Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c226fc9f by Salvatore Bonaccorso at 2023-11-02T21:43:30+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,77 +31,77 @@ CVE-2023-5875 (Mattermost Desktop fails to correctlyhandle
permissions or prompt
CVE-2023-5860 (The Icons Font Loader plugin for WordPress is vulnerable to
arbitrary ...)
NOT-FOR-US: WordPress plugin
CVE-2023-5846 (Franklin Fueling System TS-550 versions prior to 1.9.23.8960
are vulne ...)
- TODO: check
+ NOT-FOR-US: Franklin Fueling System TS-550
CVE-2023-5606 (The ChatBot for WordPress is vulnerable to Stored Cross-Site
Scripting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-5035 (A vulnerability has been identified in PT-G503 Series firmware
version ...)
- TODO: check
+ NOT-FOR-US: PT-G503 Series firmware
CVE-2023-4217 (A vulnerability has been identified in PT-G503 Series versions
prior t ...)
- TODO: check
+ NOT-FOR-US: Moxa PT-G503 Series
CVE-2023-46925 (Reportico 7.1.21 is vulnerable to Cross Site Scripting (XSS).)
- TODO: check
+ NOT-FOR-US: Reportico
CVE-2023-46725 (FoodCoopShop is open source software for food coops and local
shops. V ...)
- TODO: check
+ NOT-FOR-US: FoodCoopShop
CVE-2023-46475 (A Stored Cross-Site Scripting vulnerability was discovered in
ZenTao 1 ...)
- TODO: check
+ NOT-FOR-US: ZenTao
CVE-2023-45347 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45346 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45345 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45344 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45343 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45342 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45341 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45340 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45339 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45338 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45337 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45336 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45335 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45334 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45333 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45332 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45331 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45330 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45329 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45328 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45327 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45326 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45325 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45324 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-45323 (Online Food Ordering System v1.0 is vulnerable to multiple
Unauthentic ...)
- TODO: check
+ NOT-FOR-US: Online Food Ordering System
CVE-2023-43336 (Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40,
15.0.16, and ...)
- TODO: check
+ NOT-FOR-US: Sangoma FreePBX
CVE-2023-43193 (Submitty before v22.06.00 is vulnerable to Cross Site
Scripting (XSS). ...)
- TODO: check
+ NOT-FOR-US: Submitty
CVE-2023-43087 (Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an
improper hand ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-43076 (Dell PowerScale OneFS 8.2.x,9.0.0.x-9.5.0.x contains a
denial-of-servi ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-42802 (GLPI is a free asset and IT management software package.
Starting in v ...)
TODO: check
CVE-2023-XXXX [VLC: OOW in MMS URL parsing]
@@ -31141,15 +31141,15 @@ CVE-2023-29049
CVE-2023-29048
RESERVED
CVE-2023-29047 (Imageconverter API endpoints provided methods that were not
sufficient ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29046 (Connections to external data sources, like e-mail
autoconfiguration, w ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29045 (Documents operations, in this case "drawing", could be
manipulated to ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29044 (Documents operations could be manipulated to contain invalid
data type ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29043 (Presentations may contain references to images, which are
user-control ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-29042
REJECTED
CVE-2023-29041
@@ -39314,15 +39314,15 @@ CVE-2023-26458 (An information disclosure
vulnerability exists in SAP Landscape
CVE-2023-26457 (SAP Content Server - version 7.53, does not sufficiently
encode user-c ...)
NOT-FOR-US: SAP
CVE-2023-26456 (Users were able to set an arbitrary "product name" for OX
Guard. The c ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26455 (RMI was not requiring authentication when calling
ChronosRMIService:se ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26454 (Requests to fetch image metadata could be abused to include
SQL querie ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26453 (Requests to cache an image could be abused to include SQL
queries that ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26452 (Requests to cache an image and return its metadata could be
abused to ...)
- TODO: check
+ NOT-FOR-US: Open-Xchange
CVE-2023-26451 (Functions with insufficient randomness were used to generate
authoriza ...)
NOT-FOR-US: OX App Suite
CVE-2023-26450 (The "OX Count" web service did not specify a media-type when
processin ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c226fc9f25985b65ba144e97dceea4a943fc29a9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c226fc9f25985b65ba144e97dceea4a943fc29a9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
