Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
66a79b5c by Salvatore Bonaccorso at 2023-12-20T09:38:55+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
CVE-2023-6977 (This vulnerability enables malicious users to read sensitive
files on ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2023-6976 (This vulnerability is capable of writing arbitrary files into
arbitrar ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2023-6975 (A malicious user could use this issue to get command execution
on the ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2023-6974 (A malicious user could use this issue to access internal
HTTP(s) serve ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2023-6930 (EuroTel ETL3100 versions v01c01 and v01x37 suffer from an
unauthentica ...)
- TODO: check
+ NOT-FOR-US: EuroTel ETL3100
CVE-2023-6929 (EuroTel ETL3100 versions v01c01 and v01x37 are vulnerable to
insecure ...)
- TODO: check
+ NOT-FOR-US: EuroTel ETL3100
CVE-2023-6928 (EuroTel ETL3100 versions v01c01 and v01x37 does not limit the
number o ...)
- TODO: check
+ NOT-FOR-US: EuroTel ETL3100
CVE-2023-6689 (A successful CSRF attack could force the user to perform state
changin ...)
- TODO: check
+ NOT-FOR-US: EFACEC
CVE-2023-50835 (Cross-Site Request Forgery (CSRF) vulnerability in Praveen
Goswami Adv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-50707 (Through the exploitation of active user sessions, an attacker
could se ...)
- TODO: check
+ NOT-FOR-US: EFACEC
CVE-2023-50706 (A user without administrator permissions with access to the
UC500 wind ...)
- TODO: check
+ NOT-FOR-US: UC500 windows system
CVE-2023-50705 (An attacker could create malicious requests to obtain
sensitive inform ...)
- TODO: check
+ NOT-FOR-US: UC500 windows system
CVE-2023-50704 (An attacker could construct a URL within the application that
causes a ...)
- TODO: check
+ NOT-FOR-US: UC500 windows system
CVE-2023-50703 (An attacker with network access could perform a
man-in-the-middle (Mit ...)
- TODO: check
+ NOT-FOR-US: UC500 windows system
CVE-2023-50466 (An authenticated command injection vulnerability in Weintek
cMT2078X e ...)
- TODO: check
+ NOT-FOR-US: Weintek cMT2078X easyweb Web
CVE-2023-49812 (Authorization Bypass Through User-Controlled Key vulnerability
in J.N. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49764 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49750 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49164 (Cross-Site Request Forgery (CSRF) vulnerability in OceanWP
Ocean Extra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-49147 (An issue was discovered in PDF24 Creator 11.14.0. The
configuration of ...)
- TODO: check
+ NOT-FOR-US: PDF24 Creator
CVE-2023-49004 (An issue in D-Link DIR-850L v.B1_FW223WWb01 allows a remote
attacker t ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2023-48764 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48741 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48738 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-48327 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-47707 (IBM Security Guardium Key Lifecycle Manager 4.3 is vulnerable
to cross ...)
NOT-FOR-US: IBM
CVE-2023-47706 (IBM Security Guardium Key Lifecycle Manager 4.3 could allow an
authent ...)
@@ -61,15 +61,15 @@ CVE-2023-47703 (IBM Security Guardium Key Lifecycle Manager
4.3 could allow a re
CVE-2023-47702 (IBM Security Guardium Key Lifecycle Manager 4.3 could allow a
remote a ...)
NOT-FOR-US: IBM
CVE-2023-47267 (An issue discovered in TheGreenBow Windows Enterprise
Certified VPN Cl ...)
- TODO: check
+ NOT-FOR-US: TheGreenBow
CVE-2023-47161 (IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through
7.2.3.7, ...)
NOT-FOR-US: IBM
CVE-2023-47146 (IBM Qradar SIEM 7.5 could allow a privileged user to obtain
sensitive ...)
NOT-FOR-US: IBM
CVE-2023-46624 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-45887 (DS Wireless Communication (DWC) with DWC_VERSION_3 and
DWC_VERSION_11 ...)
- TODO: check
+ NOT-FOR-US: DS Wireless Communication (DWC)
CVE-2023-45172 (IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged
local user ...)
NOT-FOR-US: IBM
CVE-2023-42940 (A session rendering issue was addressed with improved session
tracking ...)
@@ -81,9 +81,9 @@ CVE-2023-42012 (An IBM UrbanCode Deploy Agent 7.2 through
7.2.3.7, and 7.3 throu
CVE-2023-38126 (Softing edgeAggregator Restore Configuration Directory
Traversal Remot ...)
TODO: check
CVE-2023-37982 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35883 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6945 (A vulnerability has been found in SourceCodester Online Student
Manage ...)
NOT-FOR-US: SourceCodester Online Student Management System
CVE-2023-6944
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a79b5c4eba7bc0eae448d1dcd9e9cbb101e1f7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a79b5c4eba7bc0eae448d1dcd9e9cbb101e1f7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
