[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Oct 23 21:50:23 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f4ac4c64 by Salvatore Bonaccorso at 2023-10-23T22:49:25+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30077,11 +30077,11 @@ CVE-2023-28807
CVE-2023-28806
RESERVED
CVE-2023-28805 (An Improper Input Validation vulnerability in Zscaler Client Connector ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28804 (An Improper Verification of Cryptographic Signature vulnerability in Z ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28803 (An authentication bypass by spoofing of a device with a synthetic IP a ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28802
RESERVED
CVE-2023-28801 (An Improper Verification of Cryptographic Signature in the SAML authen ...)
@@ -30093,15 +30093,15 @@ CVE-2023-28799 (A URL parameter during login flow was vulnerable to injection. A
CVE-2023-28798
RESERVED
CVE-2023-28797 (Zscaler Client Connector for Windows before 4.1 writes/deletes a confi ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28796 (Improper Verification of Cryptographic Signature vulnerability in Zsca ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28795 (Origin Validation Error vulnerability in Zscaler Client Connector on L ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28794
RESERVED
CVE-2023-28793 (Buffer overflow vulnerability in the signelf library used by Zscaler C ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28792 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirte ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28791 (Cross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simpl ...)
@@ -35574,15 +35574,15 @@ CVE-2023-27154
CVE-2023-27153
RESERVED
CVE-2023-27152 (DECISO OPNsense 23.1 does not impose rate limits for authentication, a ...)
- TODO: check
+ NOT-FOR-US: DECISO OPNsense
CVE-2023-27151
RESERVED
CVE-2023-27150
RESERVED
CVE-2023-27149 (A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTic ...)
- TODO: check
+ NOT-FOR-US: Enhancesoft osTicket
CVE-2023-27148 (A stored cross-site scripting (XSS) vulnerability in the Admin panel i ...)
- TODO: check
+ NOT-FOR-US: Enhancesoft osTicket
CVE-2023-27147
RESERVED
CVE-2023-27146
@@ -186543,15 +186543,15 @@ CVE-2021-26740 (Arbitrary file upload vulnerability sysupload.php in millken doy
CVE-2021-26739 (SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows ...)
NOT-FOR-US: doyocms
CVE-2021-26738 (Zscaler Client Connector for macOS prior to 3.7 had an unquoted search ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26737 (The Zscaler Client Connector for macOS prior to 3.6 did not sufficient ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26736 (Multiple vulnerabilities in the Zscaler Client Connector Installer and ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26735 (The Zscaler Client Connector Installer and Unsintallers for Windows pr ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26734 (Zscaler Client Connector Installer on Windows before version 3.4.0.124 ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26733 (A broken access control vulnerability in the FirstReset_handler_func f ...)
NOT-FOR-US: Lanner Inc IAC-AST2500A standard firmware
CVE-2021-26732 (A broken access control vulnerability in the First_network_func functi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4ac4c642eac8a38655439d911ec48400fe7b1f5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4ac4c642eac8a38655439d911ec48400fe7b1f5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231023/319fed00/attachment.htm>
More information about the debian-security-tracker-commits
mailing list