Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6eb1486c by security tracker role at 2023-01-15T08:10:11+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2023-23596
+ RESERVED
+CVE-2023-23595 (BlueCat Device Registration Portal 2.2 allows XXE attacks that
exfiltr ...)
+ TODO: check
+CVE-2023-23594
+ RESERVED
+CVE-2023-23593
+ RESERVED
+CVE-2023-23592
+ RESERVED
+CVE-2023-23591
+ RESERVED
+CVE-2023-0302 (Failure to Sanitize Special Elements into a Different Plane
(Special E ...)
+ TODO: check
CVE-2023-0301 (Cross-site Scripting (XSS) - Stored in GitHub repository
alfio-event/a ...)
NOT-FOR-US: Alf.io
CVE-2023-0300 (Cross-site Scripting (XSS) - Reflected in GitHub repository
alfio-even ...)
@@ -36,8 +50,8 @@ CVE-2014-125078
RESERVED
CVE-2014-125077
RESERVED
-CVE-2023-23590
- RESERVED
+CVE-2023-23590 (Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote
attackers ...)
+ TODO: check
CVE-2023-0298 (Improper Authorization in GitHub repository
firefly-iii/firefly-iii pr ...)
TODO: check
CVE-2023-0297 (Code Injection in GitHub repository pyload/pyload prior to
0.5.0b3.dev ...)
@@ -52,8 +66,8 @@ CVE-2023-0293 (The Mediamatic – Media Library Folders
plugin for WordPress
NOT-FOR-US: Mediamatic Media Library Folders plugin for WordPress
CVE-2017-20169 (A vulnerability, which was classified as critical, has been
found in G ...)
NOT-FOR-US: GGGGGGGG ToN-MasterServer
-CVE-2015-10043
- RESERVED
+CVE-2015-10043 (A vulnerability, which was classified as critical, was found
in abreen ...)
+ TODO: check
CVE-2015-10042 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as
critical ...)
NOT-FOR-US: Dovgalyuk AIBattle
CVE-2015-10041 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as
critical ...)
@@ -1816,8 +1830,8 @@ CVE-2023-0146
RESERVED
CVE-2023-0145
RESERVED
-CVE-2017-20167
- RESERVED
+CVE-2017-20167 (A vulnerability, which was classified as problematic, was
found in Min ...)
+ TODO: check
CVE-2016-15017 (A vulnerability has been found in fabarea media_upload and
classified ...)
NOT-FOR-US: fabarea media_upload
CVE-2014-125073 (A vulnerability was found in mapoor voteapp. It has been
rated as crit ...)
@@ -2210,8 +2224,8 @@ CVE-2015-10022 (A vulnerability was found in IISH nlgis2.
It has been declared a
NOT-FOR-US: IISH nlgis2
CVE-2015-10021 (A vulnerability was found in ritterim definely. It has been
classified ...)
NOT-FOR-US: ritterim
-CVE-2015-10020
- RESERVED
+CVE-2015-10020 (A vulnerability has been found in ssn2013 cis450Project and
classified ...)
+ TODO: check
CVE-2015-10019 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: MySimplifiedSQL
CVE-2014-125063 (A vulnerability was found in ada-l0velace Bid and classified
as critic ...)
@@ -15244,12 +15258,14 @@ CVE-2022-44795 (An issue was discovered in Object
First 1.0.7.712. A flaw was fo
CVE-2022-44794 (An issue was discovered in Object First 1.0.7.712. Management
protocol ...)
NOT-FOR-US: Object First
CVE-2022-44793 (handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c
in Net-S ...)
+ {DLA-3270-1}
- net-snmp 5.9.3+dfsg-2 (bug #1024020)
[bullseye] - net-snmp <no-dsa> (Minor issue)
NOTE: https://github.com/net-snmp/net-snmp/issues/475
NOTE:
https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f
NOTE:
https://github.com/net-snmp/net-snmp/commit/be804106fd0771a7d05236cff36e199af077af57
CVE-2022-44792 (handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in
Net-SNMP ...)
+ {DLA-3270-1}
- net-snmp 5.9.3+dfsg-2 (bug #1024020)
[bullseye] - net-snmp <no-dsa> (Minor issue)
NOTE: https://github.com/net-snmp/net-snmp/issues/474
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6eb1486cbcedb1e1829e5cc0488e30b4c80acc43
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6eb1486cbcedb1e1829e5cc0488e30b4c80acc43
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
