[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Oct 9 21:58:49 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
becc85f0 by Moritz Muehlenhoff at 2023-10-09T22:58:14+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,105 +11,105 @@ CVE-2023-45359
- mediawiki 1:1.39.5-1
NOTE: https://phabricator.wikimedia.org/T340217
CVE-2023-5461 (A vulnerability was found in Delta Electronics WPLSoft 2.51. It has be ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2023-5460 (A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2023-5459 (A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2023-5365 (HP LIFE Android Mobile application is potentially vulnerable to escala ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2023-5333 (Mattermost fails to deduplicate input IDs allowing asimple user to cau ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2023-5331 (Mattermost fails to properly check the creator of an attached file whe ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2023-5330 (Mattermost fails toenforce a limit for the size of the cache entry for ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2023-5103 (Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-5102 (Insufficient Control Flow Management in RDT400 in SICK APU allows an u ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-5101 (Files or Directories Accessible to External Parties in RDT400 in SICK ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-5100 (Cleartext Transmission of Sensitive Information in RDT400 in SICK APU ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-45613 (In JetBrains Ktor before 2.3.5 server certificates were not verified)
- TODO: check
+ NOT-FOR-US: JetBrains Ktor
CVE-2023-45612 (In JetBrains Ktor before 2.3.5 default configuration of ContentNegotia ...)
- TODO: check
+ NOT-FOR-US: JetBrains Ktor
CVE-2023-45248 (Local privilege escalation due to DLL hijacking vulnerability. The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-45247 (Sensitive information disclosure and manipulation due to missing autho ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44993 (Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI Cha ...)
- TODO: check
+ NOT-FOR-US: QuantumCloud
CVE-2023-44821 (Buffer Overflow vulnerability in gifsicle v.1.92 allows a remote attac ...)
TODO: check
CVE-2023-44812 (Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a ...)
- TODO: check
+ NOT-FOR-US: mooSocial
CVE-2023-44811 (Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 a ...)
- TODO: check
+ NOT-FOR-US: mooSocial
CVE-2023-44473 (Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44467 (langchain_experimental 0.0.14 allows an attacker to bypass the CVE-202 ...)
- TODO: check
+ NOT-FOR-US: langchain_experimental
CVE-2023-44400 (Uptime Kuma is a self-hosted monitoring tool. Prior to version 1.23.3, ...)
- TODO: check
+ NOT-FOR-US: Uptime Kuma
CVE-2023-44393 (Piwigo is an open source photo gallery application. Prior to version 1 ...)
- TODO: check
+ - piwigo <removed>
CVE-2023-44392 (Garden provides automation for Kubernetes development and testing. Pri ...)
- TODO: check
+ NOT-FOR-US: Garden
CVE-2023-44378 (gnark is a zk-SNARK library that offers a high-level API to design cir ...)
- TODO: check
+ NOT-FOR-US: gnark
CVE-2023-44260 (Cross-Site Request Forgery (CSRF) vulnerability in Mikk Mihkel Nurges, ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44246 (Cross-Site Request Forgery (CSRF) vulnerability in Matias s Shockingly ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44240 (Cross-Site Request Forgery (CSRF) vulnerability in Peter Butler Timthu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44238 (Cross-Site Request Forgery (CSRF) vulnerability in Joakim Ling Remove ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44237 (Cross-Site Request Forgery (CSRF) vulnerability in Moriyan Jay WP Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44236 (Cross-Site Request Forgery (CSRF) vulnerability in Devnath verma WP Ca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44232 (Cross-Site Request Forgery (CSRF) vulnerability in Huseyin Berberoglu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-44231 (Cross-Site Request Forgery (CSRF) vulnerability in NickDuncan Contact ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-43700 (Missing Authorization in RDT400 in SICK APU allows an unprivileged rem ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43699 (Improper Restriction of Excessive Authentication Attempts in RDT400 in ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43698 (Improper Neutralization of Input During Web Page Generation (\u2019Cro ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43697 (Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU al ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43696 (Improper Access Control in SICK APU allows an unprivileged remote atta ...)
- TODO: check
+ NOT-FOR-US: SICK
CVE-2023-43643 (AntiSamy is a library for performing fast, configurable cleansing of H ...)
TODO: check
CVE-2023-42455 (Wazuh is a security detection, visibility, and compliance open source ...)
- TODO: check
+ NOT-FOR-US: Wazuh
CVE-2023-41672 (Cross-Site Request Forgery (CSRF) vulnerability in R\xe9mi Leclercq Hi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41670 (Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel (in per ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41669 (Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Live News plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41668 (Cross-Site Request Forgery (CSRF) vulnerability in Leadster plugin <=1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41667 (Cross-Site Request Forgery (CSRF) vulnerability in Ulf Benjaminsson WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41660 (Cross-Site Request Forgery (CSRF) vulnerability in WPSynchro WP Synchr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41047 (OctoPrint is a web interface for 3D printers. OctoPrint versions up un ...)
- TODO: check
+ NOT-FOR-US: OctoPrint
CVE-2023-3589 (A Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork C ...)
- TODO: check
+ NOT-FOR-US: Teamwork Cloudt
CVE-2023-39189 (A flaw was found in the Netfilter subsystem in the Linux kernel. The n ...)
TODO: check
CVE-2023-36820 (Micronaut Security is a security solution for applications. Prior to v ...)
- TODO: check
+ NOT-FOR-US: Micronaut Security
CVE-2023-43641
- libcue <unfixed>
NOTE: https://github.com/lipnitsk/libcue/security/advisories/GHSA-5982-x7hv-r9cj
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/becc85f0ca98eba43e4503d0f47022f008d23198
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/becc85f0ca98eba43e4503d0f47022f008d23198
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231009/f5635d7d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list