Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9925c273 by Moritz Muehlenhoff at 2023-11-01T09:38:50+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,85 +1,85 @@
CVE-2023-5904 (Cross-site Scripting (XSS) - Stored in GitHub repository
pkp/pkp-lib p ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5903 (Cross-site Scripting (XSS) - Stored in GitHub repository
pkp/pkp-lib p ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5902 (Cross-Site Request Forgery (CSRF) in GitHub repository
pkp/pkp-lib pri ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5901 (Unrestricted Upload of File with Dangerous Type in GitHub
repository p ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5900 (Missing Authorization in GitHub repository pkp/pkp-lib prior to
3.3.0- ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5899 (Cross-Site Request Forgery (CSRF) in GitHub repository
pkp/pkp-lib pri ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5898 (Cross-Site Request Forgery (CSRF) in GitHub repository
pkp/pkp-lib pri ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5897 (Cross-Site Request Forgery (CSRF) in GitHub repository
pkp/customLocal ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5896 (Cross-site Scripting (XSS) - Stored in GitHub repository
pkp/pkp-lib p ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5895 (Cross-site Scripting (XSS) - DOM in GitHub repository
pkp/pkp-lib prio ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5894 (Cross-site Scripting (XSS) - Stored in GitHub repository
pkp/ojs prior ...)
- TODO: check
+ NOT-FOR-US: Open Journal System
CVE-2023-5893 (Cross-Site Request Forgery (CSRF) in GitHub repository
pkp/pkp-lib pri ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5892 (Cross-site Scripting (XSS) - Stored in GitHub repository
pkp/pkp-lib p ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5891 (Cross-site Scripting (XSS) - Reflected in GitHub repository
pkp/pkp-li ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5890 (Cross-site Scripting (XSS) - Stored in GitHub repository
pkp/pkp-lib p ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5889 (Insufficient Session Expiration in GitHub repository
pkp/pkp-lib prior ...)
- TODO: check
+ NOT-FOR-US: pkp-lib
CVE-2023-5516 (Poorly constructed webap requests and URI components with
special char ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-5515 (The responses for web queries with certain parameters disclose
interna ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-5514 (The response messages received from the eSOMS report generation
using ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-5306 (Online Blood Donation Management System v1.0 is vulnerable to
multiple ...)
- TODO: check
+ NOT-FOR-US: Online Blood Donation Management System
CVE-2023-4198 (Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows
an unaut ...)
- TODO: check
+ - dolibarr <removed>
CVE-2023-4197 (Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails
to stri ...)
- TODO: check
+ - dolibarr <removed>
CVE-2023-47099 (An issue was discovered in Virtualmin 7.7. The Create Virtual
Server f ...)
- TODO: check
+ NOT-FOR-US: Virtualmin
CVE-2023-47098 (An issue was discovered in Virtualmin 7.7. A Stored Cross-Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Virtualmin
CVE-2023-47097 (An issue was discovered in Virtualmin 7.7. The Server
Templates featur ...)
- TODO: check
+ NOT-FOR-US: Virtualmin
CVE-2023-47096 (An issue was discovered in Virtualmin 7.7. The Cloudmin
Services Clien ...)
- TODO: check
+ NOT-FOR-US: Virtualmin
CVE-2023-47095 (An issue was discovered in Virtualmin 7.7. The Custom Fields
feature o ...)
- TODO: check
+ NOT-FOR-US: Virtualmin
CVE-2023-47094 (An issue was discovered in Virtualmin 7.7. A Stored Cross-Site
Scripti ...)
- TODO: check
+ NOT-FOR-US: Virtualmin
CVE-2023-46485 (An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a
remote att ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46484 (An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a
remote att ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2023-46378 (Stored Cross Site Scripting (XSS) vulnerability in MiniCMS
1.1.1 allow ...)
- TODO: check
+ NOT-FOR-US: MiniCMS
CVE-2023-46278 (Uncontrolled resource consumption vulnerability in Cybozu
Remote Servi ...)
- TODO: check
+ NOT-FOR-US: Cybozu
CVE-2023-44486 (Online Blood Donation Management System v1.0 is vulnerable to
multiple ...)
- TODO: check
+ NOT-FOR-US: Online Blood Donation Management System
CVE-2023-44485 (Online Blood Donation Management System v1.0 is vulnerable to
multiple ...)
- TODO: check
+ NOT-FOR-US: Online Blood Donation Management System
CVE-2023-44484 (Online Blood Donation Management System v1.0 is vulnerable to
multiple ...)
- TODO: check
+ NOT-FOR-US: Online Blood Donation Management System
CVE-2023-43295 (Cross Site Request Forgery vulnerability in Click Studios (SA)
Pty Ltd ...)
- TODO: check
+ NOT-FOR-US: Click Studios (SA) Pty Ltd Passwordstate
CVE-2023-39695 (Insufficient session expiration in Elenos ETG150 FM
Transmitter v3.12 ...)
- TODO: check
+ NOT-FOR-US: Elenos
CVE-2023-39610 (An issue in TP-Link Tapo C100 v1.1.15 Build 211130
Rel.15378n(4555) an ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2023-37833 (Improper access control in Elenos ETG150 FM transmitter v3.12
allows a ...)
- TODO: check
+ NOT-FOR-US: Elenos
CVE-2023-2622 (Authenticated clients can read arbitrary files on the MAIN
Computer sy ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-2621 (The McFeeder server (distributed as part of SSW package), is
susceptib ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-5859
- chromium <unfixed>
[buster] - chromium <end-of-life> (see DSA 5046)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9925c27389e0ff5f3f8da9543a1e041bb6395b31
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9925c27389e0ff5f3f8da9543a1e041bb6395b31
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
