[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Sep 9 10:07:20 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e4ee41e4 by Salvatore Bonaccorso at 2023-09-09T11:06:34+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2023-4845 (A vulnerability was found in SourceCodester Simple Membership Sys
CVE-2023-4844 (A vulnerability was found in SourceCodester Simple Membership System 1 ...)
TODO: check
CVE-2023-4838 (The Simple Download Counter plugin for WordPress is vulnerable to Stor ...)
- TODO: check
+ NOT-FOR-US: Simple Download Counter plugin for WordPress
CVE-2023-42278 (hutool v5.8.21 was discovered to contain a buffer overflow via the com ...)
TODO: check
CVE-2023-42277 (hutool v5.8.21 was discovered to contain a buffer overflow via the com ...)
@@ -17,7 +17,7 @@ CVE-2023-42276 (hutool v5.8.21 was discovered to contain a buffer overflow via t
CVE-2023-41564 (An arbitrary file upload vulnerability in the Upload Asset function of ...)
TODO: check
CVE-2023-40306 (SAP S/4HANA Manage Catalog Items and Cross-Catalog searches Fiori apps ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2023-4853
NOT-FOR-US: Quarkus
CVE-2023-4843 (Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection ...)
@@ -16266,7 +16266,7 @@ CVE-2023-30997
CVE-2023-30996
RESERVED
CVE-2023-30995 (IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-30994
RESERVED
CVE-2023-30993 (IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow ...)
@@ -34900,7 +34900,7 @@ CVE-2023-24967
CVE-2023-24966 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-si ...)
NOT-FOR-US: IBM
CVE-2023-24965 (IBM Aspera Faspex 5.0.5 does not restrict or incorrectly restricts acc ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-24964 (IBM InfoSphere Information Server 11.7 could allow a local user to obt ...)
NOT-FOR-US: IBM
CVE-2023-24963
@@ -89897,7 +89897,7 @@ CVE-2022-33166 (IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could all
CVE-2022-33165
RESERVED
CVE-2022-33164 (IBM Security Directory Server 7.2.0 could allow a remote attacker to t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-33163 (IBM Security Directory Suite VA 8.0.1 specifies permissions for a secu ...)
NOT-FOR-US: IBM
CVE-2022-33162
@@ -123458,7 +123458,7 @@ CVE-2022-22411 (IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allo
CVE-2022-22410 (IBM Watson Query with Cloud Pak for Data as a Service could allow an a ...)
NOT-FOR-US: IBM
CVE-2022-22409 (IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22408
RESERVED
CVE-2022-22407
@@ -123466,15 +123466,15 @@ CVE-2022-22407
CVE-2022-22406
RESERVED
CVE-2022-22405 (IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22404 (IBM App Connect Enterprise Certified Container Dashboard UI (IBM App C ...)
NOT-FOR-US: IBM
CVE-2022-22403
RESERVED
CVE-2022-22402 (IBM Aspera Faspex 5.0.5 is vulnerable to cross-site scripting. This vu ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22401 (IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or per ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2022-22400
RESERVED
CVE-2022-22399
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4ee41e40a6f1e55e883484fd403e8e068d5e7ae
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4ee41e40a6f1e55e883484fd403e8e068d5e7ae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230909/f99a4e2f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list