[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Aug 2 16:47:38 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
deb83d78 by Moritz Mühlenhoff at 2023-08-02T17:47:06+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10,17 +10,17 @@ CVE-2023-3731 (Use after free in Diagnostics in Google Chrome on ChromeOS prior
CVE-2023-3729 (Use after free in Splitscreen in Google Chrome on ChromeOS prior to 11 ...)
NOT-FOR-US: Google Chrome on ChromeOS
CVE-2023-3494 (The fwctl driver implements a state machine which is executed when a b ...)
- TODO: check
+ NOT-FOR-US: bhyve
CVE-2023-3107 (A set of carefully crafted ipv6 packets can trigger an integer overflo ...)
- TODO: check
+ NOT-FOR-US: FreeBSD
CVE-2023-38990 (An issue in the delete function in the MenuController class of jeesite ...)
- TODO: check
+ NOT-FOR-US: jeesite
CVE-2023-38556 (Improper input validation vulnerability in SEIKO EPSON printer Web Con ...)
- TODO: check
+ NOT-FOR-US: SEIKO
CVE-2023-36351 (An issue in Viatom Health ViHealth for Android v.2.74.58 and before al ...)
NOT-FOR-US: Viatom Health ViHealth for Android
CVE-2023-36121 (Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote att ...)
- TODO: check
+ NOT-FOR-US: e107
CVE-2023-36118 (Cross Site Scripting vulnerability in Faculty Evaulation System using ...)
NOT-FOR-US: Faculty Evaulation System
CVE-2023-34869 (PHPJabbers Catering System v1.0 was discovered to contain a cross-site ...)
@@ -36,27 +36,27 @@ CVE-2023-33561 (Improper input validation of password parameter in PHP Jabbers T
CVE-2023-33560 (There is a Cross Site Scripting (XSS) vulnerability in "cid" parameter ...)
NOT-FOR-US: PHP Jabbers Time Slots Booking Calendar
CVE-2023-31928 (A reflected cross-site scripting (XSS) vulnerability exists in Brocade ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31927 (An information disclosure in the web interface of Brocade Fabric OS ve ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31926 (System files could be overwritten using the less command in Brocade Fa ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31432 (Through manipulation of passwords or other variables, using commands s ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31431 (A buffer overflow vulnerability in \u201cdiagstatus\u201d command in B ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31430 (A buffer overflow vulnerability in \u201csecpolicydelete\u201d command ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31429 (Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31428 (Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31427 (Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c, and v9.2. ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31426 (The Brocade Fabric OS Commands \u201cconfigupload\u201d and \u201cconf ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-31425 (A vulnerability in the fosexec command of Brocade Fabric OS after Broc ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2023-4008
- gitlab <unfixed>
CVE-2023-4011 (An issue has been discovered in GitLab EE affecting all versions from ...)
@@ -76515,7 +76515,7 @@ CVE-2022-2418 (A vulnerability was found in URVE Web Manager. It has been classi
CVE-2022-2417 (Insufficient validation in GitLab CE/EE affecting all versions from 12 ...)
- gitlab 15.10.8+ds1-2
CVE-2022-2416 (In affected versions of Octopus Deploy it is possible for a low privil ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2022-2415 (Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 ...)
{DSA-5168-1}
- chromium 103.0.5060.53-1
@@ -77975,7 +77975,7 @@ CVE-2022-35300
CVE-2022-33939 (CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP45 ...)
NOT-FOR-US: Yokogawa CENTUM CS 3000
CVE-2022-2346 (In affected versions of Octopus Deploy it is possible for a low privil ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2022-2345 (Use After Free in GitHub repository vim/vim prior to 9.0.0046.)
- vim 2:9.0.0135-1 (unimportant)
NOTE: https://huntr.dev/bounties/1eed7009-db6d-487b-bc41-8f2fd260483f
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deb83d78691090cbaa390d881046781887b8b32f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deb83d78691090cbaa390d881046781887b8b32f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230802/0eb6aabd/attachment.htm>
More information about the debian-security-tracker-commits
mailing list