Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 202e0c44 by Salvatore Bonaccorso at 2023-12-14T21:25:06+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,5 +1,5 @@ CVE-2023-6595 (In WhatsUp Gold versions released before 2023.1, an API endpoint was f ...) - TODO: check + NOT-FOR-US: WhatsUp Gold CVE-2023-6572 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...) TODO: check CVE-2023-6571 (Cross-site Scripting (XSS) - Reflected in kubeflow/kubeflow) @@ -9,47 +9,47 @@ CVE-2023-6570 (Server-Side Request Forgery (SSRF) in kubeflow/kubeflow) CVE-2023-6569 (External Control of File Name or Path in h2oai/h2o-3) TODO: check CVE-2023-6563 (An unconstrained memory consumption vulnerability was discovered in Ke ...) - TODO: check + NOT-FOR-US: Keycloak CVE-2023-6545 (The package authelia-bhf included in Beckhoffs TwinCAT/BSD is prone to ...) - TODO: check + NOT-FOR-US: authelia-bhf as included in Beckhoffs TwinCAT/BSD CVE-2023-6368 (In WhatsUp Gold versions released before 2023.1, an API endpoint was f ...) - TODO: check + NOT-FOR-US: WhatsUp Gold CVE-2023-6367 (In WhatsUp Gold versions released before 2023.1, a stored cross-site s ...) - TODO: check + NOT-FOR-US: WhatsUp Gold CVE-2023-6366 (In WhatsUp Gold versions released before 2023.1, a stored cross-site s ...) - TODO: check + NOT-FOR-US: WhatsUp Gold CVE-2023-6365 (In WhatsUp Gold versions released before 2023.1, a stored cross-site s ...) - TODO: check + NOT-FOR-US: WhatsUp Gold CVE-2023-6364 (In WhatsUp Gold versions released before 2023.1, a stored cross-site s ...) - TODO: check + NOT-FOR-US: WhatsUp Gold CVE-2023-5769 (A vulnerability exists in the webserver that affects the RTU500 serie ...) - TODO: check + NOT-FOR-US: Hitachi CVE-2023-5592 (Download of Code Without Integrity Check vulnerability in PHOENIX CONT ...) - TODO: check + NOT-FOR-US: PHOENIX CVE-2023-50713 (Speckle Server provides server, frontend, 3D viewer, and other JavaScr ...) TODO: check CVE-2023-50710 (Hono is a web framework written in TypeScript. Prior to version 3.11.7 ...) TODO: check CVE-2023-50566 (A stored cross-site scripting (XSS) vulnerability in EyouCMS-V1.6.5-UT ...) - TODO: check + NOT-FOR-US: EyouCMS CVE-2023-50565 (A cross-site scripting (XSS) vulnerability in the component /logs/dopo ...) - TODO: check + NOT-FOR-US: RPCMS CVE-2023-50564 (An arbitrary file upload vulnerability in the component /inc/modules_i ...) - TODO: check + NOT-FOR-US: Pluck CMS CVE-2023-50563 (Semcms v4.8 was discovered to contain a SQL injection vulnerability vi ...) - TODO: check + NOT-FOR-US: Semcms CVE-2023-50472 (cJSON v1.7.16 was discovered to contain a segmentation violation via t ...) TODO: check CVE-2023-50471 (cJSON v1.7.16 was discovered to contain a segmentation violation via t ...) TODO: check CVE-2023-50371 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50370 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50369 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50368 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-50269 (Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion ...) TODO: check CVE-2023-50137 (JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) in the sit ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/202e0c44394bd90b3d20a5438d7b3e3e1fe43895 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/202e0c44394bd90b3d20a5438d7b3e3e1fe43895 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits