Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
54ca0415 by Salvatore Bonaccorso at 2023-11-08T21:23:30+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,103 +1,103 @@
CVE-2023-6012 (An improper input validation vulnerability has been found in
Lanaccess ...)
- TODO: check
+ NOT-FOR-US: Lanaccess ONSAFE MonitorHM
CVE-2023-5978 (In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under
certain ...)
- TODO: check
+ NOT-FOR-US: FreeBSD (cap_net libcasper service)
CVE-2023-5941 (In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7
and FreeB ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2023-5913 (Incorrect Privilege Assignment vulnerability in opentext
Fortify ScanC ...)
- TODO: check
+ NOT-FOR-US: Microfocus opentext
CVE-2023-5760 (A time-of-check to time-of-use (TOCTOU) bug in handling of
IOCTL (inpu ...)
- TODO: check
+ NOT-FOR-US: Norton
CVE-2023-5759 (In Helix Core versions prior to 2023.2, an unauthenticated
remote Deni ...)
TODO: check
CVE-2023-5136 (An incorrect permission assignment in the TopoGrafix DataPlugin
for GP ...)
- TODO: check
+ NOT-FOR-US: opoGrafix DataPlugin for GPX
CVE-2023-47397 (WeBid <=1.2.2 is vulnerable to code injection via
admin/categoriestran ...)
- TODO: check
+ NOT-FOR-US: WeBid
CVE-2023-47379 (Microweber CMS version 2.0.1 is vulnerable to stored Cross
Site Script ...)
- TODO: check
+ NOT-FOR-US: microweber
CVE-2023-47231 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47229 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47228 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mune ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47227 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Web- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47226 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in I Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47223 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in WP M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47190 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47181 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Mart ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47107 (PILOS is an open source front-end for BigBlueButton servers
with a bui ...)
- TODO: check
+ NOT-FOR-US: PILOS
CVE-2023-46774 (Vulnerability of uncaught exceptions in the NFC module.
Successful exp ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46772 (Vulnerability of parameters being out of the value range in
the QMI se ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46771 (Security vulnerability in the face unlock module. Successful
exploitat ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46767 (Out-of-bounds write vulnerability in the kernel driver module.
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46766 (Out-of-bounds write vulnerability in the kernel driver module.
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46765 (Vulnerability of uncaught exceptions in the NFC module.
Successful exp ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46764 (Unauthorized startup vulnerability of background apps.
Successful expl ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46763 (Vulnerability of background app permission management in the
framework ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46762 (Out-of-bounds write vulnerability in the kernel driver module.
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46761 (Out-of-bounds write vulnerability in the kernel driver module.
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46760 (Out-of-bounds write vulnerability in the kernel driver module.
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46759 (Permission control vulnerability in the call module.
Successful exploi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46758 (The multi-screen interaction module has a vulnerability in
permission ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46757 (Keep-alive vulnerability in the sticky broadcast mechanism.
Successful ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46756 (Permission control vulnerability in the window management
module. Succ ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46755 (Vulnerability of input parameters being not strictly verified
in the i ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-46643 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
GARY JEZ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46642 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in sahu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46640 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46627 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Ashish A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46626 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
FLOWFACT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46621 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Enej Baj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-46613 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45849 (An arbitrary code execution which results in privilege
escalation was ...)
TODO: check
CVE-2023-45319 (In Helix Core versions prior to 2023.2, an unauthenticated
remote Deni ...)
TODO: check
CVE-2023-45140 (The Bastion provides authentication, authorization,
traceability and a ...)
- TODO: check
+ NOT-FOR-US: Bastion
CVE-2023-44098 (Vulnerability of missing encryption in the card management
module. Suc ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-3282 (A local privilege escalation (PE) vulnerability in the Palo
Alto Netwo ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2023-39913 (Deserialization of Untrusted Data, Improper Input Validation
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Apache UIMA
CVE-2023-35767 (In Helix Core versions prior to 2023.2, an unauthenticated
remote Deni ...)
TODO: check
CVE-2023-32298 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Kathy Da ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-48613 (Race condition vulnerability in the kernel module. Successful
exploita ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2023-47248
- apache-arrow <itp> (bug #970021)
CVE-2023-40114
@@ -144375,7 +144375,7 @@ CVE-2021-43421 (A File Upload vulnerability exists in
Studio-42 elFinder 2.0.4 t
CVE-2021-43420 (SQL injection vulnerability in Login.php in Sourcecodester
Online Paym ...)
NOT-FOR-US: Sourcecodester
CVE-2021-43419 (An Information Disclosure vulnerability exists in Opay Mobile
applicat ...)
- TODO: check
+ NOT-FOR-US: Opay Mobile application
CVE-2021-43418
RESERVED
CVE-2021-43417
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54ca0415ea95c77454226293428b57bc76b9fa7b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54ca0415ea95c77454226293428b57bc76b9fa7b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
