[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Apr 14 09:07:45 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8d19b3cf by Moritz Muehlenhoff at 2023-04-14T10:07:17+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2126,7 +2126,7 @@ CVE-2023-29573
CVE-2023-29572
RESERVED
CVE-2023-29571 (Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ...)
- TODO: check
+ NOT-FOR-US: Cesenta MJS
CVE-2023-29570
RESERVED
CVE-2023-29569
@@ -8164,7 +8164,7 @@ CVE-2023-27828
CVE-2023-27827
RESERVED
CVE-2023-27826 (SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW ...)
- TODO: check
+ NOT-FOR-US: TightVNC
CVE-2023-27825
RESERVED
CVE-2023-27824
@@ -131247,7 +131247,7 @@ CVE-2021-37840 (aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking (CS
CVE-2021-37839 (Apache Superset up to 1.5.1 allowed for authenticated users to access ...)
NOT-FOR-US: Apache Superset
CVE-2021-3674 (A flaw was found in rizin. The create_section_from_phdr function alloc ...)
- TODO: check
+ NOT-FOR-US: rizin
CVE-2021-3673 (A vulnerability was found in Radare2 in version 5.3.1. Improper input ...)
- radare2 5.5.0+dfsg-1
NOTE: https://github.com/radareorg/radare2/issues/18923
@@ -199584,13 +199584,13 @@ CVE-2020-23262 (An issue was discovered in ming-soft MCMS v5.0, where a maliciou
CVE-2020-23261
RESERVED
CVE-2020-23260 (An issue found in Jsish v.3.0.11 and before allows an attacker to caus ...)
- TODO: check
+ NOT-FOR-US: Jsish
CVE-2020-23259 (An issue found in Jsish v.3.0.11 and before allows an attacker to caus ...)
- TODO: check
+ NOT-FOR-US: Jsish
CVE-2020-23258 (An issue found in Jsish v.3.0.11 allows a remote attacker to cause a d ...)
- TODO: check
+ NOT-FOR-US: Jsish
CVE-2020-23257 (Buffer Overflow vulnerability found in Espruino 2v05.41 allows an atta ...)
- TODO: check
+ NOT-FOR-US: Espruino
CVE-2020-23256 (An issue was discovered in Electerm 1.3.22, allows attackers to execut ...)
NOT-FOR-US: Electerm
CVE-2020-23255
@@ -200858,7 +200858,7 @@ CVE-2020-22649
CVE-2020-22648
RESERVED
CVE-2020-22647 (An issue found in DepositGame v.1.0 allows an attacker to gain sensiti ...)
- TODO: check
+ NOT-FOR-US: DepositGame
CVE-2020-22646
RESERVED
CVE-2020-22645
@@ -201094,7 +201094,7 @@ CVE-2020-22535 (Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the
CVE-2020-22534
RESERVED
CVE-2020-22533 (Cross Site Scripting vulnerability found in Zentao allows a remote att ...)
- TODO: check
+ NOT-FOR-US: Zentao
CVE-2020-22532
RESERVED
CVE-2020-22531
@@ -203424,7 +203424,7 @@ CVE-2020-21516 (There is an arbitrary file upload vulnerability in FeehiCMS 2.0.
CVE-2020-21515
RESERVED
CVE-2020-21514 (An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2. ...)
- TODO: check
+ NOT-FOR-US: Fluentd
CVE-2020-21513
RESERVED
CVE-2020-21512
@@ -203478,7 +203478,7 @@ CVE-2020-21489
CVE-2020-21488
RESERVED
CVE-2020-21487 (Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ...)
- TODO: check
+ NOT-FOR-US: pfSense
CVE-2020-21486
RESERVED
CVE-2020-21485
@@ -204337,7 +204337,7 @@ CVE-2020-21062
CVE-2020-21061
RESERVED
CVE-2020-21060 (SQL injection vulnerability found in PHPMyWind v.5.6 allows a remote a ...)
- TODO: check
+ NOT-FOR-US: PHPMyWind
CVE-2020-21059
RESERVED
CVE-2020-21058
@@ -204645,11 +204645,11 @@ CVE-2020-20917
CVE-2020-20916
RESERVED
CVE-2020-20915 (SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote a ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2020-20914 (SQL Injection vulnerability found in San Luan PublicCMS v.4.0 allows a ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2020-20913 (SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a r ...)
- TODO: check
+ NOT-FOR-US: MCMS
CVE-2020-20912
RESERVED
CVE-2020-20911
@@ -205469,9 +205469,9 @@ CVE-2020-20524
CVE-2020-20523
RESERVED
CVE-2020-20522 (Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a rem ...)
- TODO: check
+ NOT-FOR-US: KiteCMS
CVE-2020-20521 (Cross Site Scripting vulnerability found in KiteCMS v.1.1 allows a rem ...)
- TODO: check
+ NOT-FOR-US: KiteCMS
CVE-2020-20520
RESERVED
CVE-2020-20519
@@ -206652,7 +206652,7 @@ CVE-2020-19949 (A cross-site scripting (XSS) vulnerability in the /link/add.html
CVE-2020-19948
RESERVED
CVE-2020-19947 (Cross Site Scripting vulnerability found in Markdown Edit allows a rem ...)
- TODO: check
+ NOT-FOR-US: Markdown Edit
CVE-2020-19946
RESERVED
CVE-2020-19945
@@ -206857,7 +206857,7 @@ CVE-2020-19852
CVE-2020-19851
RESERVED
CVE-2020-19850 (An issue found in Directus API v.2.2.0 allows a remote attacker to cau ...)
- TODO: check
+ NOT-FOR-US: Directus API
CVE-2020-19849
RESERVED
CVE-2020-19848
@@ -206954,9 +206954,9 @@ CVE-2020-19805
CVE-2020-19804
RESERVED
CVE-2020-19803 (Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 ...)
- TODO: check
+ NOT-FOR-US: DoyoCMS
CVE-2020-19802 (File Upload vulnerability found in Milken DoyoCMS v.2.3 allows a remot ...)
- TODO: check
+ NOT-FOR-US: DoyoCMS
CVE-2020-19801
RESERVED
CVE-2020-19800
@@ -206988,7 +206988,7 @@ CVE-2020-19788
CVE-2020-19787
RESERVED
CVE-2020-19786 (File upload vulnerability in CSKaza CSZ CMS v.1.2.2 fixed in v1.2.4 al ...)
- TODO: check
+ NOT-FOR-US: CSKaza CSZ CMS
CVE-2020-19785
RESERVED
CVE-2020-19784
@@ -207180,21 +207180,21 @@ CVE-2020-19701
CVE-2020-19700
RESERVED
CVE-2020-19699 (Cross Site Scripting vulnerability found in KOHGYLW Kiftd v.1.0.18 all ...)
- TODO: check
+ NOT-FOR-US: KOHGYLW Kiftd
CVE-2020-19698 (Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 a ...)
- TODO: check
+ NOT-FOR-US: Pandao Editor.md
CVE-2020-19697 (Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 a ...)
- TODO: check
+ NOT-FOR-US: Pandao Editor.md
CVE-2020-19696
RESERVED
CVE-2020-19695 (Buffer Overflow found in Nginx NJS allows a remote attacker to execute ...)
- TODO: check
+ NOT-FOR-US: Nginx NJS
CVE-2020-19694
RESERVED
CVE-2020-19693 (An issue found in Espruino Espruino 6ea4c0a allows an attacker to exec ...)
- TODO: check
+ NOT-FOR-US: Espruino
CVE-2020-19692 (Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a rem ...)
- TODO: check
+ NOT-FOR-US: Nginx NJS
CVE-2020-19691
RESERVED
CVE-2020-19690
@@ -207222,7 +207222,7 @@ CVE-2020-19680
CVE-2020-19679
RESERVED
CVE-2020-19678 (Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense ...)
- TODO: check
+ NOT-FOR-US: pfSense
CVE-2020-19677
RESERVED
CVE-2020-19676 (Nacos 1.1.4 is affected by: Incorrect Access Control. An environment c ...)
@@ -208094,11 +208094,11 @@ CVE-2020-19281 (A stored cross-site scripting (XSS) vulnerability in the /manage
CVE-2020-19280 (Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows ...)
NOT-FOR-US: Jeesns
CVE-2020-19279 (Directory Traversal vulnerability found in B3log Wide allows a an atta ...)
- TODO: check
+ NOT-FOR-US: B3log
CVE-2020-19278 (Cross Site Request Forgery vulnerability found in Phachon mm-wiki v.0. ...)
- TODO: check
+ NOT-FOR-US: Phachon mm-wiki
CVE-2020-19277 (Cross Site Scripting vulnerability found in Phachon mm-wiki v.0.1.2 al ...)
- TODO: check
+ NOT-FOR-US: Phachon mm-wiki
CVE-2020-19276
RESERVED
CVE-2020-19275 (An Information Disclosure vulnerability exists in dhcms 2017-09-18 whe ...)
@@ -220429,7 +220429,7 @@ CVE-2020-14142
CVE-2020-14141
RESERVED
CVE-2020-14140 (When Xiaomi router firmware is updated in 2020, there is an unauthenti ...)
- TODO: check
+ NOT-FOR-US: Xiaomi
CVE-2020-14139
RESERVED
CVE-2020-14138
@@ -235231,7 +235231,7 @@ CVE-2020-9011
CVE-2020-9010
RESERVED
CVE-2020-9009 (The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote a ...)
- TODO: check
+ NOT-FOR-US: CS-Cart plugin
CVE-2020-9008 (Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/Pe ...)
NOT-FOR-US: Blackboard Learn/PeopleTool
CVE-2019-20473 (An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.865 ...)
@@ -235541,7 +235541,7 @@ CVE-2020-8891 (An issue was discovered in MISP before 2.4.121. It did not canoni
CVE-2020-8890 (An issue was discovered in MISP before 2.4.121. It mishandled time ske ...)
NOT-FOR-US: MISP
CVE-2020-8889 (The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: CS-Cart plugin
CVE-2020-8888
RESERVED
CVE-2020-8887 (Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 hav ...)
@@ -291213,7 +291213,7 @@ CVE-2019-8965
CVE-2019-8964
RESERVED
CVE-2019-8963 (A Denial of Service (DoS) vulnerability was discovered in FlexNet Publ ...)
- TODO: check
+ NOT-FOR-US: FlexNet Publisher
CVE-2019-8962
RESERVED
CVE-2019-8961 (A Denial of Service vulnerability related to stack exhaustion has been ...)
@@ -401962,7 +401962,7 @@ CVE-2017-6896 (Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.
CVE-2017-6895 (USB Pratirodh allows remote attackers to conduct XML External Entity ( ...)
NOT-FOR-US: USB Pratirodh
CVE-2017-6894 (A vulnerability exists in FlexNet Manager Suite releases 2015 R2 SP3 a ...)
- TODO: check
+ NOT-FOR-US: FlexNet Manager Suite
CVE-2017-6893
RESERVED
CVE-2017-6892 (In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()" fu ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d19b3cf36251bf0775a0f130c95b610c4659a50
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d19b3cf36251bf0775a0f130c95b610c4659a50
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230414/99fc6b8a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list