[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 10 21:24:15 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c1e79980 by Salvatore Bonaccorso at 2023-08-10T22:23:47+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2023-4283 (The EmbedPress plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: EmbedPress plugin for WordPress
CVE-2023-4282 (The EmbedPress plugin for WordPress is vulnerable to unauthorized loss ...)
- TODO: check
+ NOT-FOR-US: EmbedPress plugin for WordPress
CVE-2023-4275
REJECTED
CVE-2023-4128 (A use-after-free flaw was found in net/sched/cls_fw.c in classifiers ( ...)
@@ -9,11 +9,11 @@ CVE-2023-4128 (A use-after-free flaw was found in net/sched/cls_fw.c in classifi
CVE-2023-40216 (OpenBSD 7.3 before errata 014 is missing an argument-count bounds chec ...)
TODO: check
CVE-2023-39966 (1Panel is an open source Linux server operation and maintenance manage ...)
- TODO: check
+ NOT-FOR-US: 1Panel
CVE-2023-39965 (1Panel is an open source Linux server operation and maintenance manage ...)
- TODO: check
+ NOT-FOR-US: 1Panel
CVE-2023-39964 (1Panel is an open source Linux server operation and maintenance manage ...)
- TODO: check
+ NOT-FOR-US: 1Panel
CVE-2023-39963 (Nextcloud Server provides data storage for Nextcloud, an open source c ...)
TODO: check
CVE-2023-39962 (Nextcloud Server provides data storage for Nextcloud, an open source c ...)
@@ -27,7 +27,7 @@ CVE-2023-39958 (Nextcloud Server provides data storage for Nextcloud, an open so
CVE-2023-39957 (Nextcloud Talk Android allows users to place video and audio calls thr ...)
TODO: check
CVE-2023-39955 (Notes is a note-taking app for Nextcloud, an open-source cloud platfor ...)
- TODO: check
+ NOT-FOR-US: Notes app for NextCloud
CVE-2023-39954 (user_oidc provides the OIDC connect user backend for Nextcloud, an ope ...)
TODO: check
CVE-2023-39953 (user_oidc provides the OIDC connect user backend for Nextcloud, an ope ...)
@@ -35,111 +35,111 @@ CVE-2023-39953 (user_oidc provides the OIDC connect user backend for Nextcloud,
CVE-2023-39952 (Nextcloud Server provides data storage for Nextcloud, an open source c ...)
TODO: check
CVE-2023-39806 (iCMS v7.0.16 was discovered to contain a SQL injection vulnerability v ...)
- TODO: check
+ NOT-FOR-US: iCMS
CVE-2023-39805 (iCMS v7.0.16 was discovered to contain a SQL injection vulnerability v ...)
- TODO: check
+ NOT-FOR-US: iCMS
CVE-2023-39776 (A File Upload vulnerability in PHPJabbers Ticket Support Script v3.2 a ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-39314 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38830 (An information leak in PHPJabbers Yacht Listing Script v1.0 allows att ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-38397 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Egge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-38248 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38247 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38246 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38245 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38244 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38243 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38242 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38241 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38240 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38239 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38238 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38237 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38236 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38235 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38234 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38233 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38232 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38231 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38230 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38229 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38228 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38227 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38226 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38225 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38224 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38223 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38222 (Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38210 (Adobe XMP Toolkit versions 2022.06 is affected by a Uncontrolled Resou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2023-38034 (A command injection vulnerability in the DHCP Client function of all U ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2023-37988 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Creative ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37983 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37734 (EZ softmagic MP3 Audio Converter 2.7.3.700 was discovered to contain a ...)
- TODO: check
+ NOT-FOR-US: EZ softmagic MP3 Audio Converter
CVE-2023-37625 (A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 all ...)
TODO: check
CVE-2023-37543 (Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for ...)
TODO: check
CVE-2023-37388 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sudi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37069 (Code-Projects Online Hospital Management System V1.0 is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: Code-Projects Online Hospital Management System
CVE-2023-36530 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36315 (There is a Cross Site Scripting (XSS) vulnerability in the "action" pa ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-36314 (There is a Cross Site Scripting (XSS) vulnerability in the value-text- ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-36313 (PHPJabbers Document Creator v1.0 is vulnerable to Cross Site Scripting ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-36312 (There is a Cross Site Scripting (XSS) vulnerability in the value-enum- ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-36311 (There is a SQL injection (SQLi) vulnerability in the "column" paramete ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-36310 (There is a Cross Site Scripting (XSS) vulnerability in the "column" pa ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-36309 (There is a Cross Site Scripting (XSS) vulnerability in the "action" pa ...)
- TODO: check
+ NOT-FOR-US: PHPJabbers
CVE-2023-35085 (An integer overflow vulnerability in all UniFi Access Points and Switc ...)
- TODO: check
+ NOT-FOR-US: UniFi
CVE-2023-34374 (Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Rah ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-32567 (Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2023-32566 (An attacker can send a specially crafted request which could lead to l ...)
TODO: check
CVE-2023-32565 (An attacker can send a specially crafted request which could lead to l ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1e79980dc42906ceaba3b657b1e6ef19be97415
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1e79980dc42906ceaba3b657b1e6ef19be97415
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230810/057e3bfb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list