[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 17 21:33:12 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6327991e by Salvatore Bonaccorso at 2023-08-17T22:32:44+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4,17 +4,17 @@ CVE-2023-4394 (A use-after-free flaw was found in btrfs_get_dev_args_from_path i
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9ea0106a7a3d8116860712e3f17cd52ce99f6707 (6.0-rc3)
CVE-2023-4030 (A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-4029 (A buffer overflow has been identified in the BoardUpdateAcpiDxe driver ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-4028 (A buffer overflow has been identified in the SystemUserMasterHddPwdDxe ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-40315 (In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related ...)
- TODO: check
+ NOT-FOR-US: OpenMNS
CVE-2023-40313 (A BeanShell interpreter in remote server mode runs in OpenMNS Horizon ...)
- TODO: check
+ NOT-FOR-US: OpenMNS
CVE-2023-40272 (Apache Airflow Spark Provider, versions before 4.1.3, is affected by a ...)
- TODO: check
+ NOT-FOR-US: Apache Airflow Spark Provider
CVE-2023-40168 (TurboWarp is a desktop application that compiles scratch projects to J ...)
TODO: check
CVE-2023-40165 (rubygems.org is the Ruby community's primary gem (library) hosting ser ...)
@@ -24,7 +24,7 @@ CVE-2023-3698 (Printer service fails to adequately handle user input, allowing a
CVE-2023-3697 (Printer service fails to adequately handle user input, allowing an rem ...)
TODO: check
CVE-2023-3078 (An uncontrolled search path vulnerability was reported in the Lenovo U ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2023-39974 (Exposure of Sensitive Information vulnerability in AcyMailing Enterpri ...)
TODO: check
CVE-2023-39973 (Improper Access Control vulnerability in AcyMailing Enterprise compone ...)
@@ -40,15 +40,15 @@ CVE-2023-39743 (lrzip-next LZMA v23.01 was discovered to contain an access viola
CVE-2023-39741 (lrzip v0.651 was discovered to contain a heap overflow via the libzpaq ...)
TODO: check
CVE-2023-38905 (SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a ...)
- TODO: check
+ NOT-FOR-US: JeecgBoot
CVE-2023-38902 (An issue in RG-EW series home routers and repeaters v.EW_3.0(1)B11P204 ...)
TODO: check
CVE-2023-38843 (An issue in Atlos v.1.0 allows an authenticated attacker to execute ar ...)
- TODO: check
+ NOT-FOR-US: Atlos
CVE-2023-38838 (SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote ...)
- TODO: check
+ NOT-FOR-US: Kidus Minimati
CVE-2023-37914 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2023-36847 (A Missing Authentication for Critical Function vulnerability in Junipe ...)
TODO: check
CVE-2023-36846 (A Missing Authentication for Critical Function vulnerability in Junipe ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6327991e0ad5df775eb76598f5bd79491e28a0d9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6327991e0ad5df775eb76598f5bd79491e28a0d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230817/302fb3f7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list