[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Aug 18 05:42:28 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
60fb1fe3 by Salvatore Bonaccorso at 2023-08-18T06:41:31+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -26,15 +26,15 @@ CVE-2023-3697 (Printer service fails to adequately handle user input, allowing a
CVE-2023-3078 (An uncontrolled search path vulnerability was reported in the Lenovo U ...)
NOT-FOR-US: Lenovo
CVE-2023-39974 (Exposure of Sensitive Information vulnerability in AcyMailing Enterpri ...)
- TODO: check
+ NOT-FOR-US: Joomla component
CVE-2023-39973 (Improper Access Control vulnerability in AcyMailing Enterprise compone ...)
- TODO: check
+ NOT-FOR-US: Joomla component
CVE-2023-39972 (Improper Access Control vulnerability in AcyMailing Enterprise compone ...)
- TODO: check
+ NOT-FOR-US: Joomla component
CVE-2023-39971 (Improper Neutralization of Input During Web Page Generation vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Joomla component
CVE-2023-39970 (Unrestricted Upload of File with Dangerous Type vulnerability in AcyMa ...)
- TODO: check
+ NOT-FOR-US: Joomla component
CVE-2023-39743 (lrzip-next LZMA v23.01 was discovered to contain an access violation v ...)
TODO: check
CVE-2023-39741 (lrzip v0.651 was discovered to contain a heap overflow via the libzpaq ...)
@@ -43,7 +43,7 @@ CVE-2023-39741 (lrzip v0.651 was discovered to contain a heap overflow via the l
CVE-2023-38905 (SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a ...)
NOT-FOR-US: JeecgBoot
CVE-2023-38902 (An issue in RG-EW series home routers and repeaters v.EW_3.0(1)B11P204 ...)
- TODO: check
+ NOT-FOR-US: RG-EW
CVE-2023-38843 (An issue in Atlos v.1.0 allows an authenticated attacker to execute ar ...)
NOT-FOR-US: Atlos
CVE-2023-38838 (SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote ...)
@@ -111,7 +111,7 @@ CVE-2023-3244 (The Comments Like Dislike plugin for WordPress is vulnerable to u
CVE-2023-39846 (An issue in Konga v0.14.9 allows attackers to bypass authentication vi ...)
NOT-FOR-US: Konga
CVE-2023-38894 (A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before all ...)
- TODO: check
+ NOT-FOR-US: Cronvel Tree-kit
CVE-2023-35893 (IBM Security Guardium 10.6, 11.3, 11.4, and 11.5 could allow a remote ...)
NOT-FOR-US: IBM
CVE-2023-35011 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to serve ...)
@@ -1299,7 +1299,7 @@ CVE-2023-39533 (go-libp2p is the Go implementation of the libp2p Networking Stac
CVE-2023-39532 (SES is a JavaScript environment that allows safe execution of arbitrar ...)
TODO: check
CVE-2023-39518 (social-media-skeleton is an uncompleted social media project implement ...)
- TODO: check
+ NOT-FOR-US: social-media-skeleton
CVE-2023-39419 (A vulnerability has been identified in Solid Edge SE2023 (All versions ...)
NOT-FOR-US: Siemens
CVE-2023-39342 (Dangerzone is software for converting potentially dangerous PDFs, offi ...)
@@ -2175,7 +2175,7 @@ CVE-2023-38948 (An arbitrary file download vulnerability in the /c/PluginsContro
CVE-2023-38947 (An arbitrary file upload vulnerability in the /languages/install.php c ...)
NOT-FOR-US: WBCE CMS
CVE-2023-38942 (Dango-Translator v4.5.5 was discovered to contain a remote command exe ...)
- TODO: check
+ NOT-FOR-US: Dango-Translator
CVE-2023-38812
REJECTED
CVE-2023-38748 (Use after free vulnerability exists in CX-Programmer Included in CX-On ...)
@@ -18598,7 +18598,7 @@ CVE-2023-29184
CVE-2023-29183
RESERVED
CVE-2023-29182 (A stack-based buffer overflow vulnerability [CWE-121]in Fortinet Forti ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-29181
RESERVED
CVE-2023-29180
@@ -20347,7 +20347,7 @@ CVE-2023-28695 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-28694
RESERVED
CVE-2023-28693 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Balasahe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-28692
RESERVED
CVE-2023-28691
@@ -22116,9 +22116,9 @@ CVE-2023-28201 (This issue was addressed with improved state management. This is
CVE-2023-28200 (A validation issue was addressed with improved input sanitization. Thi ...)
NOT-FOR-US: Apple
CVE-2023-28199 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-28198 (A use-after-free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-28197
RESERVED
CVE-2023-28196
@@ -22156,7 +22156,7 @@ CVE-2023-28181 (The issue was addressed with improved memory handling. This issu
CVE-2023-28180 (A denial-of-service issue was addressed with improved memory handling. ...)
NOT-FOR-US: Apple
CVE-2023-28179 (The issue was addressed with improved memory handling. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-28178 (A logic issue was addressed with improved validation. This issue is fi ...)
NOT-FOR-US: Apple
CVE-2023-28177 (Memory safety bugs present in Firefox 110. Some of these bugs showed e ...)
@@ -22997,9 +22997,9 @@ CVE-2023-27950
CVE-2023-27949 (An out-of-bounds read was addressed with improved input validation. Th ...)
NOT-FOR-US: Apple
CVE-2023-27948 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-27947 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-27946 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
NOT-FOR-US: Apple
CVE-2023-27945 (This issue was addressed with improved entitlements. This issue is fix ...)
@@ -23015,7 +23015,7 @@ CVE-2023-27941 (A validation issue was addressed with improved input sanitizatio
CVE-2023-27940 (The issue was addressed with additional permissions checks. This issue ...)
NOT-FOR-US: Apple
CVE-2023-27939 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-27938 (An out-of-bounds read issue was addressed with improved input validati ...)
NOT-FOR-US: Apple
CVE-2023-27937 (An integer overflow was addressed with improved input validation. This ...)
@@ -24688,7 +24688,7 @@ CVE-2023-26591
CVE-2023-25080
RESERVED
CVE-2023-24478 (Use of insufficiently random values for some Intel Agilex(R) software ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2023-24463
RESERVED
CVE-2023-22312 (Improper access control for some Intel(R) NUC BIOS firmware may allow ...)
@@ -26850,7 +26850,7 @@ CVE-2023-26532
CVE-2023-26531
RESERVED
CVE-2023-26530 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paul Keh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-26529 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dupe ...)
NOT-FOR-US: WordPress plugin
CVE-2023-26528 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jini ...)
@@ -27053,7 +27053,7 @@ CVE-2023-26471 (XWiki Platform is a generic wiki platform. Starting in version 1
CVE-2023-26470 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
NOT-FOR-US: XWiki
CVE-2023-26469 (In Jorani 1.0.0, an attacker could leverage path traversal to access f ...)
- TODO: check
+ NOT-FOR-US: Jorani
CVE-2023-26468 (Cerebrate 1.12 does not properly consider organisation_id during creat ...)
NOT-FOR-US: Cerebrate
CVE-2023-26467 (A man in the middle can redirect traffic to a malicious server in a co ...)
@@ -27978,7 +27978,7 @@ CVE-2023-26142
CVE-2023-26141
RESERVED
CVE-2023-26140 (Versions of the package @excalidraw/excalidraw from 0.0.0 are vulnerab ...)
- TODO: check
+ NOT-FOR-US: excalidraw
CVE-2023-26139 (Versions of the package underscore-keypath from 0.0.11 are vulnerable ...)
NOT-FOR-US: Node underscore-keypath
CVE-2023-26138 (All versions of the package drogonframework/drogon are vulnerable to C ...)
@@ -28673,7 +28673,7 @@ CVE-2023-25911 (The Danfoss AK-EM100 web applications allow for OS command injec
CVE-2023-25910 (A vulnerability has been identified in SIMATIC PCS 7 (All versions), S ...)
NOT-FOR-US: Siemens
CVE-2023-0872 (The Horizon REST API includes a users endpoint in OpenMNS Horizon 31.0 ...)
- TODO: check
+ NOT-FOR-US: OpenMNS
CVE-2023-0871 (XXE injection in /rtc/post/ endpoint in OpenMNS Horizon 31.0.8 and ver ...)
NOT-FOR-US: OpenMNS
CVE-2023-0870 (A form can be manipulated with cross-site request forgery in multiple ...)
@@ -29757,7 +29757,7 @@ CVE-2023-25649
CVE-2023-25648
RESERVED
CVE-2023-25647 (There is a permission and access control vulnerability in some ZTE mob ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2023-25646
RESERVED
CVE-2023-25645 (There is a permission and access control vulnerability in some ZTE And ...)
@@ -34658,7 +34658,7 @@ CVE-2023-0419 (The Shortcode for Font Awesome WordPress plugin before 1.4.1 does
CVE-2023-0418 (The Video Central for WordPress plugin through 1.3.0 does not validate ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4894 (Certain HP and Samsung Printer software packages may potentially be vu ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2022-4893
REJECTED
CVE-2022-48279 (In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart reque ...)
@@ -43564,7 +43564,7 @@ CVE-2021-46857
CVE-2020-36616
RESERVED
CVE-2020-36615 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-36614
RESERVED
CVE-2020-36613
@@ -46191,13 +46191,13 @@ CVE-2022-46727
CVE-2022-46726
RESERVED
CVE-2022-46725 (A spoofing issue existed in the handling of URLs. This issue was addre ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-46724 (This issue was addressed by restricting options offered on a locked de ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-46723 (This issue was addressed with improved checks. This issue is fixed in ...)
NOT-FOR-US: Apple
CVE-2022-46722 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-46721
RESERVED
CVE-2022-46720 (An integer overflow was addressed with improved input validation. This ...)
@@ -46229,7 +46229,7 @@ CVE-2022-46708
CVE-2022-46707
REJECTED
CVE-2022-46706 (A type confusion issue was addressed with improved state handling. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-46705 (A spoofing issue existed in the handling of URLs. This issue was addre ...)
NOT-FOR-US: Apple
CVE-2022-46704 (A logic issue was addressed with improved state management. This issue ...)
@@ -52481,61 +52481,61 @@ CVE-2023-21294
CVE-2023-21293
RESERVED
CVE-2023-21292 (In openContentUri of ActivityManagerService.java, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21291
RESERVED
CVE-2023-21290 (In update of MmsProvider.java, there is a possible way to bypass file ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21289 (In multiple locations, there is a possible bypass of a multi user secu ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21288 (In visitUris of Notification.java, there is a possible way to reveal i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21287 (In multiple locations, there is a possible code execution due to type ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21286 (In visitUris of RemoteViews.java, there is a possible way to reveal im ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21285 (In setMetadata of MediaSessionRecord.java, there is a possible way to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21284 (In multiple functions of DevicePolicyManager.java, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21283 (In multiple functions of StatusHints.java, there is a possible way to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21282 (In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bound ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21281 (In multiple functions of KeyguardViewMediator.java, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21280 (In setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21279 (In visitUris of RemoteViews.java, there is a possible cross-user media ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21278 (In multiple locations, there is a possible way to obscure the micropho ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21277 (In visitUris of RemoteViews.java, there is a possible way to reveal im ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21276 (In writeToParcel of CursorWindow.cpp, there is a possible information ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21275 (In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivit ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21274 (In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible ou ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21273 (In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds wr ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21272 (In readFrom of Uri.java, there is a possible bad URI permission grant ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21271 (In parseInputs of ShimPreparedModel.cpp, there is a possible out of bo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21270
RESERVED
CVE-2023-21269 (In startActivityInner of ActivityStarter.java, there is a possible way ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21268 (In update of MmsProvider.java, there is a possible way to change direc ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21267 (In doKeyguardLocked of KeyguardViewMediator.java, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21266
RESERVED
CVE-2023-21265 (In multiple locations, there are root CA certificates which need to be ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21264 (In multiple functions of mem_protect.c, there is a possible way to acc ...)
- linux 6.3.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -52587,7 +52587,7 @@ CVE-2023-21244
CVE-2023-21243 (In validateForCommonR1andR2 of PasspointConfiguration.java, there is a ...)
NOT-FOR-US: Android
CVE-2023-21242 (In isServerCertChainValid of InsecureEapNetworkHandler.java, there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21241 (In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bound ...)
NOT-FOR-US: Android
CVE-2023-21240 (In Policy of Policy.java, there is a possible boot loop due to resourc ...)
@@ -52601,19 +52601,19 @@ CVE-2023-21237 (In applyRemoteView of NotificationContentInflater.java, there is
CVE-2023-21236 (In aoc_service_set_read_blocked of aoc.c, there is a possible out of b ...)
NOT-FOR-US: Android
CVE-2023-21235 (In onCreate of LockSettingsActivity.java, there is a possible way set ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21234 (In launchConfirmationActivity of ChooseLockSettingsHelper.java, there ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21233 (In multiple locations of avrc, there is a possible leak of heap data d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21232 (In multiple locations, there is a possible way to retrieve sensor data ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21231 (In getIntentForButton of ButtonManager.java, there is a possible way f ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21230 (In onAccessPointChanged of AccessPointPreference.java, there is a poss ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21229 (In registerServiceLocked of ManagedServices.java, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21228
RESERVED
CVE-2023-21227
@@ -52791,7 +52791,7 @@ CVE-2023-21142 (In multiple files, there is a possible way to access traces in t
CVE-2023-21141 (In several functions of several files, there is a possible way to acce ...)
NOT-FOR-US: Android
CVE-2023-21140 (In onCreate of ManagePermissionsActivity.java, there is a possible way ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21139 (In bindPlayer of MediaControlPanel.java, there is a possible launch ar ...)
NOT-FOR-US: Android
CVE-2023-21138 (In onNullBinding of CallRedirectionProcessor.java, there is a possible ...)
@@ -52803,11 +52803,11 @@ CVE-2023-21136 (In multiple functions of JobStore.java, there is a possible way
CVE-2023-21135 (In onCreate of NotificationAccessSettings.java, there is a possible fa ...)
NOT-FOR-US: Android
CVE-2023-21134 (In onCreate of ManagePermissionsActivity.java, there is a possible way ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21133 (In onCreate of ManagePermissionsActivity.java, there is a possible way ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21132 (In onCreate of ManagePermissionsActivity.java, there is a possible way ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21131 (In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, t ...)
NOT-FOR-US: Android
CVE-2023-21130 (In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possib ...)
@@ -53149,7 +53149,7 @@ CVE-2023-20967 (In avdt_scb_hdl_pkt_no_frag of avdt_scb_act.cc, there is a possi
CVE-2023-20966 (In inflate of inflate.c, there is a possible out of bounds write due t ...)
NOT-FOR-US: Android
CVE-2023-20965 (In processMessageImpl of ClientModeImpl.java, there is a possible cred ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-20964 (In multiple functions of MediaSessionRecord.java, there is a possible ...)
NOT-FOR-US: Android
CVE-2023-20963 (In WorkSource, there is a possible parcel mismatch. This could lead to ...)
@@ -55880,7 +55880,7 @@ CVE-2023-20557
CVE-2023-20556 (Insufficient validation of the IOCTL (Input Output Control) input buff ...)
NOT-FOR-US: AMD
CVE-2023-20555 (Insufficient input validation in CpmDisplayFeatureSmm may allow an att ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2023-20554
RESERVED
CVE-2023-20553
@@ -56508,7 +56508,7 @@ CVE-2023-20244
CVE-2023-20243
RESERVED
CVE-2023-20242 (A vulnerability in the web-based management interface of Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20241
RESERVED
CVE-2023-20240
@@ -56518,7 +56518,7 @@ CVE-2023-20239
CVE-2023-20238
RESERVED
CVE-2023-20237 (A vulnerability in Cisco Intersight Virtual Appliance could allow an u ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20236
RESERVED
CVE-2023-20235
@@ -56528,15 +56528,15 @@ CVE-2023-20234
CVE-2023-20233
RESERVED
CVE-2023-20232 (A vulnerability in the Tomcat implementation for Cisco Unified Contact ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20231
RESERVED
CVE-2023-20230
RESERVED
CVE-2023-20229 (A vulnerability in the CryptoService function of Cisco Duo Device Heal ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20228 (A vulnerability in the web-based management interface of Cisco Integra ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20227
RESERVED
CVE-2023-20226
@@ -56544,13 +56544,13 @@ CVE-2023-20226
CVE-2023-20225
RESERVED
CVE-2023-20224 (A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Vir ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20223
RESERVED
CVE-2023-20222 (A vulnerability in the web-based management interface of Cisco Prime I ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20221 (A vulnerability in the web-based management interface of Cisco IP Phon ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20220
RESERVED
CVE-2023-20219
@@ -56558,7 +56558,7 @@ CVE-2023-20219
CVE-2023-20218 (A vulnerability in web-based management interface of Cisco SPA500 Seri ...)
NOT-FOR-US: Cisco
CVE-2023-20217 (A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Vir ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20216 (A vulnerability in the privilege management functionality of all Cisco ...)
NOT-FOR-US: Cisco
CVE-2023-20215 (A vulnerability in the scanning engines of Cisco AsyncOS Software for ...)
@@ -56570,11 +56570,11 @@ CVE-2023-20213
CVE-2023-20212
RESERVED
CVE-2023-20211 (A vulnerability in the web-based management interface of Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20210 (A vulnerability in Cisco BroadWorks could allow an authenticated, loca ...)
NOT-FOR-US: Cisco
CVE-2023-20209 (A vulnerability in the web-based management interface of Cisco Express ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20208
RESERVED
CVE-2023-20207 (A vulnerability in the logging component of Cisco Duo Authentication P ...)
@@ -56582,15 +56582,15 @@ CVE-2023-20207 (A vulnerability in the logging component of Cisco Duo Authentica
CVE-2023-20206
RESERVED
CVE-2023-20205 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20204 (A vulnerability in the web-based management interface of Cisco BroadWo ...)
NOT-FOR-US: Cisco
CVE-2023-20203 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20202
RESERVED
CVE-2023-20201 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20200
RESERVED
CVE-2023-20199 (A vulnerability in Cisco Duo Two-Factor Authentication for macOS could ...)
@@ -56770,7 +56770,7 @@ CVE-2023-20113 (A vulnerability in the web-based management interface of Cisco S
CVE-2023-20112 (A vulnerability in Cisco access point (AP) software could allow an una ...)
NOT-FOR-US: Cisco
CVE-2023-20111 (A vulnerability in the web-based management interface of Cisco Identit ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20110 (A vulnerability in the web-based management interface of Cisco Smart S ...)
NOT-FOR-US: Cisco
CVE-2023-20109
@@ -56965,7 +56965,7 @@ CVE-2023-20019 (A vulnerability in the web-based management interface of Cisco B
CVE-2023-20018 (A vulnerability in the web-based management interface of Cisco IP Phon ...)
NOT-FOR-US: Cisco
CVE-2023-20017 (Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20016 (A vulnerability in the backup configuration feature of Cisco UCS Manag ...)
NOT-FOR-US: Cisco
CVE-2023-20015 (A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firep ...)
@@ -56973,7 +56973,7 @@ CVE-2023-20015 (A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco
CVE-2023-20014 (A vulnerability in the DNS functionality of Cisco Nexus Dashboard Soft ...)
NOT-FOR-US: Cisco
CVE-2023-20013 (Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2023-20012 (A vulnerability in the CLI console login authentication of Cisco Nexus ...)
NOT-FOR-US: Cisco
CVE-2023-20011 (A vulnerability in the web-based management interface of Cisco Applica ...)
@@ -60430,7 +60430,7 @@ CVE-2022-42830 (The issue was addressed with improved memory handling. This issu
CVE-2022-42829 (A use after free issue was addressed with improved memory management. ...)
NOT-FOR-US: Apple
CVE-2022-42828 (The issue was addressed with improved memory handling. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-42827 (An out-of-bounds write issue was addressed with improved bounds checki ...)
NOT-FOR-US: Apple
CVE-2022-42826 (A use after free issue was addressed with improved memory management. ...)
@@ -87352,7 +87352,7 @@ CVE-2022-32878
CVE-2022-32877 (A configuration issue was addressed with additional restrictions. This ...)
NOT-FOR-US: Apple
CVE-2022-32876 (A logic issue was addressed with improved restrictions. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-32875 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
CVE-2022-32874
@@ -105687,7 +105687,7 @@ CVE-2022-26700 (A memory corruption issue was addressed with improved state mana
- wpewebkit 2.36.3-1
NOTE: https://webkitgtk.org/security/WSA-2022-0005.html
CVE-2022-26699 (A logic issue was addressed with improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-26698 (An out-of-bounds read issue was addressed with improved bounds checkin ...)
NOT-FOR-US: Apple
CVE-2022-26697 (An out-of-bounds read issue was addressed with improved input validati ...)
@@ -119412,7 +119412,7 @@ CVE-2022-22657 (A memory initialization issue was addressed with improved memory
CVE-2022-22656 (An authentication issue was addressed with improved state management. ...)
NOT-FOR-US: Apple
CVE-2022-22655 (An access issue was addressed with improvements to the sandbox. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-22654 (A user interface issue was addressed. This issue is fixed in watchOS 8 ...)
NOT-FOR-US: Apple
CVE-2022-22653 (A logic issue was addressed with improved restrictions. This issue is ...)
@@ -119430,7 +119430,7 @@ CVE-2022-22648 (This issue was addressed with improved checks. This issue is fix
CVE-2022-22647 (This issue was addressed with improved checks. This issue is fixed in ...)
NOT-FOR-US: Apple
CVE-2022-22646 (This issue was addressed by removing the vulnerable code. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2022-22645
REJECTED
CVE-2022-22644 (A privacy issue existed in the handling of Contact cards. This was add ...)
@@ -169523,7 +169523,7 @@ CVE-2021-29380
CVE-2021-29379 (An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. ...)
NOT-FOR-US: D-Link
CVE-2021-29378 (SQL Injection in pear-admin-think version 2.1.2, allows attackers to e ...)
- TODO: check
+ NOT-FOR-US: pear-admin-think
CVE-2021-29377 (Pear Admin Think through 2.1.2 has an arbitrary file upload vulnerabil ...)
NOT-FOR-US: Pear Admin Think
CVE-2021-29376 (ircII before 20210314 allows remote attackers to cause a denial of ser ...)
@@ -209634,7 +209634,7 @@ CVE-2020-26039
CVE-2020-26038
RESERVED
CVE-2020-26037 (Directory Traversal vulnerability in Server functionalty in Even Balan ...)
- TODO: check
+ NOT-FOR-US: Even Balance Punkbuster
CVE-2020-26036
RESERVED
CVE-2020-26035 (An issue was discovered in Zammad before 3.4.1. There is Stored XSS vi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60fb1fe3b7d679a1f635ddbb58adde46ee43ce28
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60fb1fe3b7d679a1f635ddbb58adde46ee43ce28
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230818/8e755d98/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list