[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 11 21:25:32 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2ecbe59d by Salvatore Bonaccorso at 2023-07-11T22:25:01+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,105 +1,105 @@
CVE-2023-3627 (Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/su ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM core
CVE-2023-3626 (A vulnerability, which was classified as critical, has been found in S ...)
- TODO: check
+ NOT-FOR-US: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System
CVE-2023-3625 (A vulnerability classified as critical was found in Suncreate Mountain ...)
- TODO: check
+ NOT-FOR-US: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System
CVE-2023-3624 (A vulnerability classified as critical has been found in Nesote Inout ...)
TODO: check
CVE-2023-3623 (A vulnerability was found in Suncreate Mountain Flood Disaster Prevent ...)
- TODO: check
+ NOT-FOR-US: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System
CVE-2023-3621 (A vulnerability was found in IBOS OA 4.5.5. It has been classified as ...)
- TODO: check
+ NOT-FOR-US: IBOS OA
CVE-2023-3620 (Cross-site Scripting (XSS) - Stored in GitHub repository amauric/tarte ...)
TODO: check
CVE-2023-3619 (A vulnerability was found in SourceCodester AC Repair and Services Sys ...)
- TODO: check
+ NOT-FOR-US: SourceCodester AC Repair and Services System
CVE-2023-3617 (A vulnerability was found in SourceCodester Best POS Management System ...)
- TODO: check
+ NOT-FOR-US: SourceCodester Best POS Management System
CVE-2023-37659 (xalpha v0.11.4 is vulnerable to Remote Command Execution (RCE).)
TODO: check
CVE-2023-37658 (fast-poster v2.15.0 is vulnerable to Cross Site Scripting (XSS). File ...)
TODO: check
CVE-2023-37657 (TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting (XSS).)
- TODO: check
+ NOT-FOR-US: TwoNav
CVE-2023-37656 (WebsiteGuide v0.2 is vulnerable to Remote Command Execution (RCE) via ...)
- TODO: check
+ NOT-FOR-US: WebsiteGuide
CVE-2023-37597 (Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0 ...)
TODO: check
CVE-2023-37596 (Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0 ...)
TODO: check
CVE-2023-37391 (Cross-Site Request Forgery (CSRF) vulnerability in WPMobilePack.Com Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37376 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37375 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37374 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37280 (Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based o ...)
- TODO: check
+ NOT-FOR-US: Pimcore Admin Classic Bundle
CVE-2023-37271 (RestrictedPython is a tool that helps to define a subset of the Python ...)
TODO: check
CVE-2023-37248 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37247 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37246 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36884 (Microsoft is investigating reports of a series of remote code executio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36874 (Windows Error Reporting Service Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36872 (VP9 Video Extensions Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36871 (Azure Active Directory Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36868 (Azure Service Fabric on Windows Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36867 (Visual Studio Code GitHub Pull Requests and Issues Extension Remote Co ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36825 (Decidim is a participatory democracy framework, written in Ruby on Rai ...)
TODO: check
CVE-2023-36824 (Redis is an in-memory database that persists on disk. In Redit 7.0 pri ...)
TODO: check
CVE-2023-36755 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36754 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36753 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36752 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36751 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36750 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36749 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36748 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36693 (Cross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez WP R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36690 (Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes WPLMS th ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-36687 (Cross-Site Request Forgery (CSRF) vulnerability in Andrea Tarantini Me ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36538 (Improper access control in Zoom Rooms before version 5.15.0 may allow ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-36537 (Improper privilege management in Zoom Rooms before version 5.14.5 may ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-36536 (Untrusted search path in the installer for Zoom Rooms before version 5 ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-36522 (Cross-Site Request Forgery (CSRF) vulnerability in WePupil Quiz Expert ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36521 (A vulnerability has been identified in SIMATIC MV540 H (All versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36390 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36389 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36386 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-36293 (SQL injection vulnerability in wmanager v.1.0.7 and before allows a re ...)
TODO: check
CVE-2023-36167 (An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ecbe59d990f6fe728a78cf76ec52a5f52a6799f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ecbe59d990f6fe728a78cf76ec52a5f52a6799f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230711/7dff2b7e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list