Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f4ac4c64 by Salvatore Bonaccorso at 2023-10-23T22:49:25+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30077,11 +30077,11 @@ CVE-2023-28807
CVE-2023-28806
RESERVED
CVE-2023-28805 (An Improper Input Validation vulnerability in Zscaler Client
Connector ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28804 (An Improper Verification of Cryptographic Signature
vulnerability in Z ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28803 (An authentication bypass by spoofing of a device with a
synthetic IP a ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28802
RESERVED
CVE-2023-28801 (An Improper Verification of Cryptographic Signature in the
SAML authen ...)
@@ -30093,15 +30093,15 @@ CVE-2023-28799 (A URL parameter during login flow was
vulnerable to injection. A
CVE-2023-28798
RESERVED
CVE-2023-28797 (Zscaler Client Connector for Windows before 4.1 writes/deletes
a confi ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28796 (Improper Verification of Cryptographic Signature vulnerability
in Zsca ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28795 (Origin Validation Error vulnerability in Zscaler Client
Connector on L ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28794
RESERVED
CVE-2023-28793 (Buffer overflow vulnerability in the signelf library used by
Zscaler C ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2023-28792 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
I Thirte ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28791 (Cross-Site Request Forgery (CSRF) vulnerability in Gangesh
Matta Simpl ...)
@@ -35574,15 +35574,15 @@ CVE-2023-27154
CVE-2023-27153
RESERVED
CVE-2023-27152 (DECISO OPNsense 23.1 does not impose rate limits for
authentication, a ...)
- TODO: check
+ NOT-FOR-US: DECISO OPNsense
CVE-2023-27151
RESERVED
CVE-2023-27150
RESERVED
CVE-2023-27149 (A stored cross-site scripting (XSS) vulnerability in
Enhancesoft osTic ...)
- TODO: check
+ NOT-FOR-US: Enhancesoft osTicket
CVE-2023-27148 (A stored cross-site scripting (XSS) vulnerability in the Admin
panel i ...)
- TODO: check
+ NOT-FOR-US: Enhancesoft osTicket
CVE-2023-27147
RESERVED
CVE-2023-27146
@@ -186543,15 +186543,15 @@ CVE-2021-26740 (Arbitrary file upload vulnerability
sysupload.php in millken doy
CVE-2021-26739 (SQL Injection vulnerability in pay.php in millken doyocms 2.3,
allows ...)
NOT-FOR-US: doyocms
CVE-2021-26738 (Zscaler Client Connector for macOS prior to 3.7 had an
unquoted search ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26737 (The Zscaler Client Connector for macOS prior to 3.6 did not
sufficient ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26736 (Multiple vulnerabilities in the Zscaler Client Connector
Installer and ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26735 (The Zscaler Client Connector Installer and Unsintallers for
Windows pr ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26734 (Zscaler Client Connector Installer on Windows before version
3.4.0.124 ...)
- TODO: check
+ NOT-FOR-US: Zscaler Client Connector
CVE-2021-26733 (A broken access control vulnerability in the
FirstReset_handler_func f ...)
NOT-FOR-US: Lanner Inc IAC-AST2500A standard firmware
CVE-2021-26732 (A broken access control vulnerability in the
First_network_func functi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4ac4c642eac8a38655439d911ec48400fe7b1f5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4ac4c642eac8a38655439d911ec48400fe7b1f5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
