Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
202e0c44 by Salvatore Bonaccorso at 2023-12-14T21:25:06+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2023-6595 (In WhatsUp Gold versions released before 2023.1, an API
endpoint was f ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2023-6572 (Exposure of Sensitive Information to an Unauthorized Actor in
GitHub r ...)
TODO: check
CVE-2023-6571 (Cross-site Scripting (XSS) - Reflected in kubeflow/kubeflow)
@@ -9,47 +9,47 @@ CVE-2023-6570 (Server-Side Request Forgery (SSRF) in
kubeflow/kubeflow)
CVE-2023-6569 (External Control of File Name or Path in h2oai/h2o-3)
TODO: check
CVE-2023-6563 (An unconstrained memory consumption vulnerability was
discovered in Ke ...)
- TODO: check
+ NOT-FOR-US: Keycloak
CVE-2023-6545 (The package authelia-bhf included in Beckhoffs TwinCAT/BSD is
prone to ...)
- TODO: check
+ NOT-FOR-US: authelia-bhf as included in Beckhoffs TwinCAT/BSD
CVE-2023-6368 (In WhatsUp Gold versions released before 2023.1, an API
endpoint was f ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2023-6367 (In WhatsUp Gold versions released before 2023.1, a stored
cross-site s ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2023-6366 (In WhatsUp Gold versions released before 2023.1, a stored
cross-site s ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2023-6365 (In WhatsUp Gold versions released before 2023.1, a stored
cross-site s ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2023-6364 (In WhatsUp Gold versions released before 2023.1, a stored
cross-site s ...)
- TODO: check
+ NOT-FOR-US: WhatsUp Gold
CVE-2023-5769 (A vulnerability exists in the webserver that affects the
RTU500 serie ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2023-5592 (Download of Code Without Integrity Check vulnerability in
PHOENIX CONT ...)
- TODO: check
+ NOT-FOR-US: PHOENIX
CVE-2023-50713 (Speckle Server provides server, frontend, 3D viewer, and other
JavaScr ...)
TODO: check
CVE-2023-50710 (Hono is a web framework written in TypeScript. Prior to
version 3.11.7 ...)
TODO: check
CVE-2023-50566 (A stored cross-site scripting (XSS) vulnerability in
EyouCMS-V1.6.5-UT ...)
- TODO: check
+ NOT-FOR-US: EyouCMS
CVE-2023-50565 (A cross-site scripting (XSS) vulnerability in the component
/logs/dopo ...)
- TODO: check
+ NOT-FOR-US: RPCMS
CVE-2023-50564 (An arbitrary file upload vulnerability in the component
/inc/modules_i ...)
- TODO: check
+ NOT-FOR-US: Pluck CMS
CVE-2023-50563 (Semcms v4.8 was discovered to contain a SQL injection
vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: Semcms
CVE-2023-50472 (cJSON v1.7.16 was discovered to contain a segmentation
violation via t ...)
TODO: check
CVE-2023-50471 (cJSON v1.7.16 was discovered to contain a segmentation
violation via t ...)
TODO: check
CVE-2023-50371 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50370 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50369 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50368 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50269 (Squid is a caching proxy for the Web. Due to an Uncontrolled
Recursion ...)
TODO: check
CVE-2023-50137 (JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) in
the sit ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/202e0c44394bd90b3d20a5438d7b3e3e1fe43895
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/202e0c44394bd90b3d20a5438d7b3e3e1fe43895
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
