diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2023-08-07 12:14:02 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2023-08-07 12:14:02 +0200 |
| commit | 685659e3bd7b1c0458f296fb02277ebf903cd9a7 (patch) | |
| tree | c292d53ff085ff01a30fcfec9aab6604bd522d28 /data | |
| parent | f12080dc6682d35a07427ef03512cd8509ecba1f (diff) | |
NFUs
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 210 |
1 files changed, 105 insertions, 105 deletions
diff --git a/data/CVE/list b/data/CVE/list index f9e9198259..bdc9596b84 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -7,27 +7,27 @@ CVE-2023-4191 (A vulnerability, which was classified as critical, has been found CVE-2023-39903 (An issue was discovered in Fujitsu Software Infrastructure Manager (IS ...) NOT-FOR-US: Fujitsu Software Infrastructure Manager (ISM) CVE-2023-33913 (In DRM/oemcrypto, there is a possible out of bounds write due to an in ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2023-33912 (In Contacts service, there is a possible missing permission check.This ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2023-33911 (In vowifi service, there is a possible missing permission check.This c ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2023-33910 (In Contacts Service, there is a possible missing permission check.This ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2023-33909 (In Contacts service, there is a possible missing permission check.This ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2023-33908 (In ims service, there is a possible missing permission check. This cou ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2023-33907 (In Contacts Service, there is a possible missing permission check. Thi ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2023-33906 (In Contacts Service, there is a possible missing permission check.This ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2022-48579 (UnRAR before 6.2.3 allows extraction of files outside of the destinati ...) TODO: check CVE-2023-4196 (Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/co ...) - TODO: check + NOT-FOR-US: Cockpit CMS CVE-2023-4195 (PHP Remote File Inclusion in GitHub repository cockpit-hq/cockpit prio ...) - TODO: check + NOT-FOR-US: Cockpit CMS CVE-2023-4186 (A vulnerability was found in SourceCodester Pharmacy Management System ...) NOT-FOR-US: SourceCodester Pharmacy Management System CVE-2023-4185 (A vulnerability was found in SourceCodester Online Hospital Management ...) @@ -79,11 +79,11 @@ CVE-2023-34010 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability insub CVE-2023-32600 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) NOT-FOR-US: WordPress plugin CVE-2023-4189 (Cross-site Scripting (XSS) - Reflected in GitHub repository instantsof ...) - TODO: check + NOT-FOR-US: icms2 CVE-2023-4188 (SQL Injection in GitHub repository instantsoft/icms2 prior to 2.16.1-g ...) - TODO: check + NOT-FOR-US: icms2 CVE-2023-4187 (Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/i ...) - TODO: check + NOT-FOR-US: icms2 CVE-2023-4170 (A vulnerability was found in DedeBIZ 6.2.10. It has been rated as prob ...) NOT-FOR-US: DedeBIZ CVE-2023-4169 (A vulnerability was found in Ruijie RG-EW1200G 1.0(1)B1P5. It has been ...) @@ -147,9 +147,9 @@ CVE-2023-38707 CVE-2023-38702 (Knowage is an open source analytics and business intelligence suite. S ...) NOT-FOR-US: Knowage CVE-2023-38700 (matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to ver ...) - TODO: check + NOT-FOR-US: matrix-appservice-irc CVE-2023-38699 (MindsDB's AI Virtual Database allows developers to connect any AI/ML m ...) - TODO: check + NOT-FOR-US: MindsDB AI Virtual Database CVE-2023-38698 (Ethereum Name Service (ENS) is a distributed, open, and extensible nam ...) NOT-FOR-US: Ethereum Name Service (ENS) CVE-2023-38697 (protocol-http1 provides a low-level implementation of the HTTP/1 proto ...) @@ -161,9 +161,9 @@ CVE-2023-38697 (protocol-http1 provides a low-level implementation of the HTTP/1 CVE-2023-38696 REJECTED CVE-2023-38695 (cypress-image-snapshot shows visual regressions in Cypress with jest-i ...) - TODO: check + NOT-FOR-US: cypress-image-snapshot CVE-2023-38692 (CloudExplorer Lite is an open source, lightweight cloud management pla ...) - TODO: check + NOT-FOR-US: CloudExplorer Lite CVE-2023-38691 (matrix-appservice-bridge provides an API for setting up bridges. Start ...) TODO: check CVE-2023-38690 (matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to ver ...) @@ -194,21 +194,21 @@ CVE-2023-34038 (VMware Horizon Server contains an information disclosure vulnera CVE-2023-34037 (VMware Horizon Server contains a HTTP request smuggling vulnerability. ...) NOT-FOR-US: VMware CVE-2023-33379 (Connected IO v2.1.0 and prior has a misconfiguration in their MQTT bro ...) - TODO: check + NOT-FOR-US: Connected IO CVE-2023-33378 (Connected IO v2.1.0 and prior has an argument injection vulnerability ...) - TODO: check + NOT-FOR-US: Connected IO CVE-2023-33377 (Connected IO v2.1.0 and prior has an OS command injection vulnerabilit ...) - TODO: check + NOT-FOR-US: Connected IO CVE-2023-33376 (Connected IO v2.1.0 and prior has an argument injection vulnerability ...) - TODO: check + NOT-FOR-US: Connected IO CVE-2023-33375 (Connected IO v2.1.0 and prior has a stack-based buffer overflow vulner ...) - TODO: check + NOT-FOR-US: Connected IO CVE-2023-33374 (Connected IO v2.1.0 and prior has a command as part of its communicati ...) - TODO: check + NOT-FOR-US: Connected IO CVE-2023-33373 (Connected IO v2.1.0 and prior keeps passwords and credentials in clear ...) - TODO: check + NOT-FOR-US: Connected IO CVE-2023-33372 (Connected IO v2.1.0 and prior uses a hard-coded username/password pair ...) - TODO: check + NOT-FOR-US: Connected IO CVE-2022-4955 (Inappropriate implementation in DevTools in Google Chrome prior to 108 ...) TODO: check CVE-2023-4142 (The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Rem ...) @@ -394,7 +394,7 @@ CVE-2023-38747 (Heap-based buffer overflow vulnerability exists in CX-Programmer CVE-2023-38746 (Out-of-bounds read vulnerability/issue exists in CX-Programmer Include ...) NOT-FOR-US: CX-One CXONE-AL[][]D-V4 CVE-2023-38744 (Denial-of-service (DoS) vulnerability due to improper validation of sp ...) - TODO: check + NOT-FOR-US: OMRON CVE-2023-37679 (A remote command execution (RCE) vulnerability in NextGen Mirth Connec ...) NOT-FOR-US: NextGen Mirth Connect CVE-2023-37559 (After successful authentication as a user in multiple Codesys products ...) @@ -430,7 +430,7 @@ CVE-2023-37545 (In multiple Codesys products in multiple versions, after success CVE-2023-37364 (In WS-Inc J WBEM Server 4.7.4 before 4.7.5, the CIM-XML protocol adapt ...) NOT-FOR-US: WS-Inc J WBEM Server CVE-2023-36299 (A File Upload vulnerability in typecho v.1.2.1 allows a remote attacke ...) - TODO: check + NOT-FOR-US: typecho CVE-2023-36298 (DedeCMS v5.7.109 has a File Upload vulnerability, leading to remote co ...) NOT-FOR-US: DedeCMS CVE-2023-36255 (An issue in Eramba Limited Eramba Enterprise v.3.19.1 allows a remote ...) @@ -448,7 +448,7 @@ CVE-2023-35081 (A path traversal vulnerability in Ivanti EPMM versions (11.10.x CVE-2023-34196 (In the Keyfactor EJBCA before 8.0.0, the RA web certificate distributi ...) NOT-FOR-US: Keyfactor EJBCA CVE-2023-33666 (ai-dev aioptimizedcombinations before v0.1.3 was discovered to contain ...) - TODO: check + NOT-FOR-US: ai-dev aioptimizedcombinations CVE-2023-33371 (Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic ...) NOT-FOR-US: Control ID IDSecure CVE-2023-33370 (An uncaught exception vulnerability exists in Control ID IDSecure 4.7. ...) @@ -468,7 +468,7 @@ CVE-2023-33363 (An authentication bypass vulnerability exists in Suprema BioStar CVE-2023-32764 (Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate ...) NOT-FOR-US: Fabasoft Cloud Enterprise Client CVE-2023-2754 (The Cloudflare WARP client for Windows assigns loopback IPv4 addresses ...) - TODO: check + NOT-FOR-US: Cloudflare WARP client for Windows CVE-2023-4104 - mozillavpn <unfixed> (bug #1043004) NOTE: https://www.openwall.com/lists/oss-security/2023/08/03/1 @@ -11460,7 +11460,7 @@ CVE-2023-30960 (A security defect was discovered in Foundry job-tracker that ena CVE-2023-30959 RESERVED CVE-2023-30958 (A security defect was identified in Foundry Frontend that enabled user ...) - TODO: check + NOT-FOR-US: Palantir CVE-2023-30957 RESERVED CVE-2023-30956 (A security defect was identified in Foundry Comments that enabled a us ...) @@ -11472,11 +11472,11 @@ CVE-2023-30954 CVE-2023-30953 RESERVED CVE-2023-30952 (A security defect was discovered in Foundry Issues that enabled users ...) - TODO: check + NOT-FOR-US: Palantir CVE-2023-30951 (The Foundry Magritte plugin rest-source was found to be vulnerable to ...) - TODO: check + NOT-FOR-US: Palantir CVE-2023-30950 (The foundry campaigns service was found to be vulnerable to an unauthe ...) - TODO: check + NOT-FOR-US: Palantir CVE-2023-30949 (A missing origin validation in Slate sandbox could be exploited by a m ...) NOT-FOR-US: Palantir CVE-2023-30948 (A security defect in Foundry's Comments functionality resulted in the ...) @@ -13228,7 +13228,7 @@ CVE-2023-30493 CVE-2023-30492 RESERVED CVE-2023-30491 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeBard ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-30490 RESERVED CVE-2023-30489 @@ -13724,7 +13724,7 @@ CVE-2023-30299 CVE-2023-30298 RESERVED CVE-2023-30297 (An issue found in N-able Technologies N-central Server before 2023.4 a ...) - TODO: check + NOT-FOR-US: N-able Technologies N-central Server CVE-2023-30296 RESERVED CVE-2023-30295 @@ -15002,7 +15002,7 @@ CVE-2023-29691 CVE-2023-29690 RESERVED CVE-2023-29689 (PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that ...) - TODO: check + NOT-FOR-US: PyroCMS CVE-2023-29688 RESERVED CVE-2023-29687 @@ -15510,7 +15510,7 @@ CVE-2023-29507 (XWiki Commons are technical libraries common to several other to CVE-2023-29506 (XWiki Commons are technical libraries common to several other top leve ...) NOT-FOR-US: XWiki CVE-2023-29505 (An issue was discovered in Zoho ManageEngine Network Configuration Man ...) - TODO: check + NOT-FOR-US: Zoho CVE-2023-28393 RESERVED CVE-2023-1942 (A vulnerability has been found in SourceCodester Online Computer and L ...) @@ -23916,7 +23916,7 @@ CVE-2023-26981 CVE-2023-26980 (PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition ...) NOT-FOR-US: PAX Technology PAX A920 Pro PayDroid CVE-2023-26979 (Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 ...) - TODO: check + NOT-FOR-US: Bluetens Electrostimulation Device BluetensQ CVE-2023-26978 (TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a com ...) NOT-FOR-US: TOTOLINK CVE-2023-26977 @@ -25606,7 +25606,7 @@ CVE-2023-0958 (Several plugins for WordPress by Inisev are vulnerable to unautho CVE-2023-0957 (An issue was discovered in Gitpod versions prior to release-2022.11.2. ...) NOT-FOR-US: Gitpod CVE-2023-0956 (External input could be used on TEL-STER TelWin SCADA WebInterface to ...) - TODO: check + NOT-FOR-US: TEL-STER TelWin SCADA WebInterface CVE-2023-0955 (The WP Statistics WordPress plugin before 14.0 does not escape a param ...) NOT-FOR-US: WordPress plugin CVE-2023-0954 (A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and ...) @@ -28065,7 +28065,7 @@ CVE-2022-48318 (No authorisation controls in the RestAPI documentation for Tribe CVE-2022-48317 (Expired sessions were not securely terminated in the RestAPI for Tribe ...) - check-mk <removed> CVE-2023-25600 (An issue was discovered in InsydeH2O. A malicious operating system can ...) - TODO: check + NOT-FOR-US: InsydeH2O CVE-2023-25599 (A vulnerability in the conferencing component of Mitel MiVoice Connect ...) NOT-FOR-US: Mitel CVE-2023-25598 (A vulnerability in the conferencing component of Mitel MiVoice Connect ...) @@ -28323,7 +28323,7 @@ CVE-2023-25526 CVE-2023-25525 RESERVED CVE-2023-25524 (NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a ...) - TODO: check + NOT-FOR-US: NVIDIA CVE-2023-25523 (NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ...) - nvidia-cuda-toolkit <unfixed> (unimportant; bug #1042766) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5469 @@ -31018,7 +31018,7 @@ CVE-2023-22431 CVE-2023-22311 RESERVED CVE-2023-0525 (Weak Encoding for Password vulnerability in Mitsubishi Electric Corpor ...) - TODO: check + NOT-FOR-US: PyroCMS CVE-2023-0524 (As part of our Security Development Lifecycle, a potential privilege e ...) NOT-FOR-US: Tenable CVE-2023-0523 (An issue has been discovered in GitLab affecting all versions starting ...) @@ -32752,9 +32752,9 @@ CVE-2023-0428 (The Watu Quiz WordPress plugin before 3.3.8.2 does not sanitise a CVE-2023-0427 RESERVED CVE-2023-0426 (ABB is aware of vulnerabilities in the product versions listed below. ...) - TODO: check + NOT-FOR-US: ABB CVE-2023-0425 (ABB is aware of vulnerabilities in the product versions listed below. ...) - TODO: check + NOT-FOR-US: ABB CVE-2023-0424 (The MS-Reviews WordPress plugin through 1.5 does not sanitise and esca ...) NOT-FOR-US: WordPress plugin CVE-2023-0423 (The WordPress Amazon S3 Plugin WordPress plugin before 1.6 does not sa ...) @@ -38917,11 +38917,11 @@ CVE-2023-22366 (CX-Motion-MCH v2.32 and earlier contains an access of uninitiali CVE-2023-22357 (Active debug code exists in OMRON CP1L-EL20DR-D all versions, which ma ...) NOT-FOR-US: OMROM CVE-2023-22317 (Use after free vulnerability exists in CX-Programmer Ver.9.79 and earl ...) - TODO: check + NOT-FOR-US: CX-Programmer CVE-2023-22314 (Use after free vulnerability exists in CX-Programmer Ver.9.79 and earl ...) - TODO: check + NOT-FOR-US: CX-Programmer CVE-2023-22277 (Use after free vulnerability exists in CX-Programmer Ver.9.79 and earl ...) - TODO: check + NOT-FOR-US: CX-Programmer CVE-2023-0026 (An Improper Input Validation vulnerability in the Routing Protocol Dae ...) NOT-FOR-US: Juniper CVE-2022-47968 (Heimdall Application Dashboard through 2.5.4 allows reflected and stor ...) @@ -42518,9 +42518,9 @@ CVE-2022-47353 CVE-2022-47352 RESERVED CVE-2022-47351 (In camera driver, there is a possible out of bounds read due to a miss ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2022-47350 (In camera driver, there is a possible out of bounds read due to a miss ...) - TODO: check + NOT-FOR-US: Unisoc CVE-2022-47349 RESERVED CVE-2022-47348 (In engineermode services, there is a missing permission check. This co ...) @@ -44043,7 +44043,7 @@ CVE-2022-46784 (SquaredUp Dashboard Server SCOM edition before 5.7.1 GA allows o CVE-2022-46783 RESERVED CVE-2022-46782 (An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A ...) - TODO: check + NOT-FOR-US: Stormshield SSL VPN Client CVE-2022-46781 (An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privi ...) NOT-FOR-US: Arm Mali GPU Kernel Driver CVE-2022-46780 @@ -47952,7 +47952,7 @@ CVE-2022-4048 (Inadequate Encryption Strength in CODESYS Development System V3 v CVE-2022-4047 (The Return Refund and Exchange For WooCommerce WordPress plugin before ...) NOT-FOR-US: WordPress plugin CVE-2022-4046 (In CODESYS Control in multiple versions a improper restriction of oper ...) - TODO: check + NOT-FOR-US: CODESYS CVE-2022-4045 (A denial-of-service vulnerability in the Mattermost allows an authenti ...) - mattermost-server <itp> (bug #823556) CVE-2022-4044 (A denial-of-service vulnerability in Mattermost allows an authenticate ...) @@ -50247,17 +50247,17 @@ CVE-2023-21414 CVE-2023-21413 RESERVED CVE-2023-21412 (User provided input is not sanitized on the AXIS License Plate Verifie ...) - TODO: check + NOT-FOR-US: AXIS License Plate Verifier CVE-2023-21411 (User provided input is not sanitized in the \u201cSettings > Access Co ...) - TODO: check + NOT-FOR-US: AXIS License Plate Verifier CVE-2023-21410 (User provided input is not sanitized on the AXIS License Plate Verifie ...) - TODO: check + NOT-FOR-US: AXIS License Plate Verifier CVE-2023-21409 (Due to insufficient file permissions, unprivileged users could gain ac ...) - TODO: check + NOT-FOR-US: AXIS License Plate Verifier CVE-2023-21408 (Due to insufficient file permissions, unprivileged users could gain ac ...) - TODO: check + NOT-FOR-US: AXIS License Plate Verifier CVE-2023-21407 (A broken access control was found allowing for privileged escalation o ...) - TODO: check + NOT-FOR-US: AXIS License Plate Verifier CVE-2023-21406 (Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A ...) NOT-FOR-US: AXIS CVE-2023-21405 (Knud from Fraktal.fi has found a flaw in some Axis Network Door Contro ...) @@ -53323,83 +53323,83 @@ CVE-2023-20820 CVE-2023-20819 RESERVED CVE-2023-20818 (In wlan service, there is a possible out of bounds read due to imprope ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20817 (In wlan service, there is a possible out of bounds write due to improp ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20816 (In wlan service, there is a possible out of bounds write due to improp ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20815 (In wlan service, there is a possible out of bounds write due to improp ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20814 (In wlan service, there is a possible out of bounds write due to improp ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20813 (In wlan service, there is a possible out of bounds read due to imprope ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20812 (In wlan driver, there is a possible out of bounds write due to imprope ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20811 (In IOMMU, there is a possible out of bounds write due to a missing bou ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20810 (In IOMMU, there is a possible information disclosure due to improper i ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20809 (In vdec, there is a possible out of bounds write due to a missing boun ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20808 (In OPTEE, there is a possible out of bounds write due to a missing bou ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20807 (In dpe, there is a possible out of bounds write due to a missing bound ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20806 (In hcp, there is a possible out of bounds write due to a missing bound ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20805 (In imgsys, there is a possible out of bounds write due to a missing bo ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20804 (In imgsys, there is a possible out of bounds write due to a missing bo ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20803 (In imgsys, there is a possible memory corruption due to improper input ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20802 (In imgsys, there is a possible memory corruption due to improper input ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20801 (In imgsys,there is a possible use after free due to a race condition. ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20800 (In imgsys, there is a possible system crash due to a mssing ptr check. ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20799 RESERVED CVE-2023-20798 (In pda, there is a possible out of bounds read due to an incorrect cal ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20797 (In camera middleware, there is a possible out of bounds write due to a ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20796 (In power, there is a possible memory corruption due to an incorrect bo ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20795 (In ril, there is a possible out of bounds write due to a missing bound ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20794 RESERVED CVE-2023-20793 (In apu, there is a possible memory corruption due to a missing bounds ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20792 RESERVED CVE-2023-20791 RESERVED CVE-2023-20790 (In nvram, there is a possible out of bounds write due to a missing bou ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20789 (In jpeg, there is a possible information disclosure due to a missing b ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20788 (In thermal, there is a possible use after free due to a race condition ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20787 (In thermal, there is a possible use after free due to a race condition ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20786 (In gps, there is a possible out of bounds write due to a missing bound ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20785 (In audio, there is a possible out of bounds write due to a missing bou ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20784 (In keyinstall, there is a possible out of bounds write due to a missin ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20783 (In keyinstall, there is a possible out of bounds write due to a missin ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20782 (In keyinstall, there is a possible information disclosure due to a mis ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20781 (In keyinstall, there is a possible memory corruption due to a missing ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20780 (In keyinstall, there is a possible information disclosure due to a mis ...) - TODO: check + NOT-FOR-US: MediaTek CVE-2023-20779 RESERVED CVE-2023-20778 @@ -54595,15 +54595,15 @@ CVE-2023-20220 CVE-2023-20219 RESERVED CVE-2023-20218 (A vulnerability in web-based management interface of Cisco SPA500 Seri ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20217 RESERVED CVE-2023-20216 (A vulnerability in the privilege management functionality of all Cisco ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20215 (A vulnerability in the scanning engines of Cisco AsyncOS Software for ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20214 (A vulnerability in the request authentication validation for the REST ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20213 RESERVED CVE-2023-20212 @@ -54623,7 +54623,7 @@ CVE-2023-20206 CVE-2023-20205 RESERVED CVE-2023-20204 (A vulnerability in the web-based management interface of Cisco BroadWo ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20203 RESERVED CVE-2023-20202 @@ -54669,7 +54669,7 @@ CVE-2023-20183 (Multiple vulnerabilities in the API of Cisco DNA Center Software CVE-2023-20182 (Multiple vulnerabilities in the API of Cisco DNA Center Software could ...) NOT-FOR-US: Cisco CVE-2023-20181 (A vulnerability in the web-based management interface of Cisco Small B ...) - TODO: check + NOT-FOR-US: Cisco CVE-2023-20180 (A vulnerability in the web interface of Cisco Webex Meetings could all ...) NOT-FOR-US: Cisco CVE-2023-20179 @@ -81409,7 +81409,7 @@ CVE-2022-34455 CVE-2022-34454 (Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buff ...) NOT-FOR-US: Dell CVE-2022-34453 (Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper acc ...) - TODO: check + NOT-FOR-US: Dell CVE-2022-34452 (PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* con ...) NOT-FOR-US: Dell CVE-2022-34451 (PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* co ...) @@ -97989,7 +97989,7 @@ CVE-2022-28613 (A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energ CVE-2022-28610 RESERVED CVE-2022-26838 (Path traversal vulnerability in Importing Mobile Device Data of Cybozu ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2022-1231 (XSS via Embedded SVG in SVG Diagram Format in GitHub repository plantu ...) - plantuml <unfixed> (bug #1039989) [bookworm] - plantuml <no-dsa> (Minor issue) @@ -207512,7 +207512,7 @@ CVE-2020-26084 (A vulnerability in the REST API of Cisco Edge Fog Fabric could a CVE-2020-26083 (A vulnerability in the web-based management interface of Cisco Identit ...) NOT-FOR-US: Cisco CVE-2020-26082 (A vulnerability in the zip decompression engine of Cisco AsyncOS Softw ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-26081 (Multiple vulnerabilities in the web UI of Cisco IoT Field Network Dire ...) NOT-FOR-US: Cisco CVE-2020-26080 (A vulnerability in the user management functionality of Cisco IoT Fiel ...) @@ -207546,9 +207546,9 @@ CVE-2020-26067 CVE-2020-26066 RESERVED CVE-2020-26065 (A vulnerability in the web-based management interface of Cisco SD-WAN ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-26064 (A vulnerability in the web UI of Cisco SD-WAN vManage Software could a ...) - TODO: check + NOT-FOR-US: Cisco CVE-2020-26063 RESERVED CVE-2020-26062 @@ -213529,7 +213529,7 @@ CVE-2020-23566 (Irfanview v4.53 was discovered to contain an infinity loop via J CVE-2020-23565 (Irfanview v4.53 allows attackers to execute arbitrary code via a craft ...) NOT-FOR-US: IrfanView CVE-2020-23564 (File Upload vulnerability in SEMCMS 3.9 allows remote attackers to run ...) - TODO: check + NOT-FOR-US: SEMCMS CVE-2020-23563 (IrfanView 4.54 allows a user-mode write access violation starting at F ...) NOT-FOR-US: IrfanView CVE-2020-23562 (IrfanView 4.54 allows a user-mode write access violation starting at F ...) @@ -219521,7 +219521,7 @@ CVE-2020-20810 CVE-2020-20809 RESERVED CVE-2020-20808 (Cross Site Scripting vulnerability in Qibosoft qibosoft v.7 and before ...) - TODO: check + NOT-FOR-US: Qibosoft CVE-2020-20807 RESERVED CVE-2020-20806 |