Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
19795f81 by Salvatore Bonaccorso at 2023-11-21T09:20:51+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,47 +1,47 @@
CVE-2023-6199 (Book Stack version 23.10.2 allows filtering local files on the
server. ...)
- TODO: check
+ NOT-FOR-US: bookstack
CVE-2023-6178 (An arbitrary file write vulnerability exists where an
authenticated at ...)
TODO: check
CVE-2023-6144 (Dev blog v1.0 allows to exploit an account takeover through the
"user" ...)
- TODO: check
+ NOT-FOR-US: Dev blog
CVE-2023-6142 (Dev blog v1.0 allows to exploit an XSS through an unrestricted
file up ...)
- TODO: check
+ NOT-FOR-US: Dev blog
CVE-2023-6062 (An arbitrary file write vulnerability exists where an
authenticated, r ...)
TODO: check
CVE-2023-5553 (During internal Axis Security Development Model (ASDM)
threat-modellin ...)
- TODO: check
+ NOT-FOR-US: AXIS OS
CVE-2023-5275 (Improper Input Validation vulnerability in simulation function
of GX W ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2023-5274 (Improper Input Validation vulnerability in simulation function
of GX W ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2023-4424 (An malicious BLE device can cause buffer overflow by sending
malformed ...)
TODO: check
CVE-2023-4149 (A vulnerability in the web-based management allows an
unauthenticated ...)
TODO: check
CVE-2023-48310 (TestingPlatform is a testing platform for Internet Security
Standards. ...)
- TODO: check
+ NOT-FOR-US: TestingPlatform
CVE-2023-48192 (An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a
local att ...)
- TODO: check
+ NOT-FOR-US: TOTOlink
CVE-2023-48176 (An Insecure Permissions issue in WebsiteGuide v.0.2 allows a
remote at ...)
- TODO: check
+ NOT-FOR-US: WebsiteGuide
CVE-2023-48051 (An issue in /upydev/keygen.py in upydev v0.4.3 allows
attackers to dec ...)
TODO: check
CVE-2023-47311 (An issue in Yamcs 5.8.6 allows attackers to send aribitrary
telelcomma ...)
- TODO: check
+ NOT-FOR-US: Yamcs
CVE-2023-47172 (Certain WithSecure products allow Local Privilege Escalation.
This aff ...)
- TODO: check
+ NOT-FOR-US: WithSecure
CVE-2023-46935 (eyoucms v1.6.4 is vulnerable Cross Site Scripting (XSS), which
can lea ...)
- TODO: check
+ NOT-FOR-US: eyoucms
CVE-2023-46471 (Cross Site Scripting vulnerability in Space Applications
Services Yamc ...)
- TODO: check
+ NOT-FOR-US: Yamcs
CVE-2023-46470 (Cross Site Scripting vulnerability in Space Applications
Services Yamc ...)
- TODO: check
+ NOT-FOR-US: Yamcs
CVE-2023-45886 (The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6
allow remote ...)
TODO: check
CVE-2023-42770 (Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated
users en ...)
- TODO: check
+ NOT-FOR-US: Red Lion
CVE-2023-40151 (When user authentication is not enabled the shell can execute
commands ...)
- TODO: check
+ NOT-FOR-US: Red Lion
CVE-2023-6134
NOT-FOR-US: Keycloak
CVE-2023-5764
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19795f815bd3435c0ee5dd13dfa2e1465b09b923
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19795f815bd3435c0ee5dd13dfa2e1465b09b923
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
