[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 27 21:21:05 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7d8ac380 by Salvatore Bonaccorso at 2023-09-27T22:20:27+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,135 +1,135 @@
CVE-2023-5223 (A vulnerability, which was classified as critical, has been found in H ...)
- TODO: check
+ NOT-FOR-US: HimitZH HOJ
CVE-2023-5222 (A vulnerability classified as critical was found in Viessmann Vitogate ...)
- TODO: check
+ NOT-FOR-US: Viessmann Vitogate
CVE-2023-5221 (A vulnerability classified as critical has been found in ForU CMS. Thi ...)
- TODO: check
+ NOT-FOR-US: ForU CMS
CVE-2023-5184 (Two potential signed to unsigned conversion errors and buffer overflow ...)
- TODO: check
+ NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
CVE-2023-4523 (Real Time Automation 460 Series products with versions prior to v8.9.8 ...)
- TODO: check
+ NOT-FOR-US: Real Time Automation 460 Series products
CVE-2023-4129 (Dell Data Protection Central, version 19.9, contains an Inadequate Enc ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-4003 (One Identity Password Manager version 5.9.7.1 -An unauthenticated atta ...)
- TODO: check
+ NOT-FOR-US: One Identity Password Manager
CVE-2023-44207 (Stored cross-site scripting (XSS) vulnerability in protection plan nam ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44206 (Sensitive information disclosure and manipulation due to improper auth ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44205 (Sensitive information disclosure due to improper authorization. The fo ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44161 (Sensitive information manipulation due to cross-site request forgery. ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44160 (Sensitive information manipulation due to cross-site request forgery. ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44159 (Sensitive information disclosure due to cleartext storage of sensitive ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44158 (Sensitive information disclosure due to insufficient token field maski ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44157 (Local privilege escalation due to insecure folder permissions. The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44156 (Sensitive information disclosure due to spell-jacking. The following p ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44155 (Sensitive information leak through log files. The following products a ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44154 (Sensitive information disclosure and manipulation due to improper auth ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44153 (Sensitive information disclosure due to cleartext storage of sensitive ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44152 (Sensitive information disclosure and manipulation due to improper auth ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2023-44129 (The vulnerability is that the Messaging ("com.android.mms") app patche ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44128 (he vulnerability is to delete arbitrary files in LGInstallService ("co ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44127 (he vulnerability is that the Call management ("com.android.server.tele ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44126 (The vulnerability is that the Call management ("com.android.server.tel ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44125 (The vulnerability is the use of implicit PendingIntents without the Pe ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44124 (The vulnerability is to theft of arbitrary files with system privilege ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44123 (The vulnerability is the use of implicit PendingIntents with the Pendi ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44122 (The vulnerability is to theft of arbitrary files with system privilege ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44121 (The vulnerability is an intent redirection in LG ThinQ Service ("com.l ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2023-44048 (Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scri ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Expense Tracker App
CVE-2023-44047 (Sourcecodester Toll Tax Management System v1 is vulnerable to SQL Inje ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Toll Tax Management System
CVE-2023-44023 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44022 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44021 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44020 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44019 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44018 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44017 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44016 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44015 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44014 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-44013 (Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discover ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2023-43830 (A Cross-site scripting (XSS) vulnerability in /panel/configuration/fin ...)
- TODO: check
+ NOT-FOR-US: Subrion CMS
CVE-2023-43828 (A Cross-site scripting (XSS) vulnerability in /panel/languages/ of Sub ...)
- TODO: check
+ NOT-FOR-US: Subrion CMS
CVE-2023-43652 (JumpServer is an open source bastion host. As an unauthenticated user, ...)
- TODO: check
+ NOT-FOR-US: JumpServer
CVE-2023-43650 (JumpServer is an open source bastion host. The verification code for r ...)
- TODO: check
+ NOT-FOR-US: JumpServer
CVE-2023-43125 (BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2023-43124 (BIG-IP APM clients may send IP traffic outside of the VPN tunnel.Note: ...)
- TODO: check
+ NOT-FOR-US: F5 BIG-IP
CVE-2023-42822 (xrdp is an open source remote desktop protocol server. Access to the f ...)
TODO: check
CVE-2023-42657 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traver ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-42487 (Soundminer \u2013 CWE-22: Improper Limitation of a Pathname to a Restr ...)
TODO: check
CVE-2023-42486 (Fortect - CWE-428: Unquoted Search Path or Element, may be used by loc ...)
- TODO: check
+ NOT-FOR-US: Fortect
CVE-2023-41653 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Beplus S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41242 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Hass ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41241 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sure ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41238 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ultimate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41237 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-41236 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Happy ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-41235 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2023-40333 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Qode Int ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-40049 (In WS_FTP Server version prior to 8.8.2, an unauthenticated user cou ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40048 (In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager i ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40047 (In WS_FTP Server version prior to 8.8.2,a stored cross-site scripting ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40046 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a SQL injection ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40045 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a reflected cros ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-40044 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticate ...)
- TODO: check
+ NOT-FOR-US: Progress WS_FTP Server
CVE-2023-33972 (Scylladb is a NoSQL data store using the seastar framework, compatible ...)
TODO: check
CVE-2023-32458 (Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack relea ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d8ac38002eb3f765c1d6feb20ac458fb9bd5e16
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d8ac38002eb3f765c1d6feb20ac458fb9bd5e16
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230927/fd6a31b4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list