[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Nov 8 21:22:54 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
65abcec5 by Salvatore Bonaccorso at 2023-11-08T22:22:23+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2023-5913 (Incorrect Privilege Assignment vulnerability in opentext Fortify
CVE-2023-5760 (A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (inpu ...)
NOT-FOR-US: Norton
CVE-2023-5759 (In Helix Core versions prior to 2023.2, an unauthenticated remote Deni ...)
- TODO: check
+ NOT-FOR-US: Helix Core
CVE-2023-5136 (An incorrect permission assignment in the TopoGrafix DataPlugin for GP ...)
NOT-FOR-US: opoGrafix DataPlugin for GPX
CVE-2023-47397 (WeBid <=1.2.2 is vulnerable to code injection via admin/categoriestran ...)
@@ -81,9 +81,9 @@ CVE-2023-46621 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in En
CVE-2023-46613 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2023-45849 (An arbitrary code execution which results in privilege escalation was ...)
- TODO: check
+ NOT-FOR-US: Helix Core
CVE-2023-45319 (In Helix Core versions prior to 2023.2, an unauthenticated remote Deni ...)
- TODO: check
+ NOT-FOR-US: Helix Core
CVE-2023-45140 (The Bastion provides authentication, authorization, traceability and a ...)
NOT-FOR-US: Bastion
CVE-2023-44098 (Vulnerability of missing encryption in the card management module. Suc ...)
@@ -93,7 +93,7 @@ CVE-2023-3282 (A local privilege escalation (PE) vulnerability in the Palo Alto
CVE-2023-39913 (Deserialization of Untrusted Data, Improper Input Validation vulnerabi ...)
NOT-FOR-US: Apache UIMA
CVE-2023-35767 (In Helix Core versions prior to 2023.2, an unauthenticated remote Deni ...)
- TODO: check
+ NOT-FOR-US: Helix Core
CVE-2023-32298 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kathy Da ...)
NOT-FOR-US: WordPress plugin
CVE-2022-48613 (Race condition vulnerability in the kernel module. Successful exploita ...)
@@ -40893,7 +40893,7 @@ CVE-2023-26223
CVE-2023-26222
RESERVED
CVE-2023-26221 (The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire An ...)
- TODO: check
+ NOT-FOR-US: Spotfire Connectors component of TIBCO
CVE-2023-26220 (The Spotfire Library component of TIBCO Software Inc.'s Spotfire Analy ...)
NOT-FOR-US: TIBCO
CVE-2023-26219 (The Hawk Console and Hawk Agent components of TIBCO Software Inc.'s TI ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65abcec50db72ced7435de05df80705ff0b324d1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65abcec50db72ced7435de05df80705ff0b324d1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231108/4a9b3fd9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list