From 2c4ecbee2780aa4d941044709b6cf4db83b86887 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Mon, 4 Sep 2023 10:43:01 +0200 Subject: NFUs --- data/CVE/list | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index 7b0a2fe43d..b3ae508652 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -239,13 +239,13 @@ CVE-2023-41628 (An issue in O-RAN Software Community E2 G-Release allows attacke CVE-2023-41627 (O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the ...) NOT-FOR-US: O-RAN CVE-2023-41364 (In tine through 2023.01.14.325, the sort parameter of the /index.php e ...) - TODO: check + NOT-FOR-US: Tine groupware CVE-2023-41051 (In a typical Virtual Machine Monitor (VMM) there are several component ...) - rust-vm-memory (bug #1051101) NOTE: https://github.com/rust-vmm/vm-memory/security/advisories/GHSA-49hh-fprx-m68g NOTE: https://github.com/rust-vmm/vm-memory/commit/aff1dd4a5259f7deba56692840f7a2d9ca34c9c8 (v0.12.2) CVE-2023-41049 (@dcl/single-sign-on-client is an open source npm library which deals w ...) - TODO: check + NOT-FOR-US: Node @dcl/single-sign-on-client CVE-2023-41046 (XWiki Platform is a generic wiki platform offering runtime services fo ...) NOT-FOR-US: XWiki CVE-2023-40980 (File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before ...) @@ -269,7 +269,7 @@ CVE-2023-39710 (Multiple cross-site scripting (XSS) vulnerabilities in Free and CVE-2023-39703 (A cross site scripting (XSS) vulnerability in the Markdown Editor comp ...) NOT-FOR-US: Typora CVE-2023-39685 (An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial ...) - TODO: check + NOT-FOR-US: hjson-java CVE-2023-39631 (An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker t ...) NOT-FOR-US: LanChain-ai Langchain CVE-2023-39582 (SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allow ...) @@ -539,7 +539,7 @@ CVE-2023-3162 (The Stripe Payment Plugin for WooCommerce plugin for WordPress is CVE-2023-39139 (An issue in Archive v3.3.7 allows attackers to execute a path traversa ...) TODO: check CVE-2023-39138 (An issue in ZIPFoundation v0.9.16 allows attackers to execute a path t ...) - TODO: check + NOT-FOR-US: ZIPFoundation CVE-2023-39137 (An issue in Archive v3.3.7 allows attackers to spoof zip filenames whi ...) TODO: check CVE-2023-39136 (An unhandled edge case in the component _sanitizedPath of ZipArchive v ...) @@ -1063,7 +1063,7 @@ CVE-2023-39968 (jupyter-server is the backend for Jupyter web applications. Open CVE-2023-39650 (Theme Volty CMS Blog up to version v4.0.1 was discovered to contain a ...) NOT-FOR-US: Theme Volty CMS Blog CVE-2023-39059 (An issue in ansible semaphore v.2.8.90 allows a remote attacker to exe ...) - TODO: check + NOT-FOR-US: Ansible Semaphore CVE-2023-38969 (Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote a ...) NOT-FOR-US: Badaso CVE-2023-34725 (An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T5 ...) -- cgit v1.2.3