[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 7 13:45:16 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6364c44f by Salvatore Bonaccorso at 2023-03-07T14:44:47+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -741,7 +741,7 @@ CVE-2022-4930 (A vulnerability classified as problematic was found in nuxsmin sy
CVE-2017-20181 (A vulnerability classified as critical was found in hgzojer Vocable Tr ...)
NOT-FOR-US: hgzojer Vocable Trainer
CVE-2017-20180 (A vulnerability classified as critical has been found in Zerocoin libz ...)
- TODO: check
+ NOT-FOR-US: Zerocoin libzerocoin
CVE-2015-10095 (A vulnerability classified as problematic has been found in woo-popup ...)
NOT-FOR-US: WordPress plugin
CVE-2015-10094 (A vulnerability was found in Fastly Plugin up to 0.97. It has been rat ...)
@@ -1141,7 +1141,7 @@ CVE-2023-27474 (Directus is a real-time API and App dashboard for managing SQL d
CVE-2023-27473
RESERVED
CVE-2023-27472 (quickentity-editor-next is an open source, system local, video game as ...)
- TODO: check
+ NOT-FOR-US: quickentity-editor-next
CVE-2023-27471
RESERVED
CVE-2023-27470
@@ -2415,7 +2415,7 @@ CVE-2023-26951
CVE-2023-26950
RESERVED
CVE-2023-26949 (An arbitrary file upload vulnerability in the component /admin1/config ...)
- TODO: check
+ NOT-FOR-US: onekeyadmin
CVE-2023-26948
RESERVED
CVE-2023-26947
@@ -3122,9 +3122,9 @@ CVE-2022-48363 (In MPD before 0.23.8, as used on Automotive Grade Linux and othe
CVE-2023-26602 (ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to ex ...)
NOT-FOR-US: ASUS ASMB8 iKVM firmware
CVE-2023-26601 (Zoho ManageEngine ServiceDesk Plus through 14104, Asset Explorer throu ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2023-26600 (ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus MSP thro ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2023-26599
RESERVED
CVE-2023-26598
@@ -7372,7 +7372,7 @@ CVE-2023-25171 (Kiwi TCMS, an open source test management system, does not impos
CVE-2023-25170
RESERVED
CVE-2023-25169 (discourse-yearly-review is a discourse plugin which publishes an autom ...)
- TODO: check
+ NOT-FOR-US: Discourse plugin
CVE-2023-25168 (Wings is Pterodactyl's server control plane. This vulnerability can be ...)
NOT-FOR-US: Wings
CVE-2023-25167 (Discourse is an open source discussion platform. In affected versions ...)
@@ -8419,7 +8419,7 @@ CVE-2023-24778
CVE-2023-24777
RESERVED
CVE-2023-24776 (Funadmin v3.2.0 was discovered to contain a remote code execution (RCE ...)
- TODO: check
+ NOT-FOR-US: Funadmin
CVE-2023-24775
RESERVED
CVE-2023-24774
@@ -8445,7 +8445,7 @@ CVE-2023-24765
CVE-2023-24764
RESERVED
CVE-2023-24763 (In the module "Xen Forum" (xenforum) for PrestaShop, an authenticated ...)
- TODO: check
+ NOT-FOR-US: PrestaShop module
CVE-2023-24762
RESERVED
CVE-2023-24761
@@ -8518,15 +8518,15 @@ CVE-2023-24739
CVE-2023-24738
RESERVED
CVE-2023-24737 (PMB v7.4.6 was discovered to contain a reflected cross-site scripting ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24736 (PMB v7.4.6 was discovered to contain a remote code execution (RCE) vul ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24735 (PMB v7.4.6 was discovered to contain an open redirect vulnerability vi ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24734 (An arbitrary file upload vulnerability in the camera_upload.php compon ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24733 (PMB v7.4.6 was discovered to contain a reflected cross-site scripting ...)
- TODO: check
+ NOT-FOR-US: PMB
CVE-2023-24732
RESERVED
CVE-2023-24731
@@ -9994,7 +9994,7 @@ CVE-2023-24219 (LuckyframeWEB v3.5 was discovered to contain a SQL injection vul
CVE-2023-24218
RESERVED
CVE-2023-24217 (AgileBio Electronic Lab Notebook v4.234 was discovered to contain a lo ...)
- TODO: check
+ NOT-FOR-US: AgileBio Electronic Lab Notebook
CVE-2023-24216
RESERVED
CVE-2023-24215
@@ -14701,7 +14701,7 @@ CVE-2023-22666
CVE-2023-0094
RESERVED
CVE-2023-0093 (Okta Advanced Server Access Client versions 1.13.1 through 1.65.0 are ...)
- TODO: check
+ NOT-FOR-US: Okta Advanced Server Access Client
CVE-2023-0092
RESERVED
CVE-2023-0090
@@ -15533,7 +15533,7 @@ CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and re
CVE-2023-22482 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
NOT-FOR-US: Argo CD
CVE-2023-22481 (FreshRSS is a self-hosted RSS feed aggregator. When using the greader ...)
- TODO: check
+ NOT-FOR-US: FreshRSS
CVE-2023-22480 (KubeOperator is an open source Kubernetes distribution focused on help ...)
NOT-FOR-US: KubeOperator
CVE-2023-22479 (KubePi is a modern Kubernetes panel. A session fixation attack allows ...)
@@ -37365,7 +37365,7 @@ CVE-2022-42250 (Simple Cold Storage Management System v1.0 is vulnerable to SQL
CVE-2022-42249 (Simple Cold Storage Management System v1.0 is vulnerable to SQL inject ...)
NOT-FOR-US: Simple Cold Storage Management System
CVE-2022-42248 (QlikView 12.60.2 was discovered to contain a stored cross-site scripti ...)
- TODO: check
+ NOT-FOR-US: QlikView
CVE-2022-42247 (pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) ...)
NOT-FOR-US: pfSense
CVE-2022-42246 (Doufox 0.0.4 contains a CSRF vulnerability that can add system adminis ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6364c44f5e8084baf0d621c904ca0235a1e6796e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6364c44f5e8084baf0d621c904ca0235a1e6796e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230307/657b0add/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list