[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Oct 26 21:22:38 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4a1e2680 by Moritz Muehlenhoff at 2023-10-26T22:22:13+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -93,33 +93,33 @@ CVE-2023-45868 (The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an
CVE-2023-45867 (ILIAS (2013-09-12 release) contains a medium-criticality Directory Tra ...)
NOT-FOR-US: ILIAS
CVE-2023-45317 (The application interface allows users to perform certain actions via ...)
- TODO: check
+ NOT-FOR-US: Sielco
CVE-2023-45228 (The application suffers from improper access control when editing user ...)
- TODO: check
+ NOT-FOR-US: Sielco
CVE-2023-44267 (Online Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL ...)
- TODO: check
+ NOT-FOR-US: Online Art Gallery
CVE-2023-43208 (NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: NextGen Healthcare Mirth Connect
CVE-2023-42769 (The cookie session ID is of insufficient length and can be exploited b ...)
- TODO: check
+ NOT-FOR-US: Sielco
CVE-2023-41966 (The application suffers from a privilege escalation vulnerability. A ...)
- TODO: check
+ NOT-FOR-US: Sielco
CVE-2023-41096 (Missing Encryption of Security Keys vulnerability in Silicon Labs Embe ...)
- TODO: check
+ NOT-FOR-US: Silabs
CVE-2023-41095 (Missing Encryption of Security Keys vulnerability in Silicon Labs Open ...)
- TODO: check
+ NOT-FOR-US: Silabs
CVE-2023-39936 (In Ashlar-Vellum Graphite v13.0.48, the affected application lacks pro ...)
- TODO: check
+ NOT-FOR-US: Ashlar-Vellum
CVE-2023-39427 (In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share v12 S ...)
- TODO: check
+ NOT-FOR-US: Ashlar-Vellum
CVE-2023-32116 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tota ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31419 (A flaw was discovered in Elasticsearch, affecting the _search API that ...)
- TODO: check
+ - elasticsearch <removed>
CVE-2023-31418 (An issue has been identified with how Elasticsearch handled incoming r ...)
- TODO: check
+ - elasticsearch <removed>
CVE-2023-31416 (Secret token configuration is never applied when using ECK <2.8 with A ...)
- TODO: check
+ NOT-FOR-US: Elastic Cloud on Kubernetes
CVE-2023-5139 (Potential buffer overflow vulnerability at the following location in t ...)
NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2023-46754 (The admin panel for Obl.ong before 1.1.2 allows authorization bypass b ...)
@@ -133,9 +133,9 @@ CVE-2023-46752 (An issue was discovered in FRRouting FRR through 9.0.1. It misha
NOTE: Fixed by: https://github.com/FRRouting/frr/commit/b08afc81c60607a4f736f418f2e3eb06087f1a35 (master)
NOTE: Fixed by: https://github.com/FRRouting/frr/commit/30b5c2a434d25981e16792f6f50162beb517ae4d (stable/8.5 branch)
CVE-2023-46668 (If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-defa ...)
- TODO: check
+ NOT-FOR-US: Elastic Endpoint
CVE-2023-46667 (An issue was discovered in Fleet Server >= v8.10.0 and < v8.10.3 where ...)
- TODO: check
+ NOT-FOR-US: Elastic Fleet Server
CVE-2023-46584 (SQL Injection vulnerability in PHPGurukul Nipah virus (NiV) " Testing ...)
NOT-FOR-US: PHPGurukul
CVE-2023-46583 (Cross-Site Scripting (XSS) vulnerability in PHPGurukul Nipah virus (Ni ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a1e2680f9c8049b27b06672cc26bb291e3bfaec
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a1e2680f9c8049b27b06672cc26bb291e3bfaec
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231026/e56222b8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list