[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 12 21:46:52 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
93272fd1 by Salvatore Bonaccorso at 2023-09-12T22:46:26+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57,75 +57,75 @@ CVE-2023-40712 (Apache Airflow, versions before 2.7.1, is affected by a vulnerab
CVE-2023-40611 (Apache Airflow, versions before 2.7.1, is affected by a vulnerability ...)
- airflow <itp> (bug #819700)
CVE-2023-40218 (An issue was discovered in the NPU kernel driver in Samsung Exynos Mob ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2023-3712 (Files or Directories Accessible to External Parties vulnerability in H ...)
TODO: check
CVE-2023-3711 (Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Print ...)
TODO: check
CVE-2023-3710 (Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, A ...)
- TODO: check
+ NOT-FOR-US: Honeywell
CVE-2023-39637 (D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injecti ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2023-39215 (Improper authentication in Zoom clients may allow an authenticated use ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-39208 (Improper input validation in Zoom Desktop Client for Linux before vers ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-39201 (Untrusted search path in CleanZoom before file date 07/24/2023 may all ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2023-39150 (ConEmu before commit 230724 does not sanitize title responses correctl ...)
- TODO: check
+ NOT-FOR-US: ConEmu
CVE-2023-38164 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38163 (Windows Defender Attack Surface Reduction Security Feature Bypass)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38162 (DHCP Server Service Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38161 (Windows GDI Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38160 (Windows TCP/IP Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38156 (Azure HDInsight Apache Ambari Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38155 (Azure DevOps Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38152 (DHCP Server Service Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38150 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38149 (Windows TCP/IP Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38148 (Internet Connection Sharing (ICS) Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38147 (Windows Miracast Wireless Display Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38146 (Windows Themes Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38144 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38143 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38142 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38141 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38140 (Windows Kernel Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38139 (Windows Kernel Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-38076 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-38075 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-38074 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-38073 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-38072 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-38071 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-38070 (A vulnerability has been identified in JT2Go (All versions < V14.3.0.1 ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-37881 (Weak access control in Wing FTP Server (Admin Web Client) allows for p ...)
TODO: check
CVE-2023-37879 (Insecure storage of sensitive information in Wing FTP Server (User Web ...)
@@ -135,85 +135,85 @@ CVE-2023-37878 (Insecure default permissions in Wing FTP Server (Admin Web Clien
CVE-2023-37875 (Improper encoding or escaping of output in Wing FTP Server (User Web C ...)
TODO: check
CVE-2023-36886 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36805 (Windows MSHTML Platform Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36804 (Windows GDI Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36803 (Windows Kernel Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36802 (Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36801 (DHCP Server Service Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36800 (Dynamics Finance and Operations Cross-site Scripting Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36799 (.NET Core and Visual Studio Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36796 (Visual Studio Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36794 (Visual Studio Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36793 (Visual Studio Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36792 (Visual Studio Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36788 (.NET Framework Remote Code Execution Vulnerability)
TODO: check
CVE-2023-36777 (Microsoft Exchange Server Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36773 (3D Builder Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36772 (3D Builder Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36771 (3D Builder Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36770 (3D Builder Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36767 (Microsoft Office Security Feature Bypass Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36766 (Microsoft Excel Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36765 (Microsoft Office Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36764 (Microsoft SharePoint Server Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36763 (Microsoft Outlook Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36762 (Microsoft Word Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36761 (Microsoft Word Information Disclosure Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36760 (3D Viewer Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36759 (Visual Studio Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36758 (Visual Studio Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36757 (Microsoft Exchange Server Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36756 (Microsoft Exchange Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36745 (Microsoft Exchange Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36744 (Microsoft Exchange Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36742 (Visual Studio Code Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36740 (3D Viewer Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36739 (3D Viewer Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-36736 (Microsoft Identity Linux Broker Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-35355 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-34470 (AMI AptioV contains a vulnerability in BIOS where an Attacker may use ...)
TODO: check
CVE-2023-34469 (AMI AptioV contains a vulnerability in BIOS where an Attacker may use ...)
TODO: check
CVE-2023-33136 (Azure DevOps Server Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2023-XXXX [receiving with Lightning: partial MPP might be accepted]
- electrum 4.4.6+dfsg-1
NOTE: https://github.com/spesmilo/electrum/security/advisories/GHSA-8r85-vp7r-hjxf
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93272fd1f44f296ce880565f287fc8d1a3b37c39
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93272fd1f44f296ce880565f287fc8d1a3b37c39
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230912/a7abc46c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list