[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 4 09:40:43 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
593b80ad by Salvatore Bonaccorso at 2023-05-04T10:40:18+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3467,9 +3467,9 @@ CVE-2023-30207
CVE-2023-30206
RESERVED
CVE-2023-30205 (A stored cross-site scripting (XSS) vulnerability in DouPHP v1.7 allow ...)
- TODO: check
+ NOT-FOR-US: DouPHP
CVE-2023-30204 (Judging Management System v1.0 was discovered to contain a SQL injecti ...)
- TODO: check
+ NOT-FOR-US: Judging Management System
CVE-2023-30203
RESERVED
CVE-2023-30202
@@ -3724,7 +3724,7 @@ CVE-2023-30079
CVE-2023-30078
RESERVED
CVE-2023-30077 (Judging Management System v1.0 by oretnom23 was discovered to vulnerab ...)
- TODO: check
+ NOT-FOR-US: Judging Management System
CVE-2023-30076 (Sourcecodester Judging Management System v1.0 is vulnerable to SQL Inj ...)
NOT-FOR-US: Sourcecodester Judging Management System
CVE-2023-30075
@@ -4195,7 +4195,7 @@ CVE-2023-29844
CVE-2023-29843
RESERVED
CVE-2023-29842 (ChirchCRm 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQ ...)
- TODO: check
+ NOT-FOR-US: ChirchCRm
CVE-2023-29841
RESERVED
CVE-2023-29840
@@ -10180,7 +10180,7 @@ CVE-2023-28001
CVE-2023-28000
RESERVED
CVE-2023-27999 (An improper neutralization of special elements used in an OS command v ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-27998
RESERVED
CVE-2023-27997
@@ -10192,7 +10192,7 @@ CVE-2023-27995 (A improper neutralization of special elements used in a template
CVE-2023-27994
RESERVED
CVE-2023-27993 (A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-27992
RESERVED
CVE-2023-27991 (The post-authentication command injection vulnerability in the CLI com ...)
@@ -11485,7 +11485,7 @@ CVE-2023-27570 (The eo_tags package before 1.4.19 for PrestaShop allows SQL inje
CVE-2023-27569 (The eo_tags package before 1.3.0 for PrestaShop allows SQL injection v ...)
NOT-FOR-US: PrestaShop
CVE-2023-27568 (SQL injection vulnerability inSpryker Commerce OS 0.9 that allows for ...)
- TODO: check
+ NOT-FOR-US: inSpryker Commerce OS
CVE-2023-27567 (In OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf ...)
NOT-FOR-US: OpenBSD
CVE-2023-27566 (Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write ...)
@@ -15158,7 +15158,7 @@ CVE-2023-26205
CVE-2023-26204
RESERVED
CVE-2023-26203 (A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-26202
RESERVED
CVE-2023-26201
@@ -15856,7 +15856,7 @@ CVE-2023-25936
CVE-2023-25935
RESERVED
CVE-2023-25934 (DELL ECS prior to 3.8.0.2 contains an improper verification of cryptog ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-25933
RESERVED
CVE-2023-25756
@@ -17643,7 +17643,7 @@ CVE-2023-25440
CVE-2023-25439
RESERVED
CVE-2023-25438 (An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote at ...)
- TODO: check
+ NOT-FOR-US: MilleGP5
CVE-2023-25437 (An issue was discovered in vTech VCS754 version 1.1.1.A before 1.1.1.H ...)
NOT-FOR-US: vTech
CVE-2023-25436
@@ -19457,7 +19457,7 @@ CVE-2023-24746
CVE-2023-24745
RESERVED
CVE-2023-24744 (Cross Site Scripting (XSS) vulnerability in Rediker Software AdminPlus ...)
- TODO: check
+ NOT-FOR-US: Rediker Software AdminPlus
CVE-2023-24743
RESERVED
CVE-2023-24742
@@ -26091,13 +26091,13 @@ CVE-2023-22642 (An improper certificate validation vulnerability [CWE-295] in Fo
CVE-2023-22641 (A url redirection to untrusted site ('open redirect') in Fortinet Fort ...)
NOT-FOR-US: Fortinet
CVE-2023-22640 (A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-22639
RESERVED
CVE-2023-22638 (Several improper neutralization of inputs during web page generation v ...)
NOT-FOR-US: FortiGuard
CVE-2023-22637 (An improper neutralization of input during web page generation ('Cross ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-22636 (An unauthorized configuration download vulnerability in FortiWeb 6.3.6 ...)
NOT-FOR-US: Fortinet
CVE-2023-22635 (A download of code without Integrity check vulnerability [CWE-494] in ...)
@@ -35720,11 +35720,11 @@ CVE-2022-45862
CVE-2022-45861 (An access of uninitialized pointer vulnerability [CWE-824] in the SSL ...)
NOT-FOR-US: Fortinet
CVE-2022-45860 (A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7 ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-45859 (An insufficiently protected credentials vulnerability [CWE-522] in For ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-45858 (A use of a weak cryptographic algorithm vulnerability [CWE-327] in For ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-45857 (An incorrect user management vulnerability [CWE-286] in the FortiManag ...)
NOT-FOR-US: Fortinet
CVE-2022-45856
@@ -43866,7 +43866,7 @@ CVE-2022-43952 (An improper neutralization of input during web page generation (
CVE-2022-43951 (An exposure of sensitive information to an unauthorized actor vulnerab ...)
NOT-FOR-US: Fortinet
CVE-2022-43950 (A URL redirection to untrusted site ('Open Redirect') vulnerability [C ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2022-43949
RESERVED
CVE-2022-43948 (A improper neutralization of special elements used in an os command (' ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/593b80ad705804ce80cc4b7855de0ba926f54d48
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/593b80ad705804ce80cc4b7855de0ba926f54d48
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230504/07addf8a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list