Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a0fffe14 by security tracker role at 2023-03-08T20:10:38+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,109 @@
+CVE-2023-27970
+ RESERVED
+CVE-2023-27969
+ RESERVED
+CVE-2023-27968
+ RESERVED
+CVE-2023-27967
+ RESERVED
+CVE-2023-27966
+ RESERVED
+CVE-2023-27965
+ RESERVED
+CVE-2023-27964
+ RESERVED
+CVE-2023-27963
+ RESERVED
+CVE-2023-27962
+ RESERVED
+CVE-2023-27961
+ RESERVED
+CVE-2023-27960
+ RESERVED
+CVE-2023-27959
+ RESERVED
+CVE-2023-27958
+ RESERVED
+CVE-2023-27957
+ RESERVED
+CVE-2023-27956
+ RESERVED
+CVE-2023-27955
+ RESERVED
+CVE-2023-27954
+ RESERVED
+CVE-2023-27953
+ RESERVED
+CVE-2023-27952
+ RESERVED
+CVE-2023-27951
+ RESERVED
+CVE-2023-27950
+ RESERVED
+CVE-2023-27949
+ RESERVED
+CVE-2023-27948
+ RESERVED
+CVE-2023-27947
+ RESERVED
+CVE-2023-27946
+ RESERVED
+CVE-2023-27945
+ RESERVED
+CVE-2023-27944
+ RESERVED
+CVE-2023-27943
+ RESERVED
+CVE-2023-27942
+ RESERVED
+CVE-2023-27941
+ RESERVED
+CVE-2023-27940
+ RESERVED
+CVE-2023-27939
+ RESERVED
+CVE-2023-27938
+ RESERVED
+CVE-2023-27937
+ RESERVED
+CVE-2023-27936
+ RESERVED
+CVE-2023-27935
+ RESERVED
+CVE-2023-27934
+ RESERVED
+CVE-2023-27933
+ RESERVED
+CVE-2023-27932
+ RESERVED
+CVE-2023-27931
+ RESERVED
+CVE-2023-27930
+ RESERVED
+CVE-2023-27929
+ RESERVED
+CVE-2023-27928
+ RESERVED
+CVE-2023-1276 (A vulnerability, which was classified as critical, has been
found in S ...)
+ TODO: check
+CVE-2023-1275 (A vulnerability classified as problematic was found in
SourceCodester ...)
+ TODO: check
+CVE-2023-1274
+ RESERVED
+CVE-2023-1273
+ RESERVED
+CVE-2023-1272
+ RESERVED
+CVE-2023-1271
+ RESERVED
+CVE-2023-1270 (Command Injection in GitHub repository
btcpayserver/btcpayserver prior ...)
+ TODO: check
+CVE-2023-1269 (Use of Hard-coded Credentials in GitHub repository
alextselegidis/easy ...)
+ TODO: check
+CVE-2023-1268
+ RESERVED
+CVE-2023-1267 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
CVE-2023-XXXX [emacsclient-mail.desktop Emacs Lisp code injection]
- emacs <unfixed> (bug #1032538)
[bullseye] - emacs <not-affected> (Vulnerable code not present,
introduced in 28.1)
@@ -77,29 +183,21 @@ CVE-2023-1260
RESERVED
CVE-2023-1259
RESERVED
-CVE-2023-27905
- RESERVED
+CVE-2023-27905 (Jenkins update-center2 3.13 and 3.14 renders the required
Jenkins core ...)
- jenkins <removed>
-CVE-2023-27904
- RESERVED
+CVE-2023-27904 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an
error sta ...)
- jenkins <removed>
-CVE-2023-27903
- RESERVED
+CVE-2023-27903 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a
temporary ...)
- jenkins <removed>
-CVE-2023-27902
- RESERVED
+CVE-2023-27902 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows
temporary dir ...)
- jenkins <removed>
-CVE-2023-27901
- RESERVED
+CVE-2023-27901 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the
Apache Com ...)
- jenkins <removed>
-CVE-2023-27900
- RESERVED
+CVE-2023-27900 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the
Apache Com ...)
- jenkins <removed>
-CVE-2023-27899
- RESERVED
+CVE-2023-27899 (Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a
temporary ...)
- jenkins <removed>
-CVE-2023-27898
- RESERVED
+CVE-2023-27898 (Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1
through 2.37 ...)
- jenkins <removed>
CVE-2023-27897
RESERVED
@@ -1308,8 +1406,8 @@ CVE-2023-27484
RESERVED
CVE-2023-27483
RESERVED
-CVE-2023-27482
- RESERVED
+CVE-2023-27482 (homeassistant is an open source home automation tool. A
remotely explo ...)
+ TODO: check
CVE-2023-27481 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
NOT-FOR-US: Directus
CVE-2023-27480 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
@@ -2329,8 +2427,8 @@ CVE-2023-27090
RESERVED
CVE-2023-27089
RESERVED
-CVE-2023-27088
- RESERVED
+CVE-2023-27088 (feiqu-opensource Background Vertical authorization
vulnerability exist ...)
+ TODO: check
CVE-2023-27087
RESERVED
CVE-2023-27086
@@ -2601,12 +2699,12 @@ CVE-2023-26954 (onekeyadmin v1.3.9 was discovered to
contain a stored cross-site
NOT-FOR-US: onekeyadmin
CVE-2023-26953 (onekeyadmin v1.3.9 was discovered to contain a stored
cross-site scrip ...)
NOT-FOR-US: onekeyadmin
-CVE-2023-26952
- RESERVED
+CVE-2023-26952 (onekeyadmin v1.3.9 was discovered to contain a stored
cross-site scrip ...)
+ TODO: check
CVE-2023-26951
RESERVED
-CVE-2023-26950
- RESERVED
+CVE-2023-26950 (onekeyadmin v1.3.9 was discovered to contain a stored
cross-site scrip ...)
+ TODO: check
CVE-2023-26949 (An arbitrary file upload vulnerability in the component
/admin1/config ...)
NOT-FOR-US: onekeyadmin
CVE-2023-26948
@@ -2661,8 +2759,8 @@ CVE-2023-26924
RESERVED
CVE-2023-26923
RESERVED
-CVE-2023-26922
- RESERVED
+CVE-2023-26922 (SQL injection vulnerability found in Varisicte matrix-gui v.2
allows a ...)
+ TODO: check
CVE-2023-26921
RESERVED
CVE-2023-26920
@@ -4315,8 +4413,8 @@ CVE-2023-26263
RESERVED
CVE-2023-26262
RESERVED
-CVE-2023-26261
- RESERVED
+CVE-2023-26261 (In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath
injection lead ...)
+ TODO: check
CVE-2023-26260
RESERVED
CVE-2023-26259
@@ -7007,8 +7105,8 @@ CVE-2023-25397
RESERVED
CVE-2023-25396 (Privilege escalation in the MSI repair functionality in
Caphyon Advanc ...)
NOT-FOR-US: Caphyon Advanced Installer
-CVE-2023-25395
- RESERVED
+CVE-2023-25395 (TOTOlink A7100RU V7.4cu.2313_B20191024 router has a command
injection ...)
+ TODO: check
CVE-2023-25394
RESERVED
CVE-2023-25393
@@ -8624,8 +8722,8 @@ CVE-2023-24775 (Funadmin v3.2.0 was discovered to contain
a SQL injection vulner
NOT-FOR-US: Funadmin
CVE-2023-24774
RESERVED
-CVE-2023-24773
- RESERVED
+CVE-2023-24773 (Funadmin v3.2.0 was discovered to contain a SQL injection
vulnerabilit ...)
+ TODO: check
CVE-2023-24772
RESERVED
CVE-2023-24771
@@ -11787,8 +11885,7 @@ CVE-2023-23640
RESERVED
CVE-2023-23639
RESERVED
-CVE-2023-23638
- RESERVED
+CVE-2023-23638 (A deserialization vulnerability existed when dubbo generic
invoke, whi ...)
NOT-FOR-US: Apache Dubbo
CVE-2023-0331 (The Correos Oficial WordPress plugin through 1.2.0.2 does not
have an ...)
NOT-FOR-US: WordPress plugin
@@ -21173,7 +21270,7 @@ CVE-2022-4424
RESERVED
CVE-2022-4423
RESERVED
-CVE-2022-4422 (This issue affects: Bulutses Bilgi Teknolojileri LTD.
ŞTİ. B ...)
+CVE-2022-4422 (Call Center System developed by Bulutses Information
Technologies befo ...)
NOT-FOR-US: BULUTDESK CALLCENTER
CVE-2022-4421 (A vulnerability was found in rAthena FluxCP. It has been
classified as ...)
NOT-FOR-US: rAthena FluxCP
@@ -21752,8 +21849,8 @@ CVE-2022-46754 (Wyse Management Suite 3.8 and below
contain an improper access c
NOT-FOR-US: Wyse Management Suite
CVE-2022-46753
RESERVED
-CVE-2022-46752
- RESERVED
+CVE-2022-46752 (Dell BIOS contains an Improper Authorization vulnerability. An
unauthe ...)
+ TODO: check
CVE-2022-46751
RESERVED
CVE-2022-4340 (The BookingPress WordPress plugin before 1.0.31 suffers from an
Insecu ...)
@@ -29498,7 +29595,7 @@ CVE-2022-3794 (The Jeg Elementor Kit plugin for
WordPress is vulnerable to autho
NOT-FOR-US: Jeg Elementor Kit plugin for WordPress
CVE-2022-3793 (An improper authorization issue in GitLab CE/EE affecting all
versions ...)
- gitlab <unfixed>
-CVE-2022-3792 (This issue affects: Terminal Operating System versions before
5.0.13 ...)
+CVE-2022-3792 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: GullsEye
CVE-2022-3791
REJECTED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0fffe142154800699546435ba6cb3830b770128
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0fffe142154800699546435ba6cb3830b770128
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
