/10/27/3
@@ -84,9 +84,9 @@ CVE-2023-34058 (VMware Tools contains a SAML token signature 
bypass vulnerabilit
 CVE-2023-34057 (VMware Tools contains a local privilege escalation 
vulnerability.A mal ...)
        NOT-FOR-US: WMware
 CVE-2023-33559 (A local file inclusion vulnerability via the lang parameter in 
OcoMon  ...)
-       TODO: check
+       NOT-FOR-US: OcoMon
 CVE-2023-33558 (An information disclosure vulnerability in the component 
users-grid-da ...)
-       TODO: check
+       NOT-FOR-US: OcoMon
 CVE-2023-46813 (An issue was discovered in the Linux kernel before 6.5.9, 
exploitable  ...)
        - linux <unfixed>
        NOTE: 
https://git.kernel.org/linus/63e44bc52047f182601e7817da969a105aa1f721 (6.6-rc7)
@@ -240,12 +240,12 @@ CVE-2023-46345 (Catdoc v0.95 was discovered to contain a 
NULL pointer dereferenc
 CVE-2023-46233 (crypto-js is a JavaScript library of crypto standards. Prior 
to versio ...)
        TODO: check
 CVE-2023-46232 (era-compiler-vyper is the EraVM Vyper compiler for zkSync Era, 
a layer ...)
-       TODO: check
+       NOT-FOR-US: era-compiler-vyper
 CVE-2023-46137 (Twisted is an event-based framework for internet applications. 
Prior t ...)
        - twisted <unfixed>
        NOTE: 
https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm
 CVE-2023-46134 (D-Tale is the combination of a Flask back-end and a React 
front-end to ...)
-       TODO: check
+       NOT-FOR-US: D-Tale
 CVE-2023-46133 (CryptoES is a cryptography algorithms library compatible with 
ES6 and  ...)
        TODO: check
 CVE-2023-45137 (XWiki Platform is a generic wiki platform offering runtime 
services fo ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea4444459b6d89c629b31e4c216a111e2c19ca16

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea4444459b6d89c629b31e4c216a111e2c19ca16
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to