Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7666a459 by Salvatore Bonaccorso at 2023-11-28T21:21:24+01:00 Process new NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,43 +1,43 @@ CVE-2023-6359 (A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LM ...) - TODO: check + NOT-FOR-US: Alumne LMS CVE-2023-6239 (Improperly calculated effective permissions in M-Files Server versions ...) - TODO: check + NOT-FOR-US: M-Files CVE-2023-6201 (Improper Neutralization of Special Elements used in an OS Command ('OS ...) - TODO: check + NOT-FOR-US: Univera Computer System Panorama CVE-2023-6151 (Improper Privilege Management vulnerability in ESKOM Computer e-munici ...) - TODO: check + NOT-FOR-US: ESKOM Computer e-municipality module CVE-2023-6150 (Improper Privilege Management vulnerability in ESKOM Computer e-munici ...) - TODO: check + NOT-FOR-US: ESKOM Computer e-municipality module CVE-2023-49314 (Asana Desktop 2.1.0 on macOS allows code injection because of specific ...) - TODO: check + NOT-FOR-US: Asana Desktop CVE-2023-49313 (A dylib injection vulnerability in XMachOViewer 0.04 allows attackers ...) - TODO: check + NOT-FOR-US: XMachOViewer CVE-2023-49078 (raptor-web is a CMS for game server communities that can be used to ho ...) - TODO: check + NOT-FOR-US: raptor-web CMS CVE-2023-49062 (Katran could disclose non-initialized kernel memory as part of an IP h ...) TODO: check CVE-2023-48848 (An arbitrary file read vulnerability in ureport v2.2.9 allows a remote ...) TODO: check CVE-2023-48121 (An authentication bypass vulnerability in the Direct Connection Module ...) - TODO: check + NOT-FOR-US: Direct Connection Module in Ezviz CVE-2023-48042 (Amazzing Filter for Prestashop through 3.2.2 is vulnerable to Cross-Si ...) - TODO: check + NOT-FOR-US: Amazzing Filter for Prestashop CVE-2023-45539 (HAProxy before 2.8.2 accepts # as part of the URI component, which mig ...) TODO: check CVE-2023-45286 (A race condition in go-resty can result in HTTP request body disclosur ...) TODO: check CVE-2023-42505 (An authenticated user with read permissions on database connections me ...) - TODO: check + NOT-FOR-US: Apache Superset CVE-2023-42504 (An authenticated malicious user could initiate multiple concurrent req ...) - TODO: check + NOT-FOR-US: Apache Superset CVE-2023-42502 (An authenticated attacker with update datasets permission could change ...) - TODO: check + NOT-FOR-US: Apache Superset CVE-2023-42004 (IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable t ...) - TODO: check + NOT-FOR-US: IBM CVE-2023-41264 (Netwrix Usercube before 6.0.215, in certain misconfigured on-premises ...) - TODO: check + NOT-FOR-US: Netwrix Usercube CVE-2023-40056 (SQL Injection Remote Code Vulnerability was found in the SolarWinds Pl ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2023-34055 (In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, ...) TODO: check CVE-2023-46589 (Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 1 ...) @@ -61,7 +61,7 @@ CVE-2023-6219 (The BookingPress plugin for WordPress is vulnerable to arbitrary CVE-2023-5960 (An improper privilege management vulnerability in the hotspot feature ...) NOT-FOR-US: Zyxel CVE-2023-5885 (The discontinued FFS Colibri product allows a remote user to access fi ...) - TODO: check + NOT-FOR-US: FFS Colibri CVE-2023-5797 (An improper privilege management vulnerability in the debug CLI comman ...) NOT-FOR-US: Zyxel CVE-2023-5773 @@ -35043,7 +35043,7 @@ CVE-2023-29062 CVE-2023-29061 RESERVED CVE-2023-29060 (The FACSChorus\xe2\u201e\xa2 workstation operating system does not res ...) - TODO: check + NOT-FOR-US: facschorus CVE-2023-1764 (Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5 ...) NOT-FOR-US: Canon CVE-2023-1763 (Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7666a459a59807df6676c79010648ff79088d6fc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7666a459a59807df6676c79010648ff79088d6fc You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits