Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4cbbd3fc by Salvatore Bonaccorso at 2024-05-03T22:19:13+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -491,7 +491,7 @@ CVE-2024-27453 (In Extreme XOS through 22.6.1.4, a
read-only user can escalate p
CVE-2024-25290 (An issue in Casa Systems NL1901ACV R6B032 allows a remote
attacker to ...)
TODO: check
CVE-2024-25047 (IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through
12.0.2 i ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-24710 (Missing Authorization vulnerability in SlickRemix Feed Them
Social.Thi ...)
TODO: check
CVE-2024-23914 (Use of Externally-Controlled Format String vulnerability in
Merge DICO ...)
@@ -851,7 +851,7 @@ CVE-2023-50188 (Trimble SketchUp Viewer SKP File Parsing
Uninitialized Variable
CVE-2023-50187 (Trimble SketchUp Viewer SKP File Parsing Memory Corruption
Remote Code ...)
TODO: check
CVE-2023-47727 (IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM
QRadar S ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-47220 (An OS command injection vulnerability has been reported to
affect Medi ...)
TODO: check
CVE-2023-44472 (Missing Authorization vulnerability in ThemeFuse Unyson.This
issue aff ...)
@@ -1263,9 +1263,9 @@ CVE-2023-41182 (NETGEAR ProSAFE Network Management System
ZipUtils Directory Tra
CVE-2023-41181 (LG SuperSign Media Editor getSubFolderList Directory Traversal
Informa ...)
TODO: check
CVE-2023-40696 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker
than expe ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-40695 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not
invalidate s ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-40517 (LG SuperSign Media Editor ContentRestController getObject
Directory Tr ...)
TODO: check
CVE-2023-40516 (LG Simple Editor Incorrect Permission Assignment Local
Privilege Escal ...)
@@ -1453,7 +1453,7 @@ CVE-2023-39458 (Triangle MicroWorks SCADA Data Gateway
Use of Hard-coded Credent
CVE-2023-39457 (Triangle MicroWorks SCADA Data Gateway Missing Authentication
Vulnerab ...)
TODO: check
CVE-2023-38724 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable
to SQL ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-38125 (Softing edgeAggregator Permissive Cross-domain Policy with
Untrusted D ...)
TODO: check
CVE-2023-38124 (Inductive Automation Ignition OPC UA Quick Client Task
Scheduling Expo ...)
@@ -1549,7 +1549,7 @@ CVE-2023-38078 (Kofax Power PDF U3D File Parsing
Use-After-Free Information Disc
CVE-2023-38077 (Kofax Power PDF U3D File Parsing Out-Of-Bounds Read
Information Disclo ...)
TODO: check
CVE-2023-37407 (IBM Aspera Orchestrator 4.0.1 could allow a remote
authenticated attac ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-37359 (Kofax Power PDF U3D File Parsing Out-Of-Bounds Read
Information Disclo ...)
TODO: check
CVE-2023-37358 (Kofax Power PDF U3D File Parsing Out-Of-Bounds Read
Information Disclo ...)
@@ -75901,7 +75901,7 @@ CVE-2023-28954
CVE-2023-28953 (IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an
attacker ...)
NOT-FOR-US: IBM
CVE-2023-28952 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable
to inje ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-28951
RESERVED
CVE-2023-28950 (IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive
user infor ...)
@@ -93018,7 +93018,7 @@ CVE-2023-23476 (IBM Robotic Process Automation 21.0.0
through 21.0.7.latest is v
CVE-2023-23475 (IBM Infosphere Information Server 11.7 is vulnerable to
cross-site scr ...)
NOT-FOR-US: IBM
CVE-2023-23474 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a
remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-23473 (IBM InfoSphere Information Server 11.7 is vulnerable to
cross-site req ...)
NOT-FOR-US: IBM
CVE-2023-23472
@@ -177311,7 +177311,7 @@ CVE-2022-22366 (IBM UrbanCode Deploy (UCD) 6.2.7.15,
7.0.5.10, 7.1.2.6, and 7.2.
CVE-2022-22365 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with
the Ajax ...)
NOT-FOR-US: IBM
CVE-2022-22364 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable
to exte ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22363
RESERVED
CVE-2022-22362
@@ -249834,7 +249834,7 @@ CVE-2021-20558
CVE-2021-20557 (IBM Security Guardium 11.2 could allow a remote authenticated
attacker ...)
NOT-FOR-US: IBM
CVE-2021-20556 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a
remote ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-20555
RESERVED
CVE-2021-20554 (IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable
to cros ...)
@@ -250044,9 +250044,9 @@ CVE-2021-20453 (IBM WebSphere Application Server 8.0,
8.5, and 9.0 is vulnerable
CVE-2021-20452
RESERVED
CVE-2021-20451 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable
to SQL ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-20450 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not set
the secu ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-20449
RESERVED
CVE-2021-20448 (IBM Content Navigator 3.0.CD is vulnerable to cross-site
scripting. Th ...)
@@ -320299,7 +320299,7 @@ CVE-2020-4876 (IBM Cognos Controller 10.4.0, 10.4.1,
and 10.4.2 is vulnerable to
CVE-2020-4875 (IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable
to an X ...)
NOT-FOR-US: IBM
CVE-2020-4874 (IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker
than expe ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4873 (IBM Planning Analytics 2.0 could allow an attacker to obtain
sensitive ...)
NOT-FOR-US: IBM
CVE-2020-4872
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4cbbd3fcdbe3f26bea0230a92e06f1f4b0ae7e35
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4cbbd3fcdbe3f26bea0230a92e06f1f4b0ae7e35
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
