Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
97e83bce by Salvatore Bonaccorso at 2024-03-06T22:01:14+01:00
Add CVE-2023-50716/fastdds
- - - - -
6827ee5f by Salvatore Bonaccorso at 2024-03-06T22:01:16+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61,29 +61,30 @@ CVE-2024-20301 (A vulnerability in Cisco Duo Authentication
for Windows Logon an
CVE-2024-20292 (A vulnerability in the logging component of Cisco Duo
Authentication f ...)
NOT-FOR-US: Cisco
CVE-2024-1224 (This vulnerability exists in USB Pratirodh due to the usage of
a weake ...)
- TODO: check
+ NOT-FOR-US: USB Pratirodh
CVE-2024-1142 (Path Traversal in Sonatype IQ Server from version 143 allows
remote au ...)
- TODO: check
+ NOT-FOR-US: Sonatype
CVE-2023-50716 (eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation
of the ...)
- TODO: check
+ - fastdds <unfixed>
+ NOTE:
https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5m2f-hvj2-cx2h
CVE-2023-50167 (Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue
with ed ...)
- TODO: check
+ NOT-FOR-US: Pega Platform
CVE-2023-49985 (A cross-site scripting (XSS) vulnerability in the component
/managemen ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49984 (A cross-site scripting (XSS) vulnerability in the component
/managemen ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49983 (A cross-site scripting (XSS) vulnerability in the component
/managemen ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49982 (Broken access control in the component /admin/management/users
of Scho ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49981 (A directory listing vulnerability in School Fees Management
System v1. ...)
- TODO: check
+ NOT-FOR-US: School Fees Management System
CVE-2023-49980 (A directory listing vulnerability in Best Student Result
Management Sy ...)
- TODO: check
+ NOT-FOR-US: Best Student Result Management System
CVE-2023-49979 (A directory listing vulnerability in Customer Support System
v1 allows ...)
- TODO: check
+ NOT-FOR-US: Customer Support System
CVE-2023-49978 (Incorrect access control in Customer Support System v1 allows
non-admi ...)
- TODO: check
+ NOT-FOR-US: Customer Support System
CVE-2023-48703 (RobotsAndPencils go-saml, a SAML client library written in Go,
contain ...)
TODO: check
CVE-2023-38825 (SQL injection vulnerability in Vanderbilt REDCap before
v.13.8.0 allow ...)
@@ -245506,7 +245507,7 @@ CVE-2020-26944 (An issue was discovered in Aptean
Product Configurator 4.61.0000
CVE-2020-26943 (An issue was discovered in OpenStack blazar-dashboard before
1.3.1, 2. ...)
NOT-FOR-US: blazar-dashboard
CVE-2020-26942 (An issue discovered in Axigen Mail Server 10.3.x before
10.3.1.27 and ...)
- TODO: check
+ NOT-FOR-US: Axigen Mail Server
CVE-2020-26941 (A local (authenticated) low-privileged user can exploit a
behavior in ...)
NOT-FOR-US: IBM
CVE-2020-26940
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab218ce143bc3a837758a3e2d36a3ce62ca26c46...6827ee5f3654397fc83326d3050fb2ee1991bf33
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ab218ce143bc3a837758a3e2d36a3ce62ca26c46...6827ee5f3654397fc83326d3050fb2ee1991bf33
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
