[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 26 14:07:41 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92153217 by Salvatore Bonaccorso at 2023-07-26T15:07:13+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,13 +7,13 @@ CVE-2023-3945 (A vulnerability was found in phpscriptpoint Lawyer 1.6. It has be
CVE-2023-3944 (A vulnerability was found in phpscriptpoint Lawyer 1.6 and classified ...)
NOT-FOR-US: phpscriptpoint
CVE-2023-3897 (Username enumeration is possible through Bypassing CAPTCHA in On-premi ...)
- TODO: check
+ NOT-FOR-US: On-premise SureMDM Solution
CVE-2023-3890 (A vulnerability classified as problematic has been found in Campcodes ...)
NOT-FOR-US: Campcodes Beauty Salon Management System
CVE-2023-3548 (An unauthorized user could gain account access to IQ Wifi 6 versions p ...)
TODO: check
CVE-2023-3486 (An authentication bypass exists in PaperCut NG versions 22.0.12 and pr ...)
- TODO: check
+ NOT-FOR-US: PaperCut NG
CVE-2023-39175 (In JetBrains TeamCity before 2023.05.2 reflected XSS via GitHub integr ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2023-39174 (In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via ...)
@@ -33,9 +33,9 @@ CVE-2023-39128 (GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a s
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=30639
TODO: check details
CVE-2023-38555 (Authentication bypass vulnerability in Fujitsu network devices Si-R se ...)
- TODO: check
+ NOT-FOR-US: Fujitsu network devices
CVE-2023-38503 (Directus is a real-time API and App dashboard for managing SQL databas ...)
- TODO: check
+ NOT-FOR-US: Directus
CVE-2023-38502 (TDengine is an open source, time-series database optimized for Interne ...)
TODO: check
CVE-2023-38501 (copyparty is file server software. Prior to version 1.8.7, the applica ...)
@@ -49,9 +49,9 @@ CVE-2023-38496 (Apptainer is an open source container platform. Version 1.2.0-rc
CVE-2023-38493 (Armeria is a microservice framework Spring supports Matrix variables. ...)
TODO: check
CVE-2023-38435 (An improper neutralization of input during web page generation ('Cross ...)
- TODO: check
+ NOT-FOR-US: Apache Felix Healthcheck Webconsole Plugin
CVE-2023-38433 (Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded c ...)
- TODO: check
+ NOT-FOR-US: Fujitsu
CVE-2023-37920 (Certifi is a curated collection of Root Certificates for validating th ...)
TODO: check
CVE-2023-37919 (Cal.com is open-source scheduling software. A vulnerability allows act ...)
@@ -59,9 +59,9 @@ CVE-2023-37919 (Cal.com is open-source scheduling software. A vulnerability allo
CVE-2023-37907 (Cryptomator is data encryption software for users who store their file ...)
TODO: check
CVE-2023-37902 (Vyper is a Pythonic programming language that targets the Ethereum Vir ...)
- TODO: check
+ NOT-FOR-US: Vyper
CVE-2023-37677 (Pligg CMS v2.0.2 (also known as Kliqqi) was discovered to contain a re ...)
- TODO: check
+ NOT-FOR-US: Pligg CMS
CVE-2023-37460 (Plexis Archiver is a collection of Plexus components to create archive ...)
TODO: check
CVE-2023-37258 (DataEase is an open source data visualization analysis tool. Prior to ...)
@@ -73,19 +73,19 @@ CVE-2023-36826 (Sentry is an error tracking and performance monitoring platform.
CVE-2023-36806 (Contao is an open source content management system. Starting in versio ...)
TODO: check
CVE-2023-36503 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Max F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36502 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36501 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36385 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpxpo Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35982 (There are buffer overflow vulnerabilities in multiple underlying servi ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-35981 (There are buffer overflow vulnerabilities in multiple underlying servi ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-35980 (There are buffer overflow vulnerabilities in multiple underlying servi ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2023-35944 (Envoy is an open source edge and service proxy designed for cloud-nati ...)
TODO: check
CVE-2023-35943 (Envoy is an open source edge and service proxy designed for cloud-nati ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92153217123d48c77df187fffd7b3e1428494c5a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92153217123d48c77df187fffd7b3e1428494c5a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230726/b7115943/attachment.htm>
More information about the debian-security-tracker-commits
mailing list