[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat May 13 10:04:16 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
39305abf by Salvatore Bonaccorso at 2023-05-13T11:03:45+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -40,7 +40,7 @@ CVE-2023-2677 (A vulnerability, which was classified as critical, was found in S
CVE-2023-2676 (A vulnerability, which was classified as critical, has been found in H ...)
NOT-FOR-US: H3C
CVE-2023-2675 (Improper Restriction of Excessive Authentication Attempts in GitHub re ...)
- TODO: check
+ NOT-FOR-US: linagora twake
CVE-2023-2672 (A vulnerability classified as critical has been found in SourceCodeste ...)
NOT-FOR-US: SourceCodester Lost and Found Information System
CVE-2023-2671 (A vulnerability was found in SourceCodester Lost and Found Information ...)
@@ -12970,7 +12970,7 @@ CVE-2023-1098 (An information disclosure vulnerability has been discovered in Gi
CVE-2023-1097 (Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are v ...)
NOT-FOR-US: Baicells EG7035-M11 devices
CVE-2023-1096 (SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susc ...)
- TODO: check
+ NOT-FOR-US: SnapCenter (NetAPP)
CVE-2023-1095 (In nf_tables_updtable, if nf_tables_table_enable returns an error, nft ...)
- linux 5.19.6-1
[bullseye] - linux 5.10.140-1
@@ -16649,23 +16649,23 @@ CVE-2023-0861 (NetModule NSRW web administration interface executes an OS comman
CVE-2023-0860 (Improper Restriction of Excessive Authentication Attempts in GitHub re ...)
NOT-FOR-US: Modoboa
CVE-2023-0859 (Arbitrary Files can be installed in the Setting Data Import function o ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0858 (Improper Authentication of RemoteUI of Office / Small Office Multifunc ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0857 (Unintentional change of settings during initial registration of system ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0856 (Buffer overflow in IPP sides attribute process of Office / Small Offic ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0855 (Buffer overflow in IPP number-up attribute process of Office / Small O ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0854 (Buffer overflow in NetBIOS QNAME registering and communication process ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0853 (Buffer overflow in mDNS NSEC record registering process of Office / Sm ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0852 (Buffer overflow in the Address Book of Mobile Device function of Offic ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2023-0851 (Buffer overflow in CPCA Resource Download process of Office / Small Of ...)
- TODO: check
+ NOT-FOR-US: Canon
CVE-2022-48327 (Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 al ...)
NOT-FOR-US: Mapos
CVE-2022-48326 (Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 al ...)
@@ -18281,7 +18281,7 @@ CVE-2023-25462
CVE-2023-25461 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nami ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25460 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Code ...)
- TODO: check
+ NOT-FOR-US: Wordpress plugin
CVE-2023-25459
RESERVED
CVE-2023-25458 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GMO ...)
@@ -18345,7 +18345,7 @@ CVE-2023-25430
CVE-2023-25429
RESERVED
CVE-2023-25428 (A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.2 ...)
- TODO: check
+ NOT-FOR-US: Soft-o Free Password Manager
CVE-2023-25427
RESERVED
CVE-2023-25426
@@ -18599,7 +18599,7 @@ CVE-2023-25311
CVE-2023-25310
RESERVED
CVE-2023-25309 (Cross Site Scripting (XSS) Vulnerability in Fetlife rollout-ui version ...)
- TODO: check
+ NOT-FOR-US: Fetlife rollout-ui
CVE-2023-25308
RESERVED
CVE-2023-25307
@@ -19389,15 +19389,15 @@ CVE-2023-25011 (PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver1
CVE-2023-25010 (A malicious actor may convince a victim to open a malicious USD file t ...)
NOT-FOR-US: Autodesk
CVE-2023-25009 (A malicious actor may convince a user to open a malicious USD file tha ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25008 (A malicious actor may convince a user to open a malicious USD file tha ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25007 (A malicious actor may convince a user to open a malicious USD file tha ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25006 (A malicious actor may convince a user to open a malicious USD file tha ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25005 (A maliciously crafted DLL file can be forced to read beyond allocated ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2023-25004
RESERVED
CVE-2023-25003
@@ -22643,7 +22643,7 @@ CVE-2023-23869
CVE-2023-23868
RESERVED
CVE-2023-23867 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23866 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23865 (Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins St ...)
@@ -22815,7 +22815,7 @@ CVE-2023-23812 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-23811
RESERVED
CVE-2023-23810 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23809 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mori ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23808 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Serg ...)
@@ -24756,7 +24756,7 @@ CVE-2023-23171
CVE-2023-23170
RESERVED
CVE-2023-23169 (Synapsoft pdfocus 1.17 is vulnerable to local file inclusion and serve ...)
- TODO: check
+ NOT-FOR-US: Synapsoft pdfocus
CVE-2023-23168
RESERVED
CVE-2023-23167
@@ -26642,7 +26642,7 @@ CVE-2023-22687 (Insecure Storage of Sensitive Information vulnerability in Jose
CVE-2023-22686 (Cross-Site Request Forgery (CSRF) vulnerability in TriniTronic Nice Pa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22685 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tips ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22684
RESERVED
CVE-2023-22683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Them ...)
@@ -29220,9 +29220,9 @@ CVE-2022-47882
CVE-2022-47881 (Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of ...)
NOT-FOR-US: Foxit
CVE-2022-47880 (An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH J ...)
- TODO: check
+ NOT-FOR-US: Jedox
CVE-2022-47879 (A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 20 ...)
- TODO: check
+ NOT-FOR-US: Jedox
CVE-2022-47878 (Incorrect input validation for the default-storage-path in the setting ...)
NOT-FOR-US: Jedox
CVE-2022-47877 (A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows r ...)
@@ -41242,13 +41242,13 @@ CVE-2023-20882
CVE-2023-20881
RESERVED
CVE-2023-20880 (VMware Aria Operations contains a privilege escalation vulnerability. ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20879 (VMware Aria Operations contains a Local privilege escalation vulnerabi ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20878 (VMware Aria Operations contains a deserialization vulnerability. A mal ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20877 (VMware Aria Operations contains a privilege escalation vulnerability. ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2023-20876
RESERVED
CVE-2023-20875
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39305abfa20944df1bd0d5c5f679f59a1809475b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39305abfa20944df1bd0d5c5f679f59a1809475b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230513/a3ff9043/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list