Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
81ef75ff by security tracker role at 2023-02-17T20:10:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,185 @@
+CVE-2023-26030
+ RESERVED
+CVE-2023-26029
+ RESERVED
+CVE-2023-26028
+ RESERVED
+CVE-2023-26027
+ RESERVED
+CVE-2023-26026
+ RESERVED
+CVE-2023-26025
+ RESERVED
+CVE-2023-26024
+ RESERVED
+CVE-2023-26023
+ RESERVED
+CVE-2023-26022
+ RESERVED
+CVE-2023-26021
+ RESERVED
+CVE-2023-26020 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2023-26019
+ RESERVED
+CVE-2023-26018
+ RESERVED
+CVE-2023-26017
+ RESERVED
+CVE-2023-26016
+ RESERVED
+CVE-2023-26015
+ RESERVED
+CVE-2023-26014
+ RESERVED
+CVE-2023-26013
+ RESERVED
+CVE-2023-26012
+ RESERVED
+CVE-2023-26011
+ RESERVED
+CVE-2023-26010
+ RESERVED
+CVE-2023-26009
+ RESERVED
+CVE-2023-26008
+ RESERVED
+CVE-2023-26007
+ RESERVED
+CVE-2023-26006
+ RESERVED
+CVE-2023-26005
+ RESERVED
+CVE-2023-26004
+ RESERVED
+CVE-2023-26003
+ RESERVED
+CVE-2023-26002
+ RESERVED
+CVE-2023-26001
+ RESERVED
+CVE-2023-26000
+ RESERVED
+CVE-2023-25999
+ RESERVED
+CVE-2023-25998
+ RESERVED
+CVE-2023-25997
+ RESERVED
+CVE-2023-25996
+ RESERVED
+CVE-2023-25995
+ RESERVED
+CVE-2023-25994
+ RESERVED
+CVE-2023-25993
+ RESERVED
+CVE-2023-25992
+ RESERVED
+CVE-2023-25991
+ RESERVED
+CVE-2023-25990
+ RESERVED
+CVE-2023-25989
+ RESERVED
+CVE-2023-25988
+ RESERVED
+CVE-2023-25987
+ RESERVED
+CVE-2023-25986
+ RESERVED
+CVE-2023-25985
+ RESERVED
+CVE-2023-25984
+ RESERVED
+CVE-2023-25983
+ RESERVED
+CVE-2023-25982
+ RESERVED
+CVE-2023-25981
+ RESERVED
+CVE-2023-25980
+ RESERVED
+CVE-2023-25979
+ RESERVED
+CVE-2023-25978
+ RESERVED
+CVE-2023-25977
+ RESERVED
+CVE-2023-25976
+ RESERVED
+CVE-2023-25975
+ RESERVED
+CVE-2023-25974
+ RESERVED
+CVE-2023-25973
+ RESERVED
+CVE-2023-25972
+ RESERVED
+CVE-2023-25971
+ RESERVED
+CVE-2023-25970
+ RESERVED
+CVE-2023-25969
+ RESERVED
+CVE-2023-25968
+ RESERVED
+CVE-2023-25967
+ RESERVED
+CVE-2023-25966
+ RESERVED
+CVE-2023-25965
+ RESERVED
+CVE-2023-25964
+ RESERVED
+CVE-2023-25963
+ RESERVED
+CVE-2023-25962
+ RESERVED
+CVE-2023-25961
+ RESERVED
+CVE-2023-25960
+ RESERVED
+CVE-2023-25959
+ RESERVED
+CVE-2023-25958
+ RESERVED
+CVE-2023-25957
+ RESERVED
+CVE-2023-25956
+ RESERVED
+CVE-2023-25077
+ RESERVED
+CVE-2023-22838
+ RESERVED
+CVE-2023-0896
+ RESERVED
+CVE-2023-0895 (The WP Coder – add custom html, css and js code plugin
for WordP ...)
+ TODO: check
+CVE-2023-0894
+ RESERVED
+CVE-2023-0893
+ RESERVED
+CVE-2023-0892
+ RESERVED
+CVE-2023-0891
+ RESERVED
+CVE-2023-0890
+ RESERVED
+CVE-2023-0889
+ RESERVED
+CVE-2023-0888
+ RESERVED
+CVE-2023-0887 (A vulnerability was found in phjounin TFTPD64-SE 4.64 and
classified a ...)
+ TODO: check
+CVE-2023-0886
+ RESERVED
+CVE-2023-0885
+ RESERVED
+CVE-2023-0884
+ RESERVED
+CVE-2023-0883 (A vulnerability has been found in SourceCodester Online Pizza
Ordering ...)
+ TODO: check
CVE-2023-25943
RESERVED
CVE-2023-25942
@@ -40,8 +222,8 @@ CVE-2023-22330
RESERVED
CVE-2023-22329
RESERVED
-CVE-2023-0882
- RESERVED
+CVE-2023-0882 (Improper Input Validation, Authorization Bypass Through
User-Controlle ...)
+ TODO: check
CVE-2023-0881
RESERVED
CVE-2023-0880 (Misinterpretation of Input in GitHub repository
thorsten/phpmyfaq prio ...)
@@ -523,8 +705,8 @@ CVE-2023-25759
RESERVED
CVE-2023-25758 (Onekey Touch devices through 4.0.0 and Onekey Mini devices
through 2.1 ...)
NOT-FOR-US: Onekey
-CVE-2023-0822
- RESERVED
+CVE-2023-0822 (The affected product DIAEnergie (versions prior to v1.9.03.001)
contai ...)
+ TODO: check
CVE-2023-0821 (HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and
1.4.3 job ...)
- nomad <unfixed>
[bullseye] - nomad <no-dsa> (Minor issue)
@@ -2861,16 +3043,16 @@ CVE-2023-24966
RESERVED
CVE-2023-24965
RESERVED
-CVE-2023-24964
- RESERVED
+CVE-2023-24964 (IBM InfoSphere Information Server 11.7 could allow a local
user to obt ...)
+ TODO: check
CVE-2023-24963
RESERVED
CVE-2023-24962
RESERVED
CVE-2023-24961
RESERVED
-CVE-2023-24960
- RESERVED
+CVE-2023-24960 (IBM InfoSphere Information Server 11.7 could allow a remote
attacker t ...)
+ TODO: check
CVE-2023-24959
RESERVED
CVE-2023-24958
@@ -3327,8 +3509,8 @@ CVE-2023-24787
RESERVED
CVE-2023-24786
RESERVED
-CVE-2023-24785
- RESERVED
+CVE-2023-24785 (An issue in Giorgio Tani peazip v.9.0.0 allows attackers to
cause a de ...)
+ TODO: check
CVE-2023-24784
RESERVED
CVE-2023-24783
@@ -4481,8 +4663,8 @@ CVE-2023-24390
RESERVED
CVE-2023-24389
RESERVED
-CVE-2023-24388
- RESERVED
+CVE-2023-24388 (Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt
Booking ca ...)
+ TODO: check
CVE-2023-24387
RESERVED
CVE-2023-24386
@@ -4565,8 +4747,8 @@ CVE-2023-24371
RESERVED
CVE-2023-24370
RESERVED
-CVE-2023-24369
- RESERVED
+CVE-2023-24369 (A cross-site scripting (XSS) vulnerability in UJCMS v4.1.3
allows atta ...)
+ TODO: check
CVE-2023-24368
RESERVED
CVE-2023-24367
@@ -4645,8 +4827,8 @@ CVE-2023-24331
RESERVED
CVE-2023-24330
RESERVED
-CVE-2023-24329
- RESERVED
+CVE-2023-24329 (An issue in the urllib.parse component of Python before v3.11
allows a ...)
+ TODO: check
CVE-2023-24328
RESERVED
CVE-2023-24327
@@ -4927,7 +5109,7 @@ CVE-2023-24190
RESERVED
CVE-2023-24189
RESERVED
-CVE-2023-24188 (ureport v2.2.9 was discovered to contain an arbitrary file
deletion vu ...)
+CVE-2023-24188 (ureport v2.2.9 was discovered to contain a directory traversal
vulnera ...)
NOT-FOR-US: ureport
CVE-2023-24187 (An XML External Entity (XXE) vulnerability in ureport v2.2.9
allows at ...)
NOT-FOR-US: ureport
@@ -5660,8 +5842,8 @@ CVE-2023-23911
RESERVED
CVE-2023-23900
RESERVED
-CVE-2023-23899
- RESERVED
+CVE-2023-23899 (Cross-Site Request Forgery (CSRF) vulnerability in HasThemes
Extension ...)
+ TODO: check
CVE-2023-23898
RESERVED
CVE-2023-23897
@@ -6796,8 +6978,8 @@ CVE-2023-23588
RESERVED
CVE-2023-23587
RESERVED
-CVE-2023-23586
- RESERVED
+CVE-2023-23586 (Due to a vulnerability in the io_uring subsystem, it is
possible to le ...)
+ TODO: check
CVE-2023-0292
RESERVED
CVE-2023-0291
@@ -6932,7 +7114,7 @@ CVE-2023-23530
RESERVED
CVE-2023-23529 [Processing maliciously crafted web content may lead to
arbitrary code execution]
RESERVED
- {DSA-5352-1 DSA-5351-1}
+ {DSA-5352-1 DSA-5351-1 DLA-3320-1}
- webkit2gtk 2.38.5-1
- wpewebkit 2.38.5-1
NOTE: https://webkitgtk.org/security/WSA-2023-0002.html
@@ -7608,8 +7790,8 @@ CVE-2023-23281
RESERVED
CVE-2023-23280
RESERVED
-CVE-2023-23279
- RESERVED
+CVE-2023-23279 (Canteen Management System 1.0 is vulnerable to SQL Injection
via /php_ ...)
+ TODO: check
CVE-2023-23278
RESERVED
CVE-2023-23277
@@ -8224,8 +8406,8 @@ CVE-2023-23009
RESERVED
CVE-2023-23008
RESERVED
-CVE-2023-23007
- RESERVED
+CVE-2023-23007 (An issue was discovered in ESPCMS P8.21120101 after logging in
to the ...)
+ TODO: check
CVE-2023-23006
RESERVED
CVE-2023-23005
@@ -8783,8 +8965,8 @@ CVE-2023-22870
RESERVED
CVE-2023-22869
RESERVED
-CVE-2023-22868
- RESERVED
+CVE-2023-22868 (IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting.
This vu ...)
+ TODO: check
CVE-2023-22867
RESERVED
CVE-2023-22866
@@ -10960,8 +11142,8 @@ CVE-2022-47988
RESERVED
CVE-2022-47987
RESERVED
-CVE-2022-47986
- RESERVED
+CVE-2022-47986 (IBM Aspera Faspex 4.4.1 could allow a remote attacker to
execute arbit ...)
+ TODO: check
CVE-2022-47985
RESERVED
CVE-2022-47984
@@ -19496,8 +19678,8 @@ CVE-2022-45703
RESERVED
CVE-2022-45702
RESERVED
-CVE-2022-45701
- RESERVED
+CVE-2022-45701 (Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code
Execution ...)
+ TODO: check
CVE-2022-45700
RESERVED
CVE-2022-45699 (Command injection in the administration interface in APSystems
ECU-R v ...)
@@ -27305,14 +27487,14 @@ CVE-2022-43932 (Improper neutralization of special
elements in output used by a
NOT-FOR-US: Synology
CVE-2022-43931 (Out-of-bounds write vulnerability in Remote Desktop
Functionality in S ...)
NOT-FOR-US: Synology VPN Plus Server
-CVE-2022-43930
- RESERVED
-CVE-2022-43929
- RESERVED
+CVE-2022-43930 (IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is
vulnerable ...)
+ TODO: check
+CVE-2022-43929 (IBM Db2 for Linux, UNIX and Windows 11.1 and 11.5 may be
vulnerable to ...)
+ TODO: check
CVE-2022-43928
RESERVED
-CVE-2022-43927
- RESERVED
+CVE-2022-43927 (IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is
vulnerable ...)
+ TODO: check
CVE-2022-43926
RESERVED
CVE-2022-43925
@@ -28233,8 +28415,8 @@ CVE-2022-43581 (IBM Content Navigator 3.0.0, 3.0.1,
3.0.2, 3.0.3, 3.0.4, 3.0.5,
NOT-FOR-US: IBM
CVE-2022-43580
RESERVED
-CVE-2022-43579
- RESERVED
+CVE-2022-43579 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through
6.0.3.7 a ...)
+ TODO: check
CVE-2022-43578
RESERVED
CVE-2022-43577
@@ -30268,7 +30450,7 @@ CVE-2022-3486 (An open redirect vulnerability in GitLab
EE/CE affecting all vers
- gitlab <unfixed>
CVE-2022-3485 (In IFM Moneo Appliance with version up to 1.9.3 an
unauthenticated rem ...)
NOT-FOR-US: IFM Moneo Appliance
-CVE-2022-3484 (The WPB Show Core WordPress plugin through TODO does not
sanitise and ...)
+CVE-2022-3484 (The WPB Show Core WordPress plugin does not sanitize and escape
a para ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3483 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- gitlab <unfixed>
@@ -33428,8 +33610,8 @@ CVE-2022-41736
RESERVED
CVE-2022-41735 (IBM Business Process Manager 21.0.1 through 21.0.3.1, 20.0.0.1
through ...)
NOT-FOR-US: IBM
-CVE-2022-41734
- RESERVED
+CVE-2022-41734 (IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 could allow a
remote a ...)
+ TODO: check
CVE-2022-41733 (IBM InfoSphere Information Server 11.7 could allow a remote
attacked t ...)
NOT-FOR-US: IBM
CVE-2022-41732 (IBM Maximo Mobile 8.7 and 8.8 stores user credentials in plain
clear t ...)
@@ -36945,8 +37127,8 @@ CVE-2022-40349
RESERVED
CVE-2022-40348
RESERVED
-CVE-2022-40347
- RESERVED
+CVE-2022-40347 (SQL Injection vulnerability in Intern Record System version
1.0 in /in ...)
+ TODO: check
CVE-2022-40346
RESERVED
CVE-2022-40345
@@ -37235,10 +37417,10 @@ CVE-2022-40234 (Versions of IBM Spectrum Protect Plus
prior to 10.1.12 (excludin
NOT-FOR-US: IBM
CVE-2022-40233 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a
non-privileged local ...)
NOT-FOR-US: IBM
-CVE-2022-40232
- RESERVED
-CVE-2022-40231
- RESERVED
+CVE-2022-40232 (IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through
6.1.1.1, ...)
+ TODO: check
+CVE-2022-40231 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through
6.0.3.7 a ...)
+ TODO: check
CVE-2022-40230 ("IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does
not invali ...)
NOT-FOR-US: IBM
CVE-2022-40229
@@ -37744,8 +37926,8 @@ CVE-2022-40034 (Cross-Site Scripting (XSS)
vulnerability found in Rawchen blog-s
NOT-FOR-US: Rawchen blog-ssm
CVE-2022-40033
RESERVED
-CVE-2022-40032
- RESERVED
+CVE-2022-40032 (SQL Injection vulnerability in Simple Task Managing System
version 1.0 ...)
+ TODO: check
CVE-2022-40031
RESERVED
CVE-2022-40030 (SourceCodester Simple Task Managing System v1.0 was discovered
to cont ...)
@@ -46709,8 +46891,8 @@ CVE-2022-36777
RESERVED
CVE-2022-36776 (IBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is
vulnerabl ...)
NOT-FOR-US: IBM
-CVE-2022-36775
- RESERVED
+CVE-2022-36775 (IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0,
10.0.3.0, and ...)
+ TODO: check
CVE-2022-36774 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is
vulnerabl ...)
NOT-FOR-US: IBM
CVE-2022-36773 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable
to an XM ...)
@@ -53463,8 +53645,8 @@ CVE-2022-34353
RESERVED
CVE-2022-34352
RESERVED
-CVE-2022-34351
- RESERVED
+CVE-2022-34351 (IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information
exposure allo ...)
+ TODO: check
CVE-2022-34350 (IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through
10.0.1.7, ...)
NOT-FOR-US: IBM
CVE-2022-34349
@@ -56978,8 +57160,8 @@ CVE-2022-32974 (An authenticated attacker could read
arbitrary files from the un
NOT-FOR-US: Nessus
CVE-2022-32973 (An authenticated attacker could create an audit file that
bypasses Pow ...)
NOT-FOR-US: Nessus
-CVE-2022-32972
- RESERVED
+CVE-2022-32972 (Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL
injecti ...)
+ TODO: check
CVE-2022-32969 (MetaMask before 10.11.3 might allow an attacker to access a
user's sec ...)
NOT-FOR-US: MetaTask
CVE-2022-32968
@@ -61870,7 +62052,7 @@ CVE-2022-1809 (Access of Uninitialized Pointer in
GitHub repository radareorg/ra
NOTE:
https://github.com/radareorg/radare2/commit/919e3ac1a13f753c73e7a8e8d8bb4a143218732d
CVE-2022-31260 (In Montala ResourceSpace through 9.8 before r19636,
csv_export_results ...)
NOT-FOR-US: Montala ResourceSpace
-CVE-2022-31259 (The route lookup process in beego through 1.12.4 and 2.x
through 2.0.2 ...)
+CVE-2022-31259 (The route lookup process in beego before 1.12.9 and 2.x before
2.0.3 a ...)
NOT-FOR-US: Beego
CVE-2022-31258 (In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x
before 2.1. ...)
- check-mk <removed>
@@ -101592,8 +101774,7 @@ CVE-2022-20805 (A vulnerability in the automatic
decryption process in Cisco Umb
NOT-FOR-US: Cisco
CVE-2022-20804 (A vulnerability in the Cisco Discovery Protocol of Cisco
Unified Commu ...)
NOT-FOR-US: Cisco
-CVE-2022-20803
- RESERVED
+CVE-2022-20803 (A vulnerability in the OLE2 file parser of Clam AntiVirus
(ClamAV) ver ...)
- clamav <not-affected> (Only affects 0.104.x)
NOTE:
https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
CVE-2022-20802 (A vulnerability in the web interface of Cisco Enterprise Chat
and Emai ...)
@@ -123492,8 +123673,8 @@ CVE-2021-35263
RESERVED
CVE-2021-35262
RESERVED
-CVE-2021-35261
- RESERVED
+CVE-2021-35261 (File Upload Vulnerability in Yupoxion BearAdmin before commit
10176153 ...)
+ TODO: check
CVE-2021-35260
RESERVED
CVE-2021-35259
@@ -125980,8 +126161,8 @@ CVE-2021-34184 (Miniaudio 0.10.35 has a Double free
vulnerability that could cau
NOT-FOR-US: Miniaudio
CVE-2021-34183
REJECTED
-CVE-2021-34182
- RESERVED
+CVE-2021-34182 (An issue in ttyd v.1.6.3 allows attacker to execute arbitrary
code via ...)
+ TODO: check
CVE-2021-34181 (Cross Site Scripting (XSS) vulnerability in TomExam 3.0 via
p_name par ...)
NOT-FOR-US: TomExam
CVE-2021-34180
@@ -126016,8 +126197,8 @@ CVE-2021-34166 (A SQL INJECTION vulnerability in
Sourcecodester Simple Food Webs
NOT-FOR-US: Sourcecodester
CVE-2021-34165 (A SQL Injection vulnerability in Sourcecodester Basic Shopping
Cart 1. ...)
NOT-FOR-US: Sourcecodester
-CVE-2021-34164
- RESERVED
+CVE-2021-34164 (Permissions vulnerability in LIZHIFAKA v.2.2.0 allows
authenticated at ...)
+ TODO: check
CVE-2021-34163
RESERVED
CVE-2021-34162
@@ -126398,8 +126579,8 @@ CVE-2021-33985
RESERVED
CVE-2021-33984
RESERVED
-CVE-2021-33983
- RESERVED
+CVE-2021-33983 (Buffer Overflow vulnerability in Dvidelabs flatcc v.0.6.0
allows local ...)
+ TODO: check
CVE-2021-33982 (An insufficient session expiration vulnerability exists in the
"Fish | ...)
NOT-FOR-US: "Fish | Hunt FL" iOS app
CVE-2021-33981 (An insecure, direct object vulnerability in hunting/fishing
license re ...)
@@ -126467,12 +126648,12 @@ CVE-2021-33952
RESERVED
CVE-2021-33951
RESERVED
-CVE-2021-33950
- RESERVED
-CVE-2021-33949
- RESERVED
-CVE-2021-33948
- RESERVED
+CVE-2021-33950 (An issue discovered in OpenKM v6.3.10 allows attackers to
obtain sensi ...)
+ TODO: check
+CVE-2021-33949 (An issue in FeMiner WMS v1.1 allows attackers to execute
arbitrary cod ...)
+ TODO: check
+CVE-2021-33948 (SQL injection vulnerability in FantasticLBP Hotels Server v1.0
allows ...)
+ TODO: check
CVE-2021-33947
RESERVED
CVE-2021-33946
@@ -126531,8 +126712,8 @@ CVE-2021-33928 (Buffer overflow vulnerability in
function pool_installable in sr
NOTE:
https://github.com/openSUSE/libsolv/commit/0077ef29eb46d2e1df2f230fc95a1d9748d49dec
(0.7.17)
CVE-2021-33927
RESERVED
-CVE-2021-33926
- RESERVED
+CVE-2021-33926 (An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0,
5.1rc2, 5. ...)
+ TODO: check
CVE-2021-33925 (SQL Injection vulnerability in nitinparashar30 cms-corephp
through com ...)
TODO: check
CVE-2021-33924 (Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and
6.0.0 i ...)
@@ -128005,8 +128186,8 @@ CVE-2021-33393 (lfs/backup in IPFire 2.25-core155
does not ensure that /var/ipfi
NOT-FOR-US: IPFire
CVE-2021-33392
RESERVED
-CVE-2021-33391
- RESERVED
+CVE-2021-33391 (An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute
arbitra ...)
+ TODO: check
CVE-2021-33390
RESERVED
CVE-2021-33389
@@ -128367,8 +128548,8 @@ CVE-2021-33239
RESERVED
CVE-2021-33238
RESERVED
-CVE-2021-33237
- RESERVED
+CVE-2021-33237 (Cross Site Scripting vulnerability in YMFE yapo v1.9.1 allows
attacker ...)
+ TODO: check
CVE-2021-33236 (Buffer Overflow vulnerability in write_header in htmldoc
through 1.9.1 ...)
- htmldoc 1.9.12-1 (unimportant)
NOTE: https://github.com/michaelrsweet/htmldoc/issues/425
@@ -128398,8 +128579,8 @@ CVE-2021-33228
RESERVED
CVE-2021-33227
RESERVED
-CVE-2021-33226
- RESERVED
+CVE-2021-33226 (Buffer Overflow vulnerability in Saltstack v.3003 and before
allows at ...)
+ TODO: check
CVE-2021-33225
RESERVED
CVE-2021-33224
@@ -130512,8 +130693,8 @@ CVE-2021-32443
RESERVED
CVE-2021-32442
RESERVED
-CVE-2021-32441
- RESERVED
+CVE-2021-32441 (SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in
2.7.0 all ...)
+ TODO: check
CVE-2021-32440 (The Media_RewriteODFrame function in GPAC 1.0.1 allows
attackers to ca ...)
- gpac 2.0.0+dfsg1-2
[bullseye] - gpac <ignored> (Minor issue)
@@ -130594,8 +130775,8 @@ CVE-2021-32421
RESERVED
CVE-2021-32420
RESERVED
-CVE-2021-32419
- RESERVED
+CVE-2021-32419 (An issue in Schism Tracker v20200412 fixed in v.20200412
allows attack ...)
+ TODO: check
CVE-2021-32418
RESERVED
CVE-2021-32417
@@ -131158,8 +131339,8 @@ CVE-2021-32165
RESERVED
CVE-2021-32164
RESERVED
-CVE-2021-32163
- RESERVED
+CVE-2021-32163 (Authentication vulnerability in MOSN v.0.23.0 allows attacker
to escal ...)
+ TODO: check
CVE-2021-32162 (A Cross-site request forgery (CSRF) vulnerability exists in
Webmin 1.9 ...)
- webmin <removed>
CVE-2021-32161 (A Cross-Site Scripting (XSS) vulnerability exists in Webmin
1.973 thro ...)
@@ -131200,8 +131381,8 @@ CVE-2021-32144
RESERVED
CVE-2021-32143
RESERVED
-CVE-2021-32142
- RESERVED
+CVE-2021-32142 (Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0
allows atta ...)
+ TODO: check
CVE-2021-32141
RESERVED
CVE-2021-32140
@@ -149110,8 +149291,8 @@ CVE-2020-36192 (An issue was discovered in the Source
Integration plugin before
NOT-FOR-US: Source Integration plugin for MantisBT
CVE-2021-3173
RESERVED
-CVE-2021-3172
- RESERVED
+CVE-2021-3172 (An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows
authenticated ...)
+ TODO: check
CVE-2021-3171
RESERVED
CVE-2021-3170
@@ -167722,8 +167903,8 @@ CVE-2020-29170
RESERVED
CVE-2020-29169
RESERVED
-CVE-2020-29168
- RESERVED
+CVE-2020-29168 (SQL Injection vulnerability in Projectworlds Online Doctor
Appointment ...)
+ TODO: check
CVE-2020-29167
RESERVED
CVE-2020-29166 (PacsOne Server (PACS Server In One Box) below 7.1.1 is
affected by fil ...)
@@ -192839,8 +193020,8 @@ CVE-2020-19826
RESERVED
CVE-2020-19825 (Cross Site Scripting (XSS) vulnerability in kevinpapst kimai2
1.30.0 i ...)
TODO: check
-CVE-2020-19824
- RESERVED
+CVE-2020-19824 (An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to
execute ar ...)
+ TODO: check
CVE-2020-19823
RESERVED
CVE-2020-19822 (A remote code execution (RCE) vulnerability in
template_user.php of ZZ ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81ef75ff8f43666cd5e77b9e5f456518d3c0207a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81ef75ff8f43666cd5e77b9e5f456518d3c0207a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
