Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 258e1d85 by Salvatore Bonaccorso at 2023-11-09T09:29:31+01:00 Process more NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -9,9 +9,9 @@ CVE-2023-4891 (A potential use-after-free vulnerability was reported in the Leno CVE-2023-4706 (A privilege escalation vulnerability was reported in Lenovo preloaded ...) NOT-FOR-US: Lenovo CVE-2023-4632 (An uncontrolled search path vulnerability was reported in Lenovo Syste ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-4249 (Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, ...) - TODO: check + NOT-FOR-US: Zavio CVE-2023-47613 (A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinter ...) NOT-FOR-US: Telit Cinterion CVE-2023-47489 (An issue in Combodo iTop v.3.1.0-2-11973 allows a local attacker to ex ...) @@ -43,63 +43,63 @@ CVE-2023-46362 (jbig2enc v0.28 was discovered to contain a heap-use-after-free v - jbig2enc <unfixed> NOTE: https://github.com/agl/jbig2enc/issues/84 CVE-2023-45875 (An issue was discovered in Couchbase Server 7.2.0. There is a private ...) - TODO: check + NOT-FOR-US: Couchbase Server CVE-2023-45857 (An issue discovered in Axios 1.5.1 inadvertently reveals the confident ...) TODO: check CVE-2023-45225 (Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, ...) - TODO: check + NOT-FOR-US: Zavio CVE-2023-45079 (A memory leakage vulnerability was reported in the NvmramSmm SMM drive ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-45078 (A memory leakage vulnerability was reported in the DustFilterAlertSmm ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-45077 (A memory leakage vulnerability was reported in the 534D0740 DXE driver ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-45076 (A memory leakage vulnerability was reported in the 534D0140 DXE driver ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-45075 (A memory leakage vulnerability was reported in the SWSMI_Shadow DXE dr ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43755 (Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, ...) - TODO: check + NOT-FOR-US: Zavio CVE-2023-43581 (A buffer overflow was reported in the Update_WMI module in some Lenovo ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43580 (A buffer overflow was reported in the SmuV11DxeVMR module in some Leno ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43579 (A buffer overflow was reported in the SmuV11Dxe driver in some Lenovo ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43578 (A buffer overflow was reported in the SmiFlash module in some Lenovo D ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43577 (A buffer overflow was reported in the ReFlash module in some Lenovo De ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43576 (A buffer overflow was reported in the WMISwSmi module in some Lenovo D ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43575 (A buffer overflow was reported in the UltraFunctionTable module in som ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43574 (A buffer over-read was reported in the LEMALLDriversConnectedEventHook ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43573 (A buffer overflow was reported in the LEMALLDriversConnectedEventHook ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43572 (A buffer over-read was reported in the BiosExtensionLoader module in s ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43571 (A buffer overflow was reported in the BiosExtensionLoader module in so ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43570 (A potential vulnerability was reported in the SMI callback function of ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43569 (A buffer overflow was reported in the OemSmi module in some Lenovo Des ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43568 (A buffer over-read was reported in the LemSecureBootForceKey module in ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-43567 (A buffer overflow was reported in the LemSecureBootForceKey module in ...) - TODO: check + NOT-FOR-US: Lenovo CVE-2023-3959 (Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, ...) - TODO: check + NOT-FOR-US: Zavio CVE-2023-39435 (Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, ...) - TODO: check + NOT-FOR-US: Zavio CVE-2023-37790 (Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an ...) TODO: check CVE-2023-37533 (HCL Connections is vulnerable to reflected cross-site scripting (XSS) ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-36667 (Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Dire ...) - TODO: check + NOT-FOR-US: Couchbase Server CVE-2023-6012 (An improper input validation vulnerability has been found in Lanaccess ...) NOT-FOR-US: Lanaccess ONSAFE MonitorHM CVE-2023-5978 (In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain ...) @@ -29395,7 +29395,7 @@ CVE-2023-29976 CVE-2023-29975 RESERVED CVE-2023-29974 (An issue discovered in Pfsense CE version 2.6.0 allows attackers to co ...) - TODO: check + NOT-FOR-US: Pfsense CE CVE-2023-29973 (Pfsense CE version 2.6.0 is vulnerable to No rate limit which can lead ...) NOT-FOR-US: Pfsense CE CVE-2023-29972 @@ -48312,7 +48312,7 @@ CVE-2023-0395 (The menu shortcode WordPress plugin through 1.0 does not validate CVE-2023-0393 RESERVED CVE-2023-0392 (The LDAP Agent Update service with versions prior to 5.18 used an unqu ...) - TODO: check + NOT-FOR-US: Okta LDAP Agent Update service CVE-2023-0391 (MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt ...) NOT-FOR-US: MGT-COMMERCE CVE-2022-48278 @@ -143814,7 +143814,7 @@ CVE-2021-43611 (Belledonne Belle-sip before 5.0.20 can crash applications such a CVE-2021-43610 (Belledonne Belle-sip before 5.0.20 can crash applications such as Linp ...) NOT-FOR-US: Belledonne Belle-sip CVE-2021-43609 (An issue was discovered in Spiceworks Help Desk Server before 1.3.3. A ...) - TODO: check + NOT-FOR-US: Spiceworks CVE-2021-43608 (Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of o ...) - php-doctrine-dbal <not-affected> (Vulnerable code introduced in 3.0.0) NOTE: Bug was introduced in 3.0.0, and fixed in experimental in 3.1.4+dfsg-1 and View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/258e1d858efe0b9543877ec6c3e015e629c0c373 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/258e1d858efe0b9543877ec6c3e015e629c0c373 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits