Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7f0d72a5 by Salvatore Bonaccorso at 2023-12-16T09:20:59+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,21 +1,21 @@ CVE-2023-6849 (A vulnerability was found in kalcaddle kodbox up to 1.48. It has been ...) - TODO: check + NOT-FOR-US: kalcaddle kodbox CVE-2023-6848 (A vulnerability was found in kalcaddle kodbox up to 1.48. It has been ...) - TODO: check + NOT-FOR-US: kalcaddle kodbox CVE-2023-50728 (octokit/webhooks is a GitHub webhook events toolset for Node.js. Start ...) - TODO: check + NOT-FOR-US: octokit/webhooks (GitHub webhook events toolset for Node.js) CVE-2023-50469 (Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discov ...) - TODO: check + NOT-FOR-US: Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 CVE-2023-50266 (Bazarr manages and downloads subtitles. In version 1.2.4, the proxy me ...) - TODO: check + NOT-FOR-US: Bazarr CVE-2023-50265 (Bazarr manages and downloads subtitles. Prior to 1.3.1, the /api/swagg ...) - TODO: check + NOT-FOR-US: Bazarr CVE-2023-50264 (Bazarr manages and downloads subtitles. Prior to 1.3.1, Bazarr contain ...) - TODO: check + NOT-FOR-US: Bazarr CVE-2023-4020 (An unvalidated input in a library function responsible for communicati ...) - TODO: check + NOT-FOR-US: Silicon Labs CVE-2023-39340 (A vulnerability exists on all versions of Ivanti Connect Secure below ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2023-31813 REJECTED CVE-2023-6839 (Due to improper error handling, a REST API resource could expose a ser ...) @@ -42883,7 +42883,7 @@ CVE-2023-28024 CVE-2023-28023 (A cross site request forgery vulnerability in the BigFix WebUI Softwar ...) NOT-FOR-US: HCL CVE-2023-28022 (HCL Connections is vulnerable to an information disclosure vulnerabili ...) - TODO: check + NOT-FOR-US: HCL CVE-2023-28021 (The BigFix WebUI uses weak cipher suites.) NOT-FOR-US: HCL CVE-2023-28020 (URL redirection in Login page in HCL BigFix WebUI allows malicious use ...) @@ -45071,7 +45071,7 @@ CVE-2023-27319 CVE-2023-27318 RESERVED CVE-2023-27317 (ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a ...) - TODO: check + NOT-FOR-US: ONTAP CVE-2023-27316 (SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerabilit ...) NOT-FOR-US: NetApp CVE-2023-27315 (SnapGathers versions prior to 4.9 are susceptible to a vulnerability ...) @@ -133154,7 +133154,7 @@ CVE-2022-24353 (This vulnerability allows network-adjacent attackers to execute CVE-2022-24352 (This vulnerability allows network-adjacent attackers to execute arbitr ...) NOT-FOR-US: TP-Link CVE-2022-24351 (TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5. ...) - TODO: check + NOT-FOR-US: Insyde CVE-2022-24350 (An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5. ...) NOT-FOR-US: Insyde CVE-2022-24349 (An authenticated user can create a link with reflected XSS payload for ...) @@ -154055,13 +154055,13 @@ CVE-2021-42799 CVE-2021-42798 RESERVED CVE-2021-42797 (Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Stud ...) - TODO: check + NOT-FOR-US: AVEVA CVE-2021-42796 (An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly In ...) - TODO: check + NOT-FOR-US: AVEVA CVE-2021-42795 RESERVED CVE-2021-42794 (An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) v ...) - TODO: check + NOT-FOR-US: AVEVA CVE-2021-42793 REJECTED CVE-2021-42792 @@ -249291,11 +249291,11 @@ CVE-2020-17487 (radare2 4.5.0 misparses signature information in PE files, causi CVE-2020-17486 RESERVED CVE-2020-17485 (A Remote Code Execution vulnerability exist in Uffizio's GPS Tracker a ...) - TODO: check + NOT-FOR-US: Uffizio CVE-2020-17484 (An Open Redirection vulnerability exists in Uffizio's GPS Tracker all ...) - TODO: check + NOT-FOR-US: Uffizio CVE-2020-17483 (An improper access control vulnerability exists in Uffizio's GPS Track ...) - TODO: check + NOT-FOR-US: Uffizio CVE-2020-17482 (An issue has been found in PowerDNS Authoritative Server before 4.3.1 ...) - pdns 4.3.1-1 (bug #970737) [buster] - pdns 4.1.6-3+deb10u1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f0d72a5f0f76e24baa1c4a43ea85d60f96accc2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f0d72a5f0f76e24baa1c4a43ea85d60f96accc2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits