[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 18 05:54:55 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
201b041b by Salvatore Bonaccorso at 2023-05-18T06:54:34+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2023-32767 (The web interface of Symcon IP-Symcon before 6.3 (i.e., before 2023-05 ...)
- TODO: check
+ NOT-FOR-US: Symcon
CVE-2023-31904 (savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File In ...)
NOT-FOR-US: savysoda Wifi HD Wireless Disk Drive
CVE-2023-31903 (GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload which allo ...)
@@ -29,11 +29,11 @@ CVE-2023-31698 (Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS
CVE-2023-2776 (A vulnerability was found in code-projects Simple Photo Gallery 1.0. I ...)
NOT-FOR-US: code-projects Simple Photo Gallery
CVE-2023-2775 (A vulnerability was found in code-projects Bus Dispatch and Informatio ...)
- TODO: check
+ NOT-FOR-US: code-projects Bus Dispatch and Information System
CVE-2023-2774 (A vulnerability was found in code-projects Bus Dispatch and Informatio ...)
- TODO: check
+ NOT-FOR-US: code-projects Bus Dispatch and Information System
CVE-2023-2773 (A vulnerability has been found in code-projects Bus Dispatch and Infor ...)
- TODO: check
+ NOT-FOR-US: code-projects Bus Dispatch and Information System
CVE-2023-2772 (A vulnerability, which was classified as critical, was found in Source ...)
NOT-FOR-US: SourceCodester Budget and Expense Tracker System
CVE-2023-2771 (A vulnerability, which was classified as critical, has been found in S ...)
@@ -49,13 +49,13 @@ CVE-2023-2766 (A vulnerability was found in Weaver OA 9.5 and classified as prob
CVE-2023-2765 (A vulnerability has been found in Weaver OA up to 9.5 and classified a ...)
NOT-FOR-US: Weaver OA
CVE-2023-2756 (SQL Injection in GitHub repository pimcore/customer-data-framework pri ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2023-2745 (WordPress Core is vulnerable to Directory Traversal in versions up to, ...)
- wordpress <unfixed>
NOTE: https://core.trac.wordpress.org/changeset?old=55765&new=55765
NOTE: https://wordpress.org/news/2023/05/wordpress-6-2-1-maintenance-security-release/
CVE-2023-2679 (Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows ...)
- TODO: check
+ NOT-FOR-US: Snow Software
CVE-2023-31848 (davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF).)
NOT-FOR-US: davinci
CVE-2023-31847 (In davinci 0.3.0-rc after logging in, the user can connect to the mysq ...)
@@ -4494,7 +4494,7 @@ CVE-2023-30193
CVE-2023-30192 (Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via Po ...)
NOT-FOR-US: Prestashop
CVE-2023-30191 (PrestaShop cdesigner < 3.1.9 is vulnerable to SQL Injection via Cdesig ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2023-30190
RESERVED
CVE-2023-30189 (Prestashop posstaticblocks <= 1.0.0 is vulnerable to SQL Injection via ...)
@@ -5246,7 +5246,7 @@ CVE-2023-29839 (A Stored Cross Site Scripting (XSS) vulnerability exists in mult
CVE-2023-29838
RESERVED
CVE-2023-29837 (Cross Site Scripting vulnerability found in Exelysis Unified Communica ...)
- TODO: check
+ NOT-FOR-US: Exelysis Unified Communication Solution (EUCS)
CVE-2023-29836 (Cross Site Scripting vulnerability found in Exelysis Unified Communica ...)
NOT-FOR-US: Exelysis Unified Communication Solutions (EUCS)
CVE-2023-29835 (Insecure Permission vulnerability found in Wondershare Dr.Fone v.12.9. ...)
@@ -23570,7 +23570,7 @@ CVE-2023-23729
CVE-2023-23728 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Winwa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23727 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23726
RESERVED
CVE-2023-23725
@@ -23584,7 +23584,7 @@ CVE-2023-23722 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
CVE-2023-23721 (Cross-Site Request Forgery (CSRF) vulnerability in David Gwyer Admin L ...)
NOT-FOR-US: David Gwyer Admin Log
CVE-2023-23720 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23719
RESERVED
CVE-2023-23718 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Esstat17 Pa ...)
@@ -23606,7 +23606,7 @@ CVE-2023-23711 (Cross-Site Request Forgery (CSRF) vulnerability in A2 Hosting A2
CVE-2023-23710 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in mini ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23709 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23708 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23707 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -23618,7 +23618,7 @@ CVE-2023-23705
CVE-2023-23704
RESERVED
CVE-2023-23703 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23702
RESERVED
CVE-2023-23701 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -23695,7 +23695,7 @@ CVE-2023-23690 (Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below
CVE-2023-23689 (Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 ...)
NOT-FOR-US: Dell
CVE-2023-23688 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23687 (Auth.Stored Cross-Site Scripting (XSS) vulnerability inYoutube shortco ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23686 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
@@ -23705,9 +23705,9 @@ CVE-2023-23685 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabi
CVE-2023-23684
RESERVED
CVE-2023-23683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ozan ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23682 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23681 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23680
@@ -23719,13 +23719,13 @@ CVE-2023-23678
CVE-2023-23677 (Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix GTmetri ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23676 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23675 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Catc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23674 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in RVOL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23673 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Hari ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23672
RESERVED
CVE-2023-23671
@@ -23757,13 +23757,13 @@ CVE-2023-23659 (Cross-Site Request Forgery (CSRF) vulnerability in MainWP Matomo
CVE-2023-23658
RESERVED
CVE-2023-23657 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23656
RESERVED
CVE-2023-23655
RESERVED
CVE-2023-23654 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Spar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23653
RESERVED
CVE-2023-23652
@@ -23789,7 +23789,7 @@ CVE-2023-23643
CVE-2023-23642
RESERVED
CVE-2023-23641 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-23640
RESERVED
CVE-2023-23639
@@ -24608,19 +24608,19 @@ CVE-2023-23452 (Missing Authentication for Critical Function in SICK FX0-GPNT v3
CVE-2023-23451 (The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNE ...)
NOT-FOR-US: SICK
CVE-2023-23450 (Use of Password Hash Instead of Password for Authentication in SICK FT ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23449 (Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Part ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23448 (Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLO ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23447 (Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Pa ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23446 (Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23445 (Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23444 (Missing Authentication for Critical Function in SICK Flexi Classic and ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-23443
RESERVED
CVE-2023-23442
@@ -27013,7 +27013,7 @@ CVE-2023-22719
CVE-2023-22718 (Reflected Cross-Site Scripting (XSS) vulnerability in Jason Lau User M ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22717 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22716 (Auth. (admin+) Cross-Site Scripting vulnerability in OOPSpam OOPSpam A ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22715 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Lester 'GaM ...)
@@ -27035,13 +27035,13 @@ CVE-2023-22708
CVE-2023-22707 (Auth. (author+) Cross-Site Scripting (XSS) vulnerability in Wpsoul Gre ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22706 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Property ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22705 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Collne I ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22704 (Reflected Cross-Site Scripting (XSS) vulnerability in Michael Winkler ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22703 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22702 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in WPMob ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22701
@@ -27067,7 +27067,7 @@ CVE-2023-22692
CVE-2023-22691 (Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22690 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22689
RESERVED
CVE-2023-22688
@@ -27079,7 +27079,7 @@ CVE-2023-22686 (Cross-Site Request Forgery (CSRF) vulnerability in TriniTronic N
CVE-2023-22685 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tips ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22684 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subs ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-22683 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Them ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22682 (Reflected Cross-Site Scripting (XSS) vulnerability in Manuel Masia | P ...)
@@ -28559,7 +28559,7 @@ CVE-2022-48022 (An issue in the component /api/v1/mentions of Zammad v5.3.0 allo
CVE-2022-48021 (A vulnerability in Zammad v5.3.0 allows attackers to execute arbitrary ...)
- zammad <itp> (bug #841355)
CVE-2022-48020 (Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site sc ...)
- TODO: check
+ NOT-FOR-US: Vinteo VCC
CVE-2022-48019 (The components wfshbr64.sys and wfshbr32.sys in Another Eden before v3 ...)
NOT-FOR-US: Another Eden
CVE-2022-48018
@@ -32247,37 +32247,37 @@ CVE-2023-21725 (Windows Malicious Software Removal Tool Elevation of Privilege V
CVE-2023-21724 (Microsoft DWM Core Library Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2022-47393 (An authenticated, remote attacker may use a Improper Restriction of Op ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47392 (An authenticated, remote attacker may use a improper input validation ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47391 (In multiple CODESYS products in multiple versions an unauthorized, rem ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47390 (An authenticated, remote attacker may use a stack based out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47389 (An authenticated, remote attacker may use a stack based out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47388 (An authenticated, remote attacker may use a stack based out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47387 (An authenticated remote attacker may use a stack based out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47386 (An authenticated, remote attacker may use a stack based out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47385 (An authenticated, remote attacker may use a stack based out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47384 (An authenticated remote attacker may use a stack based out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47383 (An authenticated, remote attacker may use a stack based out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47382 (An authenticated remote attacker may use a stack based out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47381 (An authenticated remote attacker may use a stack based out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47380 (An authenticated remote attacker may use a stack based out-of-bounds w ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47379 (An authenticated, remote attacker may use a out-of-bounds write vulner ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47378 (Multiple CODESYS products in multiple versions are prone to a improper ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-47377 (Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 w ...)
NOT-FOR-US: SICK SIM2000ST Partnumber 2086502
CVE-2022-47376
@@ -37898,7 +37898,7 @@ CVE-2022-4050 (The JoomSport WordPress plugin before 5.2.8 does not properly san
CVE-2022-4049 (The WP User WordPress plugin through 7.0 does not properly sanitize an ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4048 (Inadequate Encryption Strength in CODESYS Development System V3 versio ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-4047 (The Return Refund and Exchange For WooCommerce WordPress plugin before ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4046
@@ -39101,7 +39101,7 @@ CVE-2022-45145 (egg-compile.scm in CHICKEN 5.x before 5.3.1 allows arbitrary OS
NOTE: https://lists.gnu.org/archive/html/chicken-announce/2022-11/msg00000.html
NOTE: https://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=a08f8f548d772ef410c672ba33a27108d8d434f3;hp=9c6fb001c25de4390f46ffd7c3c94237f4df92a9
CVE-2022-45144 (Algoo Tracim before 4.4.2 allows XSS via HTML file upload.)
- TODO: check
+ NOT-FOR-US: Algoo Tracim
CVE-2022-3941 (A vulnerability has been found in Activity Log Plugin and classified a ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3940 (A vulnerability, which was classified as problematic, was found in lan ...)
@@ -43445,7 +43445,7 @@ CVE-2023-20728
CVE-2023-20727
RESERVED
CVE-2023-20726 (In mnld, there is a possible leak of GPS location due to a missing per ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20725
RESERVED
CVE-2023-20724
@@ -43453,17 +43453,17 @@ CVE-2023-20724
CVE-2023-20723
RESERVED
CVE-2023-20722 (In m4u, there is a possible out of bounds write due to improper input ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20721 (In isp, there is a possible out of bounds write due to improper input ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20720 (In pqframework, there is a possible out of bounds read due to a missin ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20719 (In pqframework, there is a possible out of bounds read due to a missin ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20718 (In vcu, there is a possible out of bounds write due to a missing bound ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20717 (In vcu, there is a possible leak of dma buffer due to a race condition ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20716
RESERVED
CVE-2023-20715
@@ -43475,41 +43475,41 @@ CVE-2023-20713
CVE-2023-20712
RESERVED
CVE-2023-20711 (In keyinstall, there is a possible out of bounds read due to a missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20710 (In keyinstall, there is a possible out of bounds read due to a missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20709 (In keyinstall, there is a possible out of bounds read due to a missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20708 (In keyinstall, there is a possible out of bounds read due to a missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20707 (In ril, there is a possible out of bounds write due to a missing bound ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20706 (In apu, there is a possible out of bounds read due to a missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20705 (In apu, there is a possible out of bounds read due to a missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20704 (In apu, there is a possible out of bounds read due to a missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20703 (In apu, there is a possible out of bounds read due to a missing bounds ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20702
RESERVED
CVE-2023-20701 (In widevine, there is a possible out of bounds write due to a logic er ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20700 (In widevine, there is a possible out of bounds write due to a logic er ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20699 (In adsp, there is a possible out of bounds write due to a missing boun ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20698 (In keyinstall, there is a possible out of bounds read due to a missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20697 (In keyinstall, there is a possible out of bounds read due to a missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20696 (In preloader, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20695 (In preloader, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20694 (In preloader, there is a possible out of bounds write due to a missing ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20693
RESERVED
CVE-2023-20692
@@ -43551,7 +43551,7 @@ CVE-2023-20675 (In wlan, there is a possible out of bounds read due to a missing
CVE-2023-20674 (In wlan, there is a possible out of bounds read due to a missing bound ...)
NOT-FOR-US: MediaTek
CVE-2023-20673 (In vcu, there is a possible memory corruption due to type confusion. T ...)
- TODO: check
+ NOT-FOR-US: Mediatek
CVE-2023-20672
RESERVED
CVE-2023-20671
@@ -107692,7 +107692,7 @@ CVE-2022-22510 (Codesys Profinet in version V4.2.0.0 is prone to null pointer de
CVE-2022-22509 (In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect ...)
NOT-FOR-US: Phoenix Contact FL SWITCH Series
CVE-2022-22508 (Improper Input Validation vulnerability in multiple CODESYS V3 product ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2022-22507
RESERVED
CVE-2022-22506
@@ -226796,9 +226796,9 @@ CVE-2020-13379 (The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF In
NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/4
NOTE: https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/
CVE-2020-13378 (Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Inj ...)
- TODO: check
+ NOT-FOR-US: Loadbalancer.org Enterprise VA MAX
CVE-2020-13377 (The web-services interface of Loadbalancer.org Enterprise VA MAX throu ...)
- TODO: check
+ NOT-FOR-US: Loadbalancer.org Enterprise VA MAX
CVE-2020-13376 (SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable fil ...)
NOT-FOR-US: SecurEnvoy SecurMail
CVE-2020-13375
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/201b041b0aff91d3611b6cb85b53c135b7d9c66b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/201b041b0aff91d3611b6cb85b53c135b7d9c66b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230518/7f80b9f7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list