[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 14 12:13:50 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
629d2aaf by Salvatore Bonaccorso at 2023-03-14T13:13:24+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1269,13 +1269,13 @@ CVE-2023-27898 (Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 throug
CVE-2023-27897
RESERVED
CVE-2023-27896 (In SAP BusinessObjects Business Intelligence Platform - version 420, 4 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27895 (SAP Authenticator for Android - version 1.3.0, allows the screen to be ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27894 (SAP BusinessObjects Business Intelligence Platform (Web Services) - ve ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27893 (An attacker authenticated as a user with a non-administrative role and ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-1258
RESERVED
CVE-2023-1257 (An attacker with physical access to the affected Moxa UC Series device ...)
@@ -2413,13 +2413,13 @@ CVE-2023-27506
CVE-2023-27505
RESERVED
CVE-2023-27501 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27500 (An attacker with non-administrative authorizations can exploit a direc ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27499
RESERVED
CVE-2023-27498 (SAP Host Agent (SAPOSCOL) - version 7.22, allows an unauthenticated at ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27497
RESERVED
CVE-2023-27393
@@ -3075,13 +3075,13 @@ CVE-2023-27273
CVE-2023-27272
RESERVED
CVE-2023-27271 (In SAP BusinessObjects Business Intelligence Platform (Web Services) - ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27270 (SAP NetWeaver Application Server for ABAP and ABAP Platform - versions ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27269 (SAP NetWeaver Application Server for ABAP and ABAP Platform - versions ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27268 (SAP NetWeaver AS Java (Object Analyzing Service) - version 7.50, does ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-27267
RESERVED
CVE-2023-27266 (Mattermost fails to honor the ShowEmailAddress setting when constructi ...)
@@ -5024,15 +5024,15 @@ CVE-2023-26463
CVE-2023-26462 (ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privi ...)
NOT-FOR-US: ThingsBoard
CVE-2023-26461 (SAP NetWeaver allows (SAP Enterprise Portal) - version 7.50, allows an ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-26460 (Cache Management Service in SAP NetWeaver Application Server for Java ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-26459 (Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP P ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-26458
RESERVED
CVE-2023-26457 (SAP Content Server - version 7.53, does not sufficiently encode user-c ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-26456
RESERVED
CVE-2023-26455
@@ -7536,13 +7536,13 @@ CVE-2023-25620
CVE-2023-25619
RESERVED
CVE-2023-25618 (SAP NetWeaver Application Server for ABAP and ABAP Platform - versions ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-25617 (SAP Business Object (Adaptive Job Server) - versions 420, 430, allows ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-25616 (In some scenario, SAP Business Objects Business Intelligence Platform ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-25615 (Due to insufficient input sanitization, SAP ABAP - versions 751, 753, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-25614 (SAP NetWeaver AS ABAP (BSP Framework) application - versions 700, 701, ...)
NOT-FOR-US: SAP
CVE-2023-25613 (An LDAP Injection vulnerability exists in the LdapIdentityBackend of A ...)
@@ -10599,7 +10599,7 @@ CVE-2023-24528 (SAP Fiori apps for Travel Management in SAP ERP (My Travel Reque
CVE-2023-24527
RESERVED
CVE-2023-24526 (SAP NetWeaver Application Server Java for Classload Service - version ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-24525 (SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, ...)
NOT-FOR-US: SAP
CVE-2023-24524 (SAP S/4 HANA Map Treasury Correspondence Format Data does not perform ...)
@@ -12333,7 +12333,7 @@ CVE-2023-23859 (SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750,
CVE-2023-23858 (Due to insufficient input validation, SAP NetWeaver AS for ABAP and AB ...)
NOT-FOR-US: SAP
CVE-2023-23857 (Due to missing authentication check, SAP NetWeaver AS for Java - versi ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-23856 (In SAP BusinessObjects Business Intelligence (Web Intelligence user in ...)
NOT-FOR-US: SAP
CVE-2023-23855 (SAP Solution Manager - version 720, allows an authenticated attacker t ...)
@@ -18321,7 +18321,7 @@ CVE-2023-0023 (In SAP Bank Account Management (Manage Banks) application, when a
CVE-2023-0022 (SAP BusinessObjects Business Intelligence Analysis edition for OLAP al ...)
NOT-FOR-US: SAP
CVE-2023-0021 (Due to insufficient encoding of user input, SAP NetWeaver - versions 7 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2022-47926 (AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_ ...)
NOT-FOR-US: AyaCMS
CVE-2022-4663 (The Members Import plugin for WordPress is vulnerable to Self Cross-Si ...)
@@ -21825,7 +21825,7 @@ CVE-2022-47165
CVE-2022-47164
RESERVED
CVE-2022-47163 (Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-47162 (Cross-Site Request Forgery (CSRF) vulnerability in Dannie Herdyawan DH ...)
TODO: check
CVE-2022-47161
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/629d2aaf9e97ee59315bade07c0666111312bdd6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/629d2aaf9e97ee59315bade07c0666111312bdd6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230314/d3bd1e21/attachment.htm>
More information about the debian-security-tracker-commits
mailing list