[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 7 08:20:09 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6603d50e by Salvatore Bonaccorso at 2023-04-07T09:19:48+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9981,7 +9981,7 @@ CVE-2023-26085
CVE-2023-26084 (The armv8_dec_aes_gcm_full() API of Arm AArch64cryptolib before 86065c ...)
NOT-FOR-US: AArch64cryptolib
CVE-2023-26083 (Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Ker ...)
- TODO: check
+ NOT-FOR-US: Mali GPU Kernel Driver
CVE-2023-26082
RESERVED
CVE-2023-26081 (In Epiphany (aka GNOME Web) through 43.0, untrusted web content can tr ...)
@@ -11670,7 +11670,7 @@ CVE-2023-0752
CVE-2023-0751 (When GELI reads a key file from standard input, it does not reuse the ...)
NOT-FOR-US: FreeBSD GELI
CVE-2023-0750 (Yellobrik PEC-1864 implements authentication checks via javascript in ...)
- TODO: check
+ NOT-FOR-US: Yellobrik PEC-1864
CVE-2023-0749 (The Ocean Extra WordPress plugin before 2.1.3 does not ensure that the ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0748 (Open Redirect in GitHub repository btcpayserver/btcpayserver prior to ...)
@@ -13070,7 +13070,7 @@ CVE-2023-25064 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-25063
RESERVED
CVE-2023-25062 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PINP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-25061
RESERVED
CVE-2023-25060
@@ -13800,7 +13800,7 @@ CVE-2023-0582
CVE-2023-0581 (The PrivateContent plugin for WordPress is vulnerable to protection me ...)
NOT-FOR-US: PrivateContent plugin for WordPress
CVE-2023-0580 (Insecure Storage of Sensitive Information vulnerability in ABB My Cont ...)
- TODO: check
+ NOT-FOR-US: ABB
CVE-2023-0579
RESERVED
CVE-2023-0578 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -13999,7 +13999,7 @@ CVE-2023-24726 (Art Gallery Management System v1.0 was discovered to contain a S
CVE-2023-24725
RESERVED
CVE-2023-24724 (A stored cross site scripting (XSS) vulnerability was discovered in th ...)
- TODO: check
+ NOT-FOR-US: SAS 9.4 Admin Console
CVE-2023-24723
RESERVED
CVE-2023-24722
@@ -15061,7 +15061,7 @@ CVE-2023-24413
CVE-2023-24412
RESERVED
CVE-2023-24411 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24410
RESERVED
CVE-2023-24409
@@ -15077,7 +15077,7 @@ CVE-2023-24405
CVE-2023-24404
RESERVED
CVE-2023-24403 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24402
RESERVED
CVE-2023-24401
@@ -15091,7 +15091,7 @@ CVE-2023-24398
CVE-2023-24397
RESERVED
CVE-2023-24396 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24395
RESERVED
CVE-2023-24394
@@ -15109,7 +15109,7 @@ CVE-2023-24389
CVE-2023-24388 (Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking ca ...)
NOT-FOR-US: WpDevArt Booking calendar, Appointment Booking System plugin
CVE-2023-24387 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24386
RESERVED
CVE-2023-24385
@@ -15117,7 +15117,7 @@ CVE-2023-24385
CVE-2023-24384 (Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organizati ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24383 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kibo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24382 (Cross-Site Request Forgery (CSRF) vulnerability in Photon WP Material ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24381 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsTh ...)
@@ -15127,7 +15127,7 @@ CVE-2023-24380
CVE-2023-24379
RESERVED
CVE-2023-24378 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24377 (Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecw ...)
NOT-FOR-US: WordPress plugin
CVE-2023-24376
@@ -15135,7 +15135,7 @@ CVE-2023-24376
CVE-2023-24375
RESERVED
CVE-2023-24374 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24373
RESERVED
CVE-2023-24372
@@ -16001,27 +16001,27 @@ CVE-2023-24008
CVE-2023-24007
RESERVED
CVE-2023-24006 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Link Softwa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24005
RESERVED
CVE-2023-24004 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24003 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24002 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24001 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yann ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-24000
RESERVED
CVE-2023-23999
RESERVED
CVE-2023-23998 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23997
RESERVED
CVE-2023-23996 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Prof ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23995
RESERVED
CVE-2023-23994
@@ -16053,7 +16053,7 @@ CVE-2023-23982 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-23981 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Quan ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23980 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mail ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23979 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Q ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23978
@@ -16321,7 +16321,7 @@ CVE-2023-23900
CVE-2023-23899 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Extension ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23898 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23897
RESERVED
CVE-2023-23896
@@ -16335,7 +16335,7 @@ CVE-2023-23893
CVE-2023-23892
RESERVED
CVE-2023-23891 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23890
RESERVED
CVE-2023-23889
@@ -16573,7 +16573,7 @@ CVE-2023-23803
CVE-2023-23802
RESERVED
CVE-2023-23801 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Really Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23800
RESERVED
CVE-2023-23799
@@ -17004,9 +17004,9 @@ CVE-2023-23688
CVE-2023-23687 (Auth. Stored Cross-Site Scripting (XSS) vulnerability in Youtube short ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23686 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23685 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23684
RESERVED
CVE-2023-23683
@@ -18979,7 +18979,7 @@ CVE-2023-22987
CVE-2023-22986
RESERVED
CVE-2023-22985 (Sourcecodester Simple Guestbook Management System version 1 is vulnera ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Simple Guestbook Management System
CVE-2023-22984 (** UNSUPPORTED WHEN ASSIGNED ** A Vulnerability was discovered in Axis ...)
NOT-FOR-US: Axis 207W network camera
CVE-2023-22983
@@ -20453,21 +20453,21 @@ CVE-2023-0090 (The webservices in Proofpoint Enterprise Protection (PPS/POD) con
CVE-2023-0089 (The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a v ...)
NOT-FOR-US: Proofpoint
CVE-2022-48228 (An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It ...)
- TODO: check
+ NOT-FOR-US: Acuant AsureID Sentinel
CVE-2022-48227 (An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It ...)
- TODO: check
+ NOT-FOR-US: Acuant AsureID Sentinel
CVE-2022-48226 (An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Duri ...)
- TODO: check
+ NOT-FOR-US: Acuant
CVE-2022-48225 (An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It i ...)
- TODO: check
+ NOT-FOR-US: Acuant
CVE-2022-48224 (An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It i ...)
- TODO: check
+ NOT-FOR-US: Acuant
CVE-2022-48223 (An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Duri ...)
- TODO: check
+ NOT-FOR-US: Acuant
CVE-2022-48222 (An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Duri ...)
- TODO: check
+ NOT-FOR-US: Acuant
CVE-2022-48221 (An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Mult ...)
- TODO: check
+ NOT-FOR-US: Acuant
CVE-2017-20163 (A vulnerability has been found in Red Snapper NView and classified as ...)
NOT-FOR-US: Red Snapper NView
CVE-2014-125045 (A vulnerability has been found in meol1 and classified as critical. Af ...)
@@ -27154,7 +27154,7 @@ CVE-2022-46795
CVE-2022-46794
RESERVED
CVE-2022-46793 (Cross-Site Request Forgery (CSRF) vulnerability in AdTribes.Io Product ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-4366 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
NOT-FOR-US: daloRADIUS
CVE-2022-4365 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
@@ -27430,7 +27430,7 @@ CVE-2023-21632
CVE-2023-21631
RESERVED
CVE-2023-21630 (Memory Corruption in Multimedia Framework due to integer overflow when ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-21629
RESERVED
CVE-2023-21628
@@ -36727,35 +36727,35 @@ CVE-2023-20690
CVE-2023-20689
RESERVED
CVE-2023-20688 (In power, there is a possible out of bounds read due to a missing boun ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20687 (In display drm, there is a possible double free due to a race conditio ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20686 (In display drm, there is a possible double free due to a race conditio ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20685 (In vdec, there is a possible use after free due to a race condition. T ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20684 (In vdec, there is a possible use after free due to a race condition. T ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20683
RESERVED
CVE-2023-20682 (In wlan, there is a possible out of bounds write due to an integer ove ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20681 (In adsp, there is a possible out of bounds write due to improper input ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20680 (In adsp, there is a possible out of bounds write due to improper input ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20679 (In wlan, there is a possible out of bounds read due to a missing bound ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20678
RESERVED
CVE-2023-20677 (In wlan, there is a possible out of bounds read due to a missing bound ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20676 (In wlan, there is a possible out of bounds read due to a missing bound ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20675 (In wlan, there is a possible out of bounds read due to a missing bound ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20674 (In wlan, there is a possible out of bounds read due to a missing bound ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20673
RESERVED
CVE-2023-20672
@@ -36763,7 +36763,7 @@ CVE-2023-20672
CVE-2023-20671
RESERVED
CVE-2023-20670 (In audio, there is a possible out of bounds write due to a missing bou ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20669
RESERVED
CVE-2023-20668
@@ -36771,35 +36771,35 @@ CVE-2023-20668
CVE-2023-20667
RESERVED
CVE-2023-20666 (In display drm, there is a possible out of bounds write due to a missi ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20665 (In ril, there is a possible out of bounds read due to a missing bounds ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20664 (In gz, there is a possible double free due to a use after free. This c ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20663 (In wlan, there is a possible out of bounds write due to an integer ove ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20662 (In wlan, there is a possible out of bounds write due to an integer ove ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20661 (In wlan, there is a possible out of bounds write due to an integer ove ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20660 (In wlan, there is a possible out of bounds read due to an integer over ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20659 (In wlan, there is a possible out of bounds write due to a missing boun ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20658 (In isp, there is a possible out of bounds write due to a missing bound ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20657 (In mtee, there is a possible out of bounds write due to a missing boun ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20656 (In geniezone, there is a possible out of bounds write due to a logic e ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20655 (In mmsdk, there is a possible escalation of privilege due to a parcel ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20654 (In keyinstall, there is a possible out of bounds write due to a missin ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20653 (In keyinstall, there is a possible out of bounds write due to a missin ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20652 (In keyinstall, there is a possible out of bounds write due to a missin ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2023-20651 (In apu, there is a possible out of bounds read due to a missing bounds ...)
NOT-FOR-US: MediaTek
CVE-2023-20650 (In apu, there is a possible out of bounds write due to a missing bound ...)
@@ -37858,71 +37858,71 @@ CVE-2023-20155
CVE-2023-20154
RESERVED
CVE-2023-20153 (Multiple vulnerabilities in specific Cisco Identity Services Engine (I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20152 (Multiple vulnerabilities in specific Cisco Identity Services Engine (I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20151 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20150 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20149 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20148 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20147 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20146 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20145 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20144 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20143 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20142 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20141 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20140 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20139 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20138 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20137 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20136
RESERVED
CVE-2023-20135
RESERVED
CVE-2023-20134 (Multiple vulnerabilities in the web interface of Cisco Webex Meetings ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20133
RESERVED
CVE-2023-20132 (Multiple vulnerabilities in the web interface of Cisco Webex Meetings ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20131 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20130 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20129 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20128 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20127 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20126
RESERVED
CVE-2023-20125
RESERVED
CVE-2023-20124 (A vulnerability in the web-based management interface of Cisco Small B ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20123 (A vulnerability in the offline access mode of Cisco Duo Two-Factor Aut ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20122 (Multiple vulnerabilities in the restricted shell of Cisco Evolved Prog ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20121 (Multiple vulnerabilities in the restricted shell of Cisco Evolved Prog ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20120
RESERVED
CVE-2023-20119
@@ -37930,7 +37930,7 @@ CVE-2023-20119
CVE-2023-20118
RESERVED
CVE-2023-20117 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20116
RESERVED
CVE-2023-20115
@@ -37958,9 +37958,9 @@ CVE-2023-20105
CVE-2023-20104 (A vulnerability in the file upload functionality of Cisco Webex App fo ...)
NOT-FOR-US: Cisco
CVE-2023-20103 (A vulnerability in Cisco Secure Network Analytics could allow an authe ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20102 (A vulnerability in the web-based management interface of Cisco Secure ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20101
RESERVED
CVE-2023-20100 (A vulnerability in the access point (AP) joining process of the Contro ...)
@@ -37972,7 +37972,7 @@ CVE-2023-20098
CVE-2023-20097 (A vulnerability in Cisco access points (AP) software could allow an au ...)
NOT-FOR-US: Cisco
CVE-2023-20096 (A vulnerability in the web-based management interface of Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20095
RESERVED
CVE-2023-20094
@@ -38018,7 +38018,7 @@ CVE-2023-20075 (Vulnerability in the CLI of Cisco Secure Email Gateway could all
CVE-2023-20074
RESERVED
CVE-2023-20073 (A vulnerability in the web-based management interface of Cisco RV340, ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20072 (A vulnerability in the fragmentation handling code of tunnel protocol ...)
NOT-FOR-US: Cisco
CVE-2023-20071
@@ -38028,7 +38028,7 @@ CVE-2023-20070
CVE-2023-20069 (A vulnerability in the web-based management interface of Cisco Prime I ...)
NOT-FOR-US: Cisco
CVE-2023-20068 (A vulnerability in the web-based management interface of Cisco Prime I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20067 (A vulnerability in the HTTP-based client profiling feature of Cisco IO ...)
NOT-FOR-US: Cisco
CVE-2023-20066 (A vulnerability in the web UI of Cisco IOS XE Software could allow an ...)
@@ -38065,7 +38065,7 @@ CVE-2023-20052 (On Feb 15, 2023, the following vulnerability in the ClamAV scann
[bullseye] - clamav <no-dsa> (clamav is updated via -updates)
NOTE: https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html
CVE-2023-20051 (A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet D ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20050 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
NOT-FOR-US: Cisco
CVE-2023-20049 (A vulnerability in the bidirectional forwarding detection (BFD) hardwa ...)
@@ -38111,7 +38111,7 @@ CVE-2023-20032 (On Feb 15, 2023, the following vulnerability in the ClamAV scann
CVE-2023-20031
RESERVED
CVE-2023-20030 (A vulnerability in the web-based management interface of Cisco Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20029 (A vulnerability in the Meraki onboarding feature of Cisco IOS XE Softw ...)
NOT-FOR-US: Cisco
CVE-2023-20028
@@ -38125,11 +38125,11 @@ CVE-2023-20025 (A vulnerability in the web-based management interface of Cisco S
CVE-2023-20024
RESERVED
CVE-2023-20023 (Multiple vulnerabilities in specific Cisco Identity Services Engine (I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20022 (Multiple vulnerabilities in specific Cisco Identity Services Engine (I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20021 (Multiple vulnerabilities in specific Cisco Identity Services Engine (I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20020 (A vulnerability in the Device Management Servlet application of Cisco ...)
NOT-FOR-US: Cisco
CVE-2023-20019 (A vulnerability in the web-based management interface of Cisco BroadWo ...)
@@ -44735,7 +44735,7 @@ CVE-2022-41635
CVE-2022-41634 (Cross-Site Request Forgery (CSRF) vulnerability in Media Library Folde ...)
NOT-FOR-US: WordPress plugin
CVE-2022-41633 (Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-41623 (Sensitive Data Exposure in Villatheme ALD - AliExpress Dropshipping an ...)
NOT-FOR-US: Villatheme ALD
CVE-2022-41620 (Cross-Site Request Forgery (CSRF) vulnerability in SeoSamba for WordPr ...)
@@ -47452,7 +47452,7 @@ CVE-2022-40608 (IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File
CVE-2022-40607 (IBM Spectrum Scale 5.1 could allow users with permissions to create po ...)
NOT-FOR-US: IBM
CVE-2022-3192 (Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows C ...)
- TODO: check
+ NOT-FOR-US: ABB
CVE-2022-3191 (Insertion of Sensitive Information into Log File vulnerability in Hita ...)
NOT-FOR-US: Hitachi
CVE-2022-3190 (Infinite loop in the F5 Ethernet Trailer protocol dissector in Wiresha ...)
@@ -47626,7 +47626,7 @@ CVE-2022-40534
CVE-2022-40533
RESERVED
CVE-2022-40532 (Memory corruption due to integer overflow or wraparound in WLAN while ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-40531 (Memory corruption in WLAN due to incorrect type cast while sending WMI ...)
NOT-FOR-US: Qualcomm
CVE-2022-40530 (Memory corruption in WLAN due to integer overflow to buffer overflow i ...)
@@ -47684,7 +47684,7 @@ CVE-2022-40505
CVE-2022-40504
RESERVED
CVE-2022-40503 (Information disclosure due to buffer over-read in Bluetooth Host while ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-40502 (Transient DOS due to improper input validation in WLAN Host. ...)
NOT-FOR-US: Snapdragon
CVE-2022-3181 (An Improper Input Validation vulnerability exists in Trihedral VTScada ...)
@@ -51631,9 +51631,9 @@ CVE-2022-38925
CVE-2022-38924
RESERVED
CVE-2022-38923 (BluePage CMS thru v3.9 processes an insufficiently sanitized HTTP Head ...)
- TODO: check
+ NOT-FOR-US: BluePage CMS
CVE-2022-38922 (BluePage CMS thru 3.9 processes an insufficiently sanitized HTTP Heade ...)
- TODO: check
+ NOT-FOR-US: BluePage CMS
CVE-2022-38921
RESERVED
CVE-2022-38920
@@ -57456,7 +57456,7 @@ CVE-2022-2562
CVE-2022-2561 (This vulnerability allows remote attackers to execute arbitrary code o ...)
TODO: check
CVE-2022-2560 (This vulnerability allows remote attackers to delete arbitrary files o ...)
- TODO: check
+ NOT-FOR-US: EnterpriseDT CompleteFTP Server
CVE-2022-2559 (The Fluent Support WordPress plugin before 1.5.8 does not properly san ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2558 (The Simple Job Board WordPress plugin before 2.10.0 is susceptible to ...)
@@ -67267,37 +67267,37 @@ CVE-2022-33304
CVE-2022-33303
RESERVED
CVE-2022-33302 (Memory corruption due to improper validation of array index in User Id ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33301 (Memory corruption due to incorrect type conversion or cast in audio wh ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33300 (Memory corruption in Automotive Android OS due to improper input valid ...)
NOT-FOR-US: Qualcomm
CVE-2022-33299 (Transient DOS due to null pointer dereference in Bluetooth HOST while ...)
NOT-FOR-US: Qualcomm
CVE-2022-33298 (Memory corruption due to use after free in Modem while modem initializ ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33297 (Information disclosure due to buffer overread in Linux sensors ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33296 (Memory corruption due to integer overflow to buffer overflow in Modem ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33295 (Information disclosure in Modem due to buffer over-read while parsing ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33294 (Transient DOS in Modem due to NULL pointer dereference while receiving ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33293
RESERVED
CVE-2022-33292
RESERVED
CVE-2022-33291 (Information disclosure in Modem due to buffer over-read while receivin ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33290 (Transient DOS in Bluetooth HOST due to null pointer dereference when a ...)
NOT-FOR-US: Qualcomm
CVE-2022-33289 (Memory corruption occurs in Modem due to improper validation of array ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33288 (Memory corruption due to buffer copy without checking the size of inpu ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33287 (Information disclosure in Modem due to buffer over-read while getting ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33286 (Transient DOS due to buffer over-read in WLAN while processing 802.11 ...)
NOT-FOR-US: Qualcomm
CVE-2022-33285 (Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA a ...)
@@ -67307,7 +67307,7 @@ CVE-2022-33284 (Information disclosure due to buffer over-read in WLAN while par
CVE-2022-33283 (Information disclosure due to buffer over-read in WLAN while WLAN fram ...)
NOT-FOR-US: Qualcomm
CVE-2022-33282 (Memory corruption in Automotive Multimedia due to integer overflow to ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33281
RESERVED
CVE-2022-33280 (Memory corruption due to access of uninitialized pointer in Bluetooth ...)
@@ -67331,9 +67331,9 @@ CVE-2022-33272 (Transient DOS in modem due to reachable assertion. ...)
CVE-2022-33271 (Information disclosure due to buffer over-read in WLAN while parsing N ...)
NOT-FOR-US: Qualcomm
CVE-2022-33270 (Transient DOS due to time-of-check time-of-use race condition in Modem ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33269 (Memory corruption due to integer overflow or wraparound in Core while ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33268 (Information disclosure due to buffer over-read in Bluetooth HOST while ...)
NOT-FOR-US: Qualcomm
CVE-2022-33267
@@ -67353,9 +67353,9 @@ CVE-2022-33261
CVE-2022-33260 (Memory corruption due to stack based buffer overflow in core while sen ...)
NOT-FOR-US: Qualcomm
CVE-2022-33259 (Memory corruption due to buffer copy without checking the size of inpu ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33258 (Information disclosure due to buffer over-read in modem while reading ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33257 (Memory corruption in Core due to time-of-check time-of-use race condit ...)
NOT-FOR-US: Qualcomm
CVE-2022-33256 (Memory corruption due to improper validation of array index in Multi-m ...)
@@ -67409,13 +67409,13 @@ CVE-2022-33233 (Memory corruption due to configuration weakness in modem wile se
CVE-2022-33232 (Memory corruption due to buffer copy without checking size of input wh ...)
NOT-FOR-US: Qualcomm
CVE-2022-33231 (Memory corruption due to double free in core while initializing the en ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33230
RESERVED
CVE-2022-33229 (Information disclosure due to buffer over-read in Modem while using st ...)
NOT-FOR-US: Qualcomm
CVE-2022-33228 (Information disclosure sue to buffer over-read in modem while processi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33227
RESERVED
CVE-2022-33226
@@ -67425,9 +67425,9 @@ CVE-2022-33225 (Memory corruption due to use after free in trusted application e
CVE-2022-33224
RESERVED
CVE-2022-33223 (Transient DOS in Modem due to null pointer dereference while processin ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33222 (Information disclosure due to buffer over-read while parsing DNS respo ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33221 (Information disclosure in Trusted Execution Environment due to buffer ...)
NOT-FOR-US: Qualcomm
CVE-2022-33220
@@ -67449,7 +67449,7 @@ CVE-2022-33213 (Memory corruption in modem due to buffer overflow while processi
CVE-2022-33212
RESERVED
CVE-2022-33211 (memory corruption in modem due to improper check while calculating siz ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2022-33210 (Memory corruption in automotive multimedia due to use of out-of-range ...)
NOT-FOR-US: Snapdragon
CVE-2022-33146 (Open redirect vulnerability in web2py versions prior to 2.22.5 allows ...)
@@ -68933,7 +68933,7 @@ CVE-2022-32601 (In telephony, there is a possible permission bypass due to a par
CVE-2022-32600
RESERVED
CVE-2022-32599 (In rpmb, there is a possible out of bounds write due to a logic error. ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2022-32598 (In widevine, there is a possible out of bounds write due to an incorre ...)
NOT-FOR-US: Mediatek
CVE-2022-32597 (In widevine, there is a possible out of bounds write due to an incorre ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6603d50e731d7c52ec9549496137d37024da1e07
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6603d50e731d7c52ec9549496137d37024da1e07
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230407/193427ba/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list