[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Sep 7 21:28:16 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fdf5add8 by Salvatore Bonaccorso at 2023-09-07T22:27:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
CVE-2023-4685 (Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0. ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2023-4528 (Unsafe deserialization in JSCAPE MFT Server versions prior to2023.1.9 ...)
- TODO: check
+ NOT-FOR-US: JSCAPE MFT Server
CVE-2023-41316 (Tolgee is an open-source localization platform. Due to lack of validat ...)
TODO: check
CVE-2023-41064 (A buffer overflow issue was addressed with improved memory handling. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-41061 (A validation issue was addressed with improved logic. This issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2023-40942 (Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-40060 (A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix ...)
- TODO: check
+ NOT-FOR-US: SolarWinds Serv-U
CVE-2023-3747 (Zero Trust Administrators have the ability to disallow end users from ...)
TODO: check
CVE-2023-39711 (Multiple cross-site scripting (XSS) vulnerabilities in Free and Open S ...)
- TODO: check
+ NOT-FOR-US: Free and Open Source Inventory Management System
CVE-2023-39424 (A vulnerability inRDPngFileUpload.dll, as used in theIRM Next Generati ...)
- TODO: check
+ NOT-FOR-US: IRM Next Generation booking system
CVE-2023-39423 (The RDPData.dll file exposes the/irmdata/api/common endpoint that hand ...)
- TODO: check
+ NOT-FOR-US: Bitdefender
CVE-2023-39422 (The/irmdata/api/ endpoints exposed by theIRM Next Generation booking e ...)
- TODO: check
+ NOT-FOR-US: Bitdefender
CVE-2023-39421 (The RDPWin.dll component as used in the IRM Next Generation booking en ...)
- TODO: check
+ NOT-FOR-US: Bitdefender
CVE-2023-39420 (The RDPCore.dll component as used in the IRM Next Generation booking e ...)
- TODO: check
+ NOT-FOR-US: Bitdefender
CVE-2023-37798 (A stored cross-site scripting (XSS) vulnerability in the new REDCap pr ...)
- TODO: check
+ NOT-FOR-US: Vanderbilt REDCap
CVE-2023-36635 (An improper access control in Fortinet FortiSwitchManager version 7.2. ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2023-4815 (Missing Authentication for Critical Function in GitHub repository answ ...)
NOT-FOR-US: answerdev/answer
CVE-2023-4792 (The Duplicate Post Page Menu & Custom Post Type plugin for WordPress i ...)
@@ -16744,7 +16744,7 @@ CVE-2023-30802
CVE-2023-30801
RESERVED
CVE-2023-30800 (The web server used by MikroTik RouterOS version 6 is affected by a he ...)
- TODO: check
+ NOT-FOR-US: MikroTik
CVE-2023-30799 (MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 ar ...)
NOT-FOR-US: MikroTik RouterOS
CVE-2023-30798 (There MultipartParser usage in Encode's Starlette python framework bef ...)
@@ -97001,25 +97001,25 @@ CVE-2022-30648 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and
CVE-2022-30647 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
NOT-FOR-US: Adobe
CVE-2022-30646 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30645 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30644 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30643 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30642 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30641 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30640 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30639 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30638 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30637 (Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-30636
RESERVED
CVE-2022-30635 (Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.1 ...)
@@ -130645,21 +130645,21 @@ CVE-2021-4013
CVE-2021-4012
RESERVED
CVE-2021-44195 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44194 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44193 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44192 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44191 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44190 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44189 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44188 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-44187 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlie ...)
NOT-FOR-US: Adobe
CVE-2021-44186 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlie ...)
@@ -133136,11 +133136,11 @@ CVE-2021-43755 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and
CVE-2021-43754 (Adobe Prelude version 22.1.1 (and earlier) is affected by an Out-of-bo ...)
NOT-FOR-US: Adobe
CVE-2021-43753 (Adobe Lightroom versions 4.4 (and earlier) are affected by a use-after ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-43752 (Adobe Illustrator versions 25.4.2 (and earlier) and 26.0.1 (and earlie ...)
NOT-FOR-US: Adobe
CVE-2021-43751 (Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-43750 (Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Nu ...)
NOT-FOR-US: Adobe
CVE-2021-43749 (Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Nu ...)
@@ -136254,7 +136254,7 @@ CVE-2021-43029 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by
CVE-2021-43028 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...)
NOT-FOR-US: Adobe
CVE-2021-43027 (Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlie ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-43026 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...)
NOT-FOR-US: Adobe
CVE-2021-43025 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...)
@@ -136272,7 +136272,7 @@ CVE-2021-43020
CVE-2021-43019 (Adobe Creative Cloud version 5.5 (and earlier) are affected by a privi ...)
NOT-FOR-US: Adobe
CVE-2021-43018 (Adobe Photoshop versions 23.0.2 and 22.5.4 (and earlier) are affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-43017 (Adobe Creative Cloud version 5.5 (and earlier) are affected by an Appl ...)
NOT-FOR-US: Adobe
CVE-2021-43016 (Adobe InCopy version 16.4 (and earlier) is affected by a Null pointer ...)
@@ -136990,7 +136990,7 @@ CVE-2021-42736
CVE-2021-42735 (Adobe Photoshop version 22.5.1 (and earlier versions ) is affected by ...)
NOT-FOR-US: Adobe
CVE-2021-42734 (Adobe Photoshop version 22.5.1 and earlierversionsare affected by an o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42733 (Adobe Bridge version 11.1.1 (and earlier) is affected by a Null pointe ...)
NOT-FOR-US: Adobe
CVE-2021-42732 (Access of Memory Location After End of Buffer (CWE-788))
@@ -139465,7 +139465,7 @@ CVE-2021-42267 (Adobe Animate version 21.0.9 (and earlier) is affected by a memo
CVE-2021-42266 (Adobe Animate version 21.0.9 (and earlier) is affected by a memory cor ...)
NOT-FOR-US: Adobe
CVE-2021-42265 (Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-42264 (Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer ...)
NOT-FOR-US: Adobe
CVE-2021-42263 (Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer ...)
@@ -143284,7 +143284,7 @@ CVE-2021-40797 (An issue was discovered in the routes middleware in OpenStack Ne
CVE-2021-40796 (Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer ...)
NOT-FOR-US: Adobe
CVE-2021-40795 (Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40794 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memor ...)
NOT-FOR-US: Adobe
CVE-2021-40793 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memor ...)
@@ -143292,9 +143292,9 @@ CVE-2021-40793 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a
CVE-2021-40792 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memor ...)
NOT-FOR-US: Adobe
CVE-2021-40791 (Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40790 (Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40789 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affect ...)
NOT-FOR-US: Adobe
CVE-2021-40788 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affect ...)
@@ -143433,7 +143433,7 @@ CVE-2021-40725 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.00
CVE-2021-40724 (Acrobat Reader for Android versions 21.8.0 (and earlier) are affected ...)
NOT-FOR-US: Adobe
CVE-2021-40723 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40722 (AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and bel ...)
NOT-FOR-US: Adobe
CVE-2021-40721 (Adobe Connect version 11.2.3 (and earlier) is affected by a reflected ...)
@@ -143486,9 +143486,9 @@ CVE-2021-40701 (Adobe Premiere Elements version 2021.2235820 (and earlier) is af
CVE-2021-40700 (Adobe Premiere Elements version 2021.2235820 (and earlier) is affected ...)
NOT-FOR-US: Adobe
CVE-2021-40699 (ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40698 (ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (a ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40697 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
NOT-FOR-US: Adobe
CVE-2021-40696
@@ -252716,15 +252716,15 @@ CVE-2020-10134 (Pairing in Bluetooth\xae Core v5.2 and earlier may permit an una
CVE-2020-10133
RESERVED
CVE-2020-10132 (SearchBlox before Version 9.1 is vulnerable to cross-origin resource s ...)
- TODO: check
+ NOT-FOR-US: SearchBlox
CVE-2020-10131 (SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection i ...)
- TODO: check
+ NOT-FOR-US: SearchBlox
CVE-2020-10130 (SearchBlox before Version 9.1 is vulnerable to business logic bypass w ...)
- TODO: check
+ NOT-FOR-US: SearchBlox
CVE-2020-10129 (SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation ...)
- TODO: check
+ NOT-FOR-US: SearchBlox
CVE-2020-10128 (SearchBlox product with version before 9.2.1 is vulnerable to stored c ...)
- TODO: check
+ NOT-FOR-US: SearchBlox
CVE-2020-10127
RESERVED
CVE-2020-10126 (NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdf5add84554f22fa714d291d52a448eeb24ac6e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdf5add84554f22fa714d291d52a448eeb24ac6e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230907/d4ec89c8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list