Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9bacd814 by Salvatore Bonaccorso at 2023-05-02T23:20:11+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,25 +1,25 @@
CVE-2023-32007 (** UNSUPPORTED WHEN ASSIGNED ** The Apache Spark UI offers the
possibi ...)
- apache-spark <itp> (bug #802194)
CVE-2023-31435 (Multiple components (such as Onlinetemplate-Verwaltung, Liste
aller Te ...)
- TODO: check
+ NOT-FOR-US: evasys
CVE-2023-31434 (The parameters nutzer_titel, nutzer_vn, and nutzer_nn in the
user prof ...)
- TODO: check
+ NOT-FOR-US: evasys
CVE-2023-31433 (A SQL injection issue in Logbuch in evasys before 8.2 Build
2286 and 9 ...)
- TODO: check
+ NOT-FOR-US: evasys
CVE-2023-2479 (OS Command Injection in GitHub repository appium/appium-desktop
prior ...)
TODO: check
CVE-2023-2477 (A vulnerability was found in Funadmin up to 3.2.3. It has been
declare ...)
- TODO: check
+ NOT-FOR-US: Funadmin
CVE-2023-2476 (A vulnerability was found in Dromara J2eeFAST up to 2.6.0. It
has been ...)
- TODO: check
+ NOT-FOR-US: Dromara J2eeFAST
CVE-2023-2475 (A vulnerability was found in Dromara J2eeFAST up to 2.6.0 and
classifi ...)
- TODO: check
+ NOT-FOR-US: Dromara J2eeFAST
CVE-2023-2474 (A vulnerability has been found in Rebuild 3.2 and classified as
proble ...)
- TODO: check
+ NOT-FOR-US: Rebuild
CVE-2023-2473 (A vulnerability was found in Dreamer CMS up to 4.1.3. It has
been decl ...)
- TODO: check
+ NOT-FOR-US: Dreamer CMS
CVE-2023-2445 (Improper access control in Subscriptions Folder path filter in
Devolut ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2022-48483 (3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows
unauthentica ...)
NOT-FOR-US: 3CX
CVE-2022-48482 (3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on
Windows all ...)
@@ -1372,7 +1372,7 @@ CVE-2023-30871
CVE-2023-30870
RESERVED
CVE-2023-30869 (Improper Authentication vulnerability in Easy Digital
Downloads plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-30868
RESERVED
CVE-2023-30867
@@ -2622,7 +2622,7 @@ CVE-2023-2002
CVE-2023-2001
RESERVED
CVE-2023-2000 (Mattermost Desktop App fails to validate a mattermost server
redirecti ...)
- TODO: check
+ NOT-FOR-US: Mattermost Desktop App
CVE-2023-1999
RESERVED
{DSA-5392-1 DSA-5385-1 DLA-3400-1 DLA-3391-1}
@@ -3023,7 +3023,7 @@ CVE-2023-30405 (A cross-site scripting (XSS)
vulnerability in Aigital Wireless-N
CVE-2023-30404 (Aigital Wireless-N Repeater Mini_Router v0.131229 was
discovered to co ...)
NOT-FOR-US: Aigital Wireless-N Repeater Mini_Router
CVE-2023-30403 (An issue in the time-based authentication mechanism of Aigital
Aigital ...)
- TODO: check
+ NOT-FOR-US: Aigital
CVE-2023-30402 (YASM v1.3.0 was discovered to contain a heap overflow via the
function ...)
- yasm <unfixed> (unimportant)
NOTE: https://github.com/yasm/yasm/issues/206
@@ -3997,7 +3997,7 @@ CVE-2023-29920
CVE-2023-29919
RESERVED
CVE-2023-29918 (RosarioSIS 10.8.4 is vulnerable to CSV injection via the
Periods Modul ...)
- TODO: check
+ NOT-FOR-US: RosarioSIS
CVE-2023-29917 (H3C Magic R200 version R200V100R004 was discovered to contain
a stack ...)
NOT-FOR-US: H3C
CVE-2023-29916 (H3C Magic R200 version R200V100R004 was discovered to contain
a stack ...)
@@ -4121,7 +4121,7 @@ CVE-2023-29858
CVE-2023-29857
RESERVED
CVE-2023-29856 (D-Link DIR-868L Hardware version A1, firmware version 1.12 is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2023-29855 (WBCE CMS 1.5.3 has a command execution vulnerability via
admin/languag ...)
NOT-FOR-US: WBCE CMS
CVE-2023-29854 (DirCMS 6.0.0 has a Cross Site Scripting (XSS) vulnerability in
the for ...)
@@ -4277,7 +4277,7 @@ CVE-2023-29780 (Third Reality Smart Blind 1.00.54
contains a denial-of-service v
CVE-2023-29779 (Sengled Dimmer Switch V0.0.9 contains a denial of service
(DOS) vulner ...)
NOT-FOR-US: Sengled Dimmer Switch
CVE-2023-29778 (GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command
Injection v ...)
- TODO: check
+ NOT-FOR-US: GL.iNET
CVE-2023-29777
RESERVED
CVE-2023-29776
@@ -4289,7 +4289,7 @@ CVE-2023-29774 (Dreamer CMS 3.0.1 is vulnerable to stored
Cross Site Scripting (
CVE-2023-29773
RESERVED
CVE-2023-29772 (A Cross-site scripting (XSS) vulnerability in the System
Log/General L ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2023-29771
RESERVED
CVE-2023-29770
@@ -10731,7 +10731,7 @@ CVE-2023-1198 (Improper Neutralization of Special
Elements used in an SQL Comman
CVE-2023-1197 (Cross-site Scripting (XSS) - Stored in GitHub repository
uvdesk/commun ...)
NOT-FOR-US: UVdesk
CVE-2023-1196 (The Advanced Custom Fields (ACF) Free and Pro WordPress plugins
6.x be ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-1195
RESERVED
- linux 6.1.4-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bacd8143606b0c1d52db10bc262b9e52f871cb4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bacd8143606b0c1d52db10bc262b9e52f871cb4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
