[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jan 19 17:17:09 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d14b103f by Moritz Muehlenhoff at 2023-01-19T18:16:45+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49,9 +49,9 @@ CVE-2023-23837
CVE-2023-23836
RESERVED
CVE-2023-0397 (A malicious / defect bluetooth controller can cause a Denial of Servic ...)
- TODO: check
+ NOT-FOR-US: Zephyr
CVE-2023-0396 (A malicious / defective bluetooth controller can cause buffer overread ...)
- TODO: check
+ NOT-FOR-US: Zephyr
CVE-2023-0395
RESERVED
CVE-2023-0393
@@ -286,7 +286,7 @@ CVE-2022-46302
CVE-2022-43440
RESERVED
CVE-2021-4314 (It is possible to manipulate the JWT token without the knowledge of th ...)
- TODO: check
+ NOT-FOR-US: Zowe
CVE-2017-20174
RESERVED
CVE-2015-10070
@@ -392,7 +392,7 @@ CVE-2023-0344
CVE-2023-0343
RESERVED
CVE-2010-10009 (A vulnerability was found in frioux ptome. It has been rated as critic ...)
- TODO: check
+ NOT-FOR-US: frioux ptome
CVE-2023-23753
RESERVED
CVE-2023-23752
@@ -512,9 +512,9 @@ CVE-2023-0340
CVE-2023-0339
RESERVED
CVE-2023-0338 (Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/d ...)
- TODO: check
+ NOT-FOR-US: lirantal/daloradius
CVE-2023-0337 (Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/d ...)
- TODO: check
+ NOT-FOR-US: lirantal/daloradius
CVE-2023-0336
RESERVED
CVE-2023-0335
@@ -532,11 +532,11 @@ CVE-2020-36653 (A vulnerability was found in GENI Portal. It has been rated as p
CVE-2017-20173 (A vulnerability was found in AlexRed contentmap. It has been rated as ...)
NOT-FOR-US: AlexRed contentmap
CVE-2017-20172 (A vulnerability was found in ridhoq soundslike. It has been classified ...)
- TODO: check
+ NOT-FOR-US: ridhoq soundslike
CVE-2015-10068 (A vulnerability classified as critical was found in danynab movify-j. ...)
- TODO: check
+ NOT-FOR-US: danynab movify-j
CVE-2012-10006 (A vulnerability classified as critical has been found in ale7714 sigep ...)
- TODO: check
+ NOT-FOR-US: ale7714
CVE-2011-10001 (A vulnerability was found in iamdroppy phoenixcf. It has been declared ...)
NOT-FOR-US: iamdroppy phoenixcf
CVE-2010-10008 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in simplesam ...)
@@ -686,25 +686,25 @@ CVE-2022-48261
CVE-2020-36652
RESERVED
CVE-2020-36651 (A vulnerability has been found in youngerheart nodeserver and classifi ...)
- TODO: check
+ NOT-FOR-US: youngerheart nodeserver
CVE-2018-25077 (A vulnerability was found in melnaron mel-spintax. It has been rated a ...)
- TODO: check
+ NOT-FOR-US: melnaron mel-spintax
CVE-2017-20171 (A vulnerability classified as critical has been found in PrivateSky ap ...)
- TODO: check
+ NOT-FOR-US: PrivateSky
CVE-2015-10067 (A vulnerability was found in oznetmaster SSharpSmartThreadPool. It has ...)
- TODO: check
+ NOT-FOR-US: oznetmaster SSharpSmartThreadPool
CVE-2015-10066 (A vulnerability was found in tynx wuersch and classified as critical. ...)
- TODO: check
+ NOT-FOR-US: tynx wuersch
CVE-2015-10065 (A vulnerability classified as critical was found in AenBleidd FiND. Th ...)
- TODO: check
+ NOT-FOR-US: AenBleidd FiND
CVE-2014-125082 (A vulnerability was found in nivit redports. It has been declared as c ...)
- TODO: check
+ NOT-FOR-US: nivit redports
CVE-2014-125081 (A vulnerability, which was classified as critical, has been found in r ...)
- TODO: check
+ NOT-FOR-US: risheesh debutsav
CVE-2010-10007 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in lierdakil ...)
- TODO: check
+ NOT-FOR-US: lierdakil click-reminder
CVE-2010-10006 (A vulnerability, which was classified as problematic, was found in mic ...)
- TODO: check
+ NOT-FOR-US: michaelliao jopenid
CVE-2023-23637 (IMPatienT before 1.5.2 allows stored XSS via onmouseover in certain te ...)
NOT-FOR-US: IMPatienT
CVE-2023-23636
@@ -849,27 +849,27 @@ CVE-2023-0318
CVE-2023-0317
RESERVED
CVE-2022-4891 (A vulnerability has been found in Sisimai up to 4.25.14p11 and classif ...)
- TODO: check
+ NOT-FOR-US: Sisimai
CVE-2017-20170 (A vulnerability was found in ollpu parontalli. It has been classified ...)
NOT-FOR-US: ollpu parontalli
CVE-2016-15021 (A vulnerability was found in nickzren alsdb. It has been rated as crit ...)
NOT-FOR-US: nickzren alsdb
CVE-2015-10064 (A vulnerability was found in VictorFerraresi pokemon-database-php. It ...)
- TODO: check
+ NOT-FOR-US: pokemon-database-php
CVE-2015-10063 (A vulnerability was found in saemorris TheRadSystem and classified as ...)
NOT-FOR-US: saemorris TheRadSystem
CVE-2015-10062 (A vulnerability, which was classified as problematic, was found in gal ...)
- TODO: check
+ NOT-FOR-US: galaxy-data-resource
CVE-2015-10061 (A vulnerability was found in evandro-machado Trabalho-Web2. It has bee ...)
- TODO: check
+ NOT-FOR-US: Trabalho-Web2.
CVE-2015-10060 (A vulnerability was found in MNBikeways database and classified as cri ...)
- TODO: check
+ NOT-FOR-US: MNBikeways
CVE-2015-10059 (A vulnerability has been found in s134328 Webapplication-Veganguide an ...)
- TODO: check
+ NOT-FOR-US: Webapplication-Veganguide
CVE-2015-10058 (A vulnerability, which was classified as problematic, was found in Wik ...)
- TODO: check
+ NOT-FOR-US: Wikisource Category Browser
CVE-2013-10013 (A vulnerability was found in Bricco Authenticator Plugin. It has been ...)
- TODO: check
+ NOT-FOR-US: Bricco Authenticator Plugin
CVE-2023-0316 (Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor pr ...)
- froxlor <itp> (bug #581792)
CVE-2023-0315 (Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8. ...)
@@ -1014,7 +1014,7 @@ CVE-2023-0292
CVE-2023-0291
RESERVED
CVE-2023-0290 (Rapid7 Velociraptor did not properly sanitize the client ID parameter ...)
- TODO: check
+ NOT-FOR-US: Rapid7
CVE-2023-0289 (Cross-site Scripting (XSS) - Stored in GitHub repository craigk5n/webc ...)
NOT-FOR-US: craigk5n/webcalendar
CVE-2023-0288 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ...)
@@ -1391,7 +1391,7 @@ CVE-2023-0244 (A vulnerability classified as critical was found in TuziCMS 2.0.6
CVE-2023-0243 (A vulnerability classified as critical has been found in TuziCMS 2.0.6 ...)
NOT-FOR-US: TuziCMS
CVE-2023-0242 (Rapid7 Velociraptor allows users to be created with different privileg ...)
- TODO: check
+ NOT-FOR-US: Rapid7
CVE-2023-0241
RESERVED
CVE-2023-0240
@@ -2196,7 +2196,7 @@ CVE-2023-0216
CVE-2023-0215
RESERVED
CVE-2023-0214 (A cross-site scripting vulnerability in Skyhigh SWG in main releases 1 ...)
- TODO: check
+ NOT-FOR-US: Skyhigh SWG
CVE-2023-0213
RESERVED
CVE-2023-0212
@@ -2670,7 +2670,7 @@ CVE-2023-0166
CVE-2023-0165
RESERVED
CVE-2023-0164 (OrangeScrum version 2.0.11 allows an authenticated external attacker t ...)
- TODO: check
+ NOT-FOR-US: OrangeScrum
CVE-2022-48253 (nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that m ...)
NOT-FOR-US: Nostromo webserver
CVE-2022-48252 (The jokob-sk/Pi.Alert fork (before 22.12.20) of Pi.Alert allows Remote ...)
@@ -2735,7 +2735,7 @@ CVE-2023-0160
CVE-2023-0159
RESERVED
CVE-2023-0158 (NLnet Labs Krill supports direct access to the RRDP repository content ...)
- TODO: check
+ NOT-FOR-US: NLnet Labs Krill
CVE-2023-0157
RESERVED
CVE-2023-0156
@@ -3459,21 +3459,21 @@ CVE-2023-22736
CVE-2023-22735
RESERVED
CVE-2023-22734 (Shopware is an open source commerce platform based on Symfony Framewor ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2023-22733 (Shopware is an open source commerce platform based on Symfony Framewor ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2023-22732 (Shopware is an open source commerce platform based on Symfony Framewor ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2023-22731 (Shopware is an open source commerce platform based on Symfony Framewor ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2023-22730 (Shopware is an open source commerce platform based on Symfony Framewor ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2023-22729
RESERVED
CVE-2023-22728
RESERVED
CVE-2023-22727 (CakePHP is a development framework for PHP web apps. In affected versi ...)
- TODO: check
+ NOT-FOR-US: CakePHP
CVE-2023-22726
RESERVED
CVE-2023-22725
@@ -3825,7 +3825,7 @@ CVE-2023-22626 (PgHero before 3.1.0 allows Information Disclosure via EXPLAIN be
CVE-2023-22625
RESERVED
CVE-2023-22624 (Zoho ManageEngine Exchange Reporter Plus before 5708 allows attackers ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2023-22623
RESERVED
CVE-2023-22622 (WordPress through 6.1.1 depends on unpredictable client visits to caus ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d14b103fc2f90764e1ef4a807fa643888dad3e22
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d14b103fc2f90764e1ef4a807fa643888dad3e22
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230119/0a1b5aaf/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list