Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3eda7a17 by Moritz Muehlenhoff at 2023-11-13T13:02:12+01:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,5 +1,5 @@ CVE-2023-5747 (Bashis, a Security Researcher at IPVM has found a flaw that allows for ...) - TODO: check + NOT-FOR-US: Hanwha Vision PNV-A6081R CVE-2023-5741 (The POWR plugin for WordPress is vulnerable to Stored Cross-Site Scrip ...) NOT-FOR-US: WordPress plugin CVE-2023-5037 @@ -101,7 +101,7 @@ CVE-2023-47164 (Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earli [bookworm] - hoteldruid <no-dsa> (Minor issue) [bullseye] - hoteldruid <no-dsa> (Minor issue) CVE-2023-47129 (Statmic is a core Laravel content management system Composer package. ...) - TODO: check + NOT-FOR-US: Statmic CVE-2023-47128 (Piccolo is an object-relational mapping and query builder which suppor ...) NOT-FOR-US: Piccolo ORM (not the same as src:piccolo) CVE-2023-47121 (Discourse is an open source platform for community discussion. Prior t ...) @@ -174,7 +174,7 @@ CVE-2023-47800 (Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a defaul CVE-2023-47246 (In SysAid On-Premise before 23.3.36, a path traversal vulnerability le ...) NOT-FOR-US: SysAid CVE-2023-46729 (sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized ...) - TODO: check + NOT-FOR-US: sentry-javascript CVE-2023-45167 (IBM AIX's 7.3 Python implementation could allow a non-privileged local ...) NOT-FOR-US: IBM CVE-2023-39796 (SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 ...) @@ -233,9 +233,9 @@ CVE-2023-6039 (A use-after-free flaw was found in lan78xx_disconnect in drivers/ [buster] - linux <not-affected> (Vulnerable code not present) NOTE: https://git.kernel.org/linus/1e7417c188d0a83fb385ba2dbe35fd2563f2b6f3 (6.5-rc5) CVE-2023-4612 (Improper Authentication vulnerability in Apereo CAS injakarta.servlet. ...) - TODO: check + NOT-FOR-US: Apereo CAS CVE-2023-4218 (In Eclipse IDE versions < 2023-09 (4.29) some files with xml content a ...) - TODO: check + - eclipse <removed> CVE-2023-47616 (A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor ...) NOT-FOR-US: Telit Cinterion CVE-2023-47615 (A CWE-526: Exposure of Sensitive Information Through Environmental Var ...) @@ -981,7 +981,7 @@ CVE-2023-46084 (Improper Neutralization of Special Elements used in an SQL Comma CVE-2023-45830 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) NOT-FOR-US: WordPress plugin CVE-2023-45827 (Dot diver is a lightweight, powerful, and dependency-free TypeScript u ...) - TODO: check + NOT-FOR-US: Dot diver CVE-2023-45657 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) NOT-FOR-US: WordPress plugin CVE-2023-45163 (The 1E-Exchange-CommandLinePing instruction that is part of the Networ ...) @@ -47325,7 +47325,7 @@ CVE-2023-0438 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/mo CVE-2023-0437 RESERVED CVE-2023-0436 (The affected versions of MongoDB Atlas Kubernetes Operator may print s ...) - TODO: check + NOT-FOR-US: MongoDB Atlas Kubernetes Operator CVE-2022-48282 (Under very specific circumstances (see Required configuration section ...) NOT-FOR-US: MongoDB .NET/C# Driver CVE-2023-24371 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eda7a1723994d10f6dfa552ff9a5b0943b5689e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eda7a1723994d10f6dfa552ff9a5b0943b5689e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits