Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bcbf43fd by security tracker role at 2023-03-23T20:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,141 @@
+CVE-2023-28807
+ RESERVED
+CVE-2023-28806
+ RESERVED
+CVE-2023-28805
+ RESERVED
+CVE-2023-28804
+ RESERVED
+CVE-2023-28803
+ RESERVED
+CVE-2023-28802
+ RESERVED
+CVE-2023-28801
+ RESERVED
+CVE-2023-28800
+ RESERVED
+CVE-2023-28799
+ RESERVED
+CVE-2023-28798
+ RESERVED
+CVE-2023-28797
+ RESERVED
+CVE-2023-28796
+ RESERVED
+CVE-2023-28795
+ RESERVED
+CVE-2023-28794
+ RESERVED
+CVE-2023-28793
+ RESERVED
+CVE-2023-28792
+ RESERVED
+CVE-2023-28791
+ RESERVED
+CVE-2023-28790
+ RESERVED
+CVE-2023-28789
+ RESERVED
+CVE-2023-28788
+ RESERVED
+CVE-2023-28787
+ RESERVED
+CVE-2023-28786
+ RESERVED
+CVE-2023-28785
+ RESERVED
+CVE-2023-28784
+ RESERVED
+CVE-2023-28783
+ RESERVED
+CVE-2023-28782
+ RESERVED
+CVE-2023-28781
+ RESERVED
+CVE-2023-28780
+ RESERVED
+CVE-2023-28779
+ RESERVED
+CVE-2023-28778
+ RESERVED
+CVE-2023-28777
+ RESERVED
+CVE-2023-28776
+ RESERVED
+CVE-2023-28775
+ RESERVED
+CVE-2023-28774
+ RESERVED
+CVE-2023-28773
+ RESERVED
+CVE-2023-28772 (An issue was discovered in the Linux kernel before 5.13.3.
lib/seq_buf ...)
+ TODO: check
+CVE-2023-28771
+ RESERVED
+CVE-2023-28770
+ RESERVED
+CVE-2023-28769
+ RESERVED
+CVE-2023-28768
+ RESERVED
+CVE-2023-28767
+ RESERVED
+CVE-2023-28766
+ RESERVED
+CVE-2023-25180
+ RESERVED
+CVE-2023-24593
+ RESERVED
+CVE-2023-1613
+ RESERVED
+CVE-2023-1612
+ RESERVED
+CVE-2023-1611
+ RESERVED
+CVE-2023-1610
+ RESERVED
+CVE-2023-1609
+ RESERVED
+CVE-2023-1608
+ RESERVED
+CVE-2023-1607
+ RESERVED
+CVE-2023-1606 (A vulnerability was found in novel-plus 3.6.2 and classified as
critic ...)
+ TODO: check
+CVE-2023-1605 (Denial of Service in GitHub repository radareorg/radare2 prior
to 5.8. ...)
+ TODO: check
+CVE-2023-1604
+ RESERVED
+CVE-2023-1603 (Permission bypass when importing or synchronizing entries in
User vaul ...)
+ TODO: check
+CVE-2023-1602
+ RESERVED
+CVE-2023-1601
+ RESERVED
+CVE-2023-1600
+ RESERVED
+CVE-2023-1599
+ RESERVED
+CVE-2023-1598
+ RESERVED
+CVE-2023-1597
+ RESERVED
+CVE-2023-1596
+ RESERVED
+CVE-2023-1595 (A vulnerability has been found in novel-plus 3.6.2 and
classified as c ...)
+ TODO: check
+CVE-2023-1594 (A vulnerability, which was classified as critical, was found in
novel- ...)
+ TODO: check
+CVE-2023-1593 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
+CVE-2023-1592 (A vulnerability classified as critical was found in
SourceCodester Aut ...)
+ TODO: check
+CVE-2023-1591 (A vulnerability classified as critical has been found in
SourceCodeste ...)
+ TODO: check
+CVE-2023-1590 (A vulnerability was found in SourceCodester Online Tours &
Travels ...)
+ TODO: check
+CVE-2023-1589 (A vulnerability has been found in SourceCodester Online Tours
& Tr ...)
+ TODO: check
CVE-2023-XXXX [RUSTSEC-2022-0092]
- rust-rmp-serde 1.1.1-1
NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0092.html
@@ -250,56 +388,39 @@ CVE-2023-28686 [Insufficient message sender validation in
Dino]
NOTE: Fixed by:
https://github.com/dino/dino/commit/ef8fb0e94ce79d5fde2943e433ad0422eb7f70ec
CVE-2023-28685 (Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not
configure its ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28684
- RESERVED
+CVE-2023-28684 (Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does
not conf ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28683
- RESERVED
+CVE-2023-28683 (Jenkins Phabricator Differential Plugin 2.1.5 and earlier does
not con ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28682
- RESERVED
+CVE-2023-28682 (Jenkins Performance Publisher Plugin 8.09 and earlier does not
configu ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28681
- RESERVED
+CVE-2023-28681 (Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does
not con ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28680
- RESERVED
+CVE-2023-28680 (Jenkins Crap4J Plugin 0.9 and earlier does not configure its
XML parse ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28679
- RESERVED
+CVE-2023-28679 (Jenkins Mashup Portlets Plugin 1.1.2 and earlier provides the
"Generic ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28678
- RESERVED
+CVE-2023-28678 (Jenkins Cppcheck Plugin 1.26 and earlier does not escape file
names fr ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28677
- RESERVED
+CVE-2023-28677 (Jenkins Convert To Pipeline Plugin 1.0 and earlier uses basic
string c ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28676
- RESERVED
+CVE-2023-28676 (A cross-site request forgery (CSRF) vulnerability in Jenkins
Convert T ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28675
- RESERVED
+CVE-2023-28675 (A missing permission check in Jenkins OctoPerf Load Testing
Plugin Plu ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28674
- RESERVED
+CVE-2023-28674 (A cross-site request forgery (CSRF) vulnerability in Jenkins
OctoPerf ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28673
- RESERVED
+CVE-2023-28673 (A missing permission check in Jenkins OctoPerf Load Testing
Plugin Plu ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28672
- RESERVED
+CVE-2023-28672 (Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier
does not ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28671
- RESERVED
+CVE-2023-28671 (A cross-site request forgery (CSRF) vulnerability in Jenkins
OctoPerf ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28670
- RESERVED
+CVE-2023-28670 (Jenkins Pipeline Aggregator View Plugin 1.13 and earlier does
not esca ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28669
- RESERVED
+CVE-2023-28669 (Jenkins JaCoCo Plugin 3.3.2 and earlier does not escape class
and meth ...)
NOT-FOR-US: Jenkins plugin
-CVE-2023-28668
- RESERVED
+CVE-2023-28668 (Jenkins Role-based Authorization Strategy Plugin
587.v2872c41fa_e51 an ...)
NOT-FOR-US: Jenkins plugin
CVE-2023-28667 (The Lead Generated WordPress Plugin, version <= 1.23, was
affected ...)
NOT-FOR-US: WordPress plugin
@@ -338,24 +459,31 @@ CVE-2023-1536 (Cross-site Scripting (XSS) - Stored in
GitHub repository answerde
CVE-2023-1535 (Cross-site Scripting (XSS) - Stored in GitHub repository
answerdev/ans ...)
NOT-FOR-US: answer
CVE-2023-1534 (Out of bounds read in ANGLE in Google Chrome prior to
111.0.5563.110 a ...)
+ {DSA-5377-1}
- chromium 111.0.5563.110-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-1533 (Use after free in WebProtect in Google Chrome prior to
111.0.5563.110 ...)
+ {DSA-5377-1}
- chromium 111.0.5563.110-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-1532 (Out of bounds read in GPU Video in Google Chrome prior to
111.0.5563.1 ...)
+ {DSA-5377-1}
- chromium 111.0.5563.110-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-1531 (Use after free in ANGLE in Google Chrome prior to
111.0.5563.110 allow ...)
+ {DSA-5377-1}
- chromium 111.0.5563.110-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-1530 (Use after free in PDF in Google Chrome prior to 111.0.5563.110
allowed ...)
+ {DSA-5377-1}
- chromium 111.0.5563.110-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-1529 (Out of bounds memory access in WebHID in Google Chrome prior to
111.0. ...)
+ {DSA-5377-1}
- chromium 111.0.5563.110-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-1528 (Use after free in Passwords in Google Chrome prior to
111.0.5563.110 a ...)
+ {DSA-5377-1}
- chromium 111.0.5563.110-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-1527 (Cross-site Scripting (XSS) - Generic in GitHub repository
tsolucio/cor ...)
@@ -524,8 +652,8 @@ CVE-2023-28612
RESERVED
CVE-2023-28611
RESERVED
-CVE-2023-28610
- RESERVED
+CVE-2023-28610 (The update process in OMICRON StationGuard and OMICRON
StationScout be ...)
+ TODO: check
CVE-2023-28609 (api/auth.go in Ansible Semaphore before 2.8.89 mishandles
authenticati ...)
NOT-FOR-US: Ansible Semaphore
CVE-2023-1495 (A vulnerability classified as critical was found in Rebuild up
to 3.2. ...)
@@ -1097,8 +1225,8 @@ CVE-2023-28428 (PDFio is a C library for reading and
writing PDF files. In versi
TODO: check
CVE-2023-28427
RESERVED
-CVE-2023-28426 (savg-sanitizer is a PHP SVG/XML Sanitizer. A bypass has been
found in ...)
- TODO: check
+CVE-2023-28426
+ REJECTED
CVE-2023-28425 (Redis is an in-memory database that persists on disk. Starting
in vers ...)
- redis <unfixed> (bug #1033340)
[bullseye] - redis <not-affected> (Vulnerable code not present)
@@ -1109,8 +1237,8 @@ CVE-2023-28424 (Soko if the code that powers
packages.gentoo.org. Prior to versi
NOT-FOR-US: Soko
CVE-2023-28423
RESERVED
-CVE-2023-28422
- RESERVED
+CVE-2023-28422 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability
in Mage ...)
+ TODO: check
CVE-2023-28421
RESERVED
CVE-2023-28420
@@ -1247,8 +1375,8 @@ CVE-2023-1412
RESERVED
CVE-2023-1411
RESERVED
-CVE-2023-1410
- RESERVED
+CVE-2023-1410 (Grafana is an open-source platform for monitoring and
observability. G ...)
+ TODO: check
CVE-2023-1409
RESERVED
CVE-2022-48425 (In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an
invalid kfr ...)
@@ -3113,8 +3241,8 @@ CVE-2023-1204
RESERVED
CVE-2023-1203 (Improper removal of sensitive data in the entry edit feature of
Hub Bu ...)
NOT-FOR-US: Devolutions
-CVE-2023-1202
- RESERVED
+CVE-2023-1202 (Permission bypass when importing or synchronizing entries in
User vaul ...)
+ TODO: check
CVE-2023-1201 (Improper access control in the secure messages feature in
Devolutions ...)
NOT-FOR-US: Devolutions
CVE-2023-1200 (A vulnerability was found in ehuacui bbs. It has been declared
as prob ...)
@@ -3578,8 +3706,8 @@ CVE-2023-27657
RESERVED
CVE-2023-27656
RESERVED
-CVE-2023-27655
- RESERVED
+CVE-2023-27655 (xpdf v4.04 was discovered to contain a stack overflow in the
component ...)
+ TODO: check
CVE-2023-27654
RESERVED
CVE-2023-27653
@@ -5081,8 +5209,8 @@ CVE-2023-27137
RESERVED
CVE-2023-27136
RESERVED
-CVE-2023-27135
- RESERVED
+CVE-2023-27135 (TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to
contain a com ...)
+ TODO: check
CVE-2023-27134
RESERVED
CVE-2023-27133
@@ -5182,8 +5310,8 @@ CVE-2023-27096
RESERVED
CVE-2023-27095 (Insecure Permissions vulnerability found in OpenGoofy Hippo4j
v.1.4.3 ...)
NOT-FOR-US: Hippo4j
-CVE-2023-27094
- RESERVED
+CVE-2023-27094 (An issue found in OpenGoofy Hippo4j v.1.4.3 allows attackers
to escala ...)
+ TODO: check
CVE-2023-27093 (Cross Site Scripting vulnerability found in My-Blog allows
attackers t ...)
NOT-FOR-US: My-Blog
CVE-2023-27092
@@ -5212,12 +5340,12 @@ CVE-2023-27081
RESERVED
CVE-2023-27080
RESERVED
-CVE-2023-27079
- RESERVED
-CVE-2023-27078
- RESERVED
-CVE-2023-27077
- RESERVED
+CVE-2023-27079 (Command Injection vulnerability found in Tenda G103 v.1.0.05
allows an ...)
+ TODO: check
+CVE-2023-27078 (A command injection issue was found in TP-Link MR3020
v.1_150921 that ...)
+ TODO: check
+CVE-2023-27077 (Stack Overflow vulnerability found in 360 D901 allows a remote
attacke ...)
+ TODO: check
CVE-2023-27076
RESERVED
CVE-2023-27075
@@ -7918,8 +8046,8 @@ CVE-2023-26010
RESERVED
CVE-2023-26009
RESERVED
-CVE-2023-26008
- RESERVED
+CVE-2023-26008 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ajay ...)
+ TODO: check
CVE-2023-26007
RESERVED
CVE-2023-26006
@@ -7950,8 +8078,8 @@ CVE-2023-25994
RESERVED
CVE-2023-25993
RESERVED
-CVE-2023-25992
- RESERVED
+CVE-2023-25992 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Crea ...)
+ TODO: check
CVE-2023-25991 (Cross-Site Request Forgery (CSRF) vulnerability in
RegistrationMagic p ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25990
@@ -9796,8 +9924,8 @@ CVE-2023-25458
RESERVED
CVE-2023-25457
RESERVED
-CVE-2023-25456
- RESERVED
+CVE-2023-25456 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Klav ...)
+ TODO: check
CVE-2023-25455
RESERVED
CVE-2023-25454
@@ -13997,8 +14125,8 @@ CVE-2023-23866
RESERVED
CVE-2023-23865 (Cross-Site Request Forgery (CSRF) vulnerability in Checkout
Plugins St ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-23864
- RESERVED
+CVE-2023-23864 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Micha ...)
+ TODO: check
CVE-2023-23863
RESERVED
CVE-2023-23862
@@ -14481,8 +14609,8 @@ CVE-2023-23730
RESERVED
CVE-2023-23729
RESERVED
-CVE-2023-23728
- RESERVED
+CVE-2023-23728 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Winwa ...)
+ TODO: check
CVE-2023-23727
RESERVED
CVE-2023-23726
@@ -14493,8 +14621,8 @@ CVE-2023-23724
RESERVED
CVE-2023-23723
RESERVED
-CVE-2023-23722
- RESERVED
+CVE-2023-23722 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Winw ...)
+ TODO: check
CVE-2023-23721 (Cross-Site Request Forgery (CSRF) vulnerability in David Gwyer
Admin L ...)
NOT-FOR-US: David Gwyer Admin Log
CVE-2023-23720
@@ -14523,8 +14651,8 @@ CVE-2023-23709
RESERVED
CVE-2023-23708
RESERVED
-CVE-2023-23707
- RESERVED
+CVE-2023-23707 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
CVE-2023-23706
RESERVED
CVE-2023-23705
@@ -14684,8 +14812,8 @@ CVE-2023-23652
RESERVED
CVE-2023-23651
RESERVED
-CVE-2023-23650
- RESERVED
+CVE-2023-23650 (Auth. (subscriber+) Stored Cross-Site Scripting (XSS)
vulnerability in ...)
+ TODO: check
CVE-2023-23649
RESERVED
CVE-2023-23648
@@ -17691,16 +17819,16 @@ CVE-2023-22718
RESERVED
CVE-2023-22717
RESERVED
-CVE-2023-22716
- RESERVED
-CVE-2023-22715
- RESERVED
+CVE-2023-22716 (Auth. (admin+) Cross-Site Scripting vulnerability in OOPSpam
OOPSpam A ...)
+ TODO: check
+CVE-2023-22715 (Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in
Lester 'GaM ...)
+ TODO: check
CVE-2023-22714
RESERVED
CVE-2023-22713
RESERVED
-CVE-2023-22712
- RESERVED
+CVE-2023-22712 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
+ TODO: check
CVE-2023-22711
RESERVED
CVE-2023-22710
@@ -17715,12 +17843,12 @@ CVE-2023-22706
RESERVED
CVE-2023-22705
RESERVED
-CVE-2023-22704
- RESERVED
+CVE-2023-22704 (Reflected Cross-Site Scripting (XSS) vulnerability in Michael
Winkler ...)
+ TODO: check
CVE-2023-22703
RESERVED
-CVE-2023-22702
- RESERVED
+CVE-2023-22702 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in WPMob ...)
+ TODO: check
CVE-2023-22701
RESERVED
CVE-2023-22700 (Cross-Site Request Forgery (CSRF) vulnerability in
PixelYourSite Pixel ...)
@@ -20918,8 +21046,8 @@ CVE-2022-47591 (Reflected Cross-Site Scripting (XSS)
vulnerability in Mickael Au
TODO: check
CVE-2022-47590
RESERVED
-CVE-2022-47589
- RESERVED
+CVE-2022-47589 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in this ...)
+ TODO: check
CVE-2022-47588
RESERVED
CVE-2022-47587
@@ -22625,8 +22753,8 @@ CVE-2022-47433
RESERVED
CVE-2022-47432
RESERVED
-CVE-2022-47431
- RESERVED
+CVE-2022-47431 (Reflected Cross-Site Scripting (XSS) vulnerability in
Tussendoor inter ...)
+ TODO: check
CVE-2022-47430
RESERVED
CVE-2022-47429
@@ -23523,8 +23651,8 @@ CVE-2022-47175
RESERVED
CVE-2022-47174
RESERVED
-CVE-2022-47173
- RESERVED
+CVE-2022-47173 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in nasi ...)
+ TODO: check
CVE-2022-47172
RESERVED
CVE-2022-47171 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -23579,8 +23707,8 @@ CVE-2022-47147 (Cross-Site Request Forgery (CSRF)
vulnerability in Kesz1 Technol
NOT-FOR-US: WordPress plugin
CVE-2022-47146
RESERVED
-CVE-2022-47145
- RESERVED
+CVE-2022-47145 (Reflected Cross-Site Scripting (XSS) vulnerability in
Blockonomics Wor ...)
+ TODO: check
CVE-2022-47144
RESERVED
CVE-2022-47143 (Cross-Site Request Forgery (CSRF) vulnerability in Themeisle
Multiple ...)
@@ -24750,8 +24878,8 @@ CVE-2022-4324 (The Custom Field Template WordPress
plugin before 2.5.8 unseriali
NOT-FOR-US: WordPress plugin
CVE-2022-4323 (The Analyticator WordPress plugin before 6.5.6 unserializes
user input ...)
NOT-FOR-US: WordPress plugin
-CVE-2018-25048
- RESERVED
+CVE-2018-25048 (The CODESYS runtime system in multiple versions allows an
remote low p ...)
+ TODO: check
CVE-2023-21673
RESERVED
CVE-2023-21672
@@ -26173,8 +26301,8 @@ CVE-2022-46340 (A vulnerability was found in X.Org.
This security flaw occurs be
NOTE:
https://gitlab.freedesktop.org/xorg/xserver/commit/b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63
CVE-2022-46339
RESERVED
-CVE-2022-4224
- RESERVED
+CVE-2022-4224 (In multiple products of CODESYS v3 in multiple versions a
remote low p ...)
+ TODO: check
CVE-2022-4223 (The pgAdmin server includes an HTTP API that is intended to be
used to ...)
- pgadmin4 <itp> (bug #834129)
CVE-2022-4222 (A vulnerability was found in SourceCodester Canteen Management
System. ...)
@@ -27510,8 +27638,8 @@ CVE-2022-45845
RESERVED
CVE-2022-45844
RESERVED
-CVE-2022-45843
- RESERVED
+CVE-2022-45843 (Auth. (contributor+) Stored Cross-Site Scripting vulnerability
in Next ...)
+ TODO: check
CVE-2022-45842 (Unauth. Race Condition vulnerability in WP ULike Plugin <=
4.6.4 on ...)
NOT-FOR-US: WordPress plugin
CVE-2022-45841
@@ -30748,8 +30876,8 @@ CVE-2022-44744 (Local privilege escalation due to DLL
hijacking vulnerability. T
NOT-FOR-US: Acronis
CVE-2022-44743
RESERVED
-CVE-2022-44742
- RESERVED
+CVE-2022-44742 (Auth. (admin+) Stored Cross-Site Scripting vulnerability in
Yannick Le ...)
+ TODO: check
CVE-2022-44741 (Cross-Site Request Forgery (CSRF) vulnerability leading to
Cross-Site ...)
NOT-FOR-US: WordPress plugin
CVE-2022-44740 (Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in
Creative ...)
@@ -34441,10 +34569,10 @@ CVE-2023-20561
RESERVED
CVE-2023-20560
RESERVED
-CVE-2023-20559
- RESERVED
-CVE-2023-20558
- RESERVED
+CVE-2023-20559 (Insufficient control flow management in AmdCpmGpioInitSmm may
allow a ...)
+ TODO: check
+CVE-2023-20558 (Insufficient control flow management in AmdCpmOemSmm may allow
a privi ...)
+ TODO: check
CVE-2023-20557
RESERVED
CVE-2023-20556
@@ -35333,10 +35461,10 @@ CVE-2023-20115
RESERVED
CVE-2023-20114
RESERVED
-CVE-2023-20113
- RESERVED
-CVE-2023-20112
- RESERVED
+CVE-2023-20113 (A vulnerability in the web-based management interface of Cisco
SD-WAN ...)
+ TODO: check
+CVE-2023-20112 (A vulnerability in Cisco access point (AP) software could
allow an una ...)
+ TODO: check
CVE-2023-20111
RESERVED
CVE-2023-20110
@@ -35345,8 +35473,8 @@ CVE-2023-20109
RESERVED
CVE-2023-20108
RESERVED
-CVE-2023-20107
- RESERVED
+CVE-2023-20107 (A vulnerability in the deterministic random bit generator
(DRBG), also ...)
+ TODO: check
CVE-2023-20106
RESERVED
CVE-2023-20105
@@ -35359,14 +35487,14 @@ CVE-2023-20102
RESERVED
CVE-2023-20101
RESERVED
-CVE-2023-20100
- RESERVED
+CVE-2023-20100 (A vulnerability in the access point (AP) joining process of
the Contro ...)
+ TODO: check
CVE-2023-20099
RESERVED
CVE-2023-20098
RESERVED
-CVE-2023-20097
- RESERVED
+CVE-2023-20097 (A vulnerability in Cisco access points (AP) software could
allow an au ...)
+ TODO: check
CVE-2023-20096
RESERVED
CVE-2023-20095
@@ -35395,12 +35523,12 @@ CVE-2023-20084
RESERVED
CVE-2023-20083
RESERVED
-CVE-2023-20082
- RESERVED
-CVE-2023-20081
- RESERVED
-CVE-2023-20080
- RESERVED
+CVE-2023-20082 (A vulnerability in Cisco IOS XE Software for Cisco Catalyst
9300 Serie ...)
+ TODO: check
+CVE-2023-20081 (A vulnerability in the IPv6 DHCP (DHCPv6) client module of
Cisco Adapt ...)
+ TODO: check
+CVE-2023-20080 (A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and
server f ...)
+ TODO: check
CVE-2023-20079 (Multiple vulnerabilities in the web-based management interface
of cert ...)
NOT-FOR-US: Cisco
CVE-2023-20078 (Multiple vulnerabilities in the web-based management interface
of cert ...)
@@ -35415,8 +35543,8 @@ CVE-2023-20074
RESERVED
CVE-2023-20073
RESERVED
-CVE-2023-20072
- RESERVED
+CVE-2023-20072 (A vulnerability in the fragmentation handling code of tunnel
protocol ...)
+ TODO: check
CVE-2023-20071
RESERVED
CVE-2023-20070
@@ -35425,12 +35553,12 @@ CVE-2023-20069 (A vulnerability in the web-based
management interface of Cisco P
NOT-FOR-US: Cisco
CVE-2023-20068
RESERVED
-CVE-2023-20067
- RESERVED
-CVE-2023-20066
- RESERVED
-CVE-2023-20065
- RESERVED
+CVE-2023-20067 (A vulnerability in the HTTP-based client profiling feature of
Cisco IO ...)
+ TODO: check
+CVE-2023-20066 (A vulnerability in the web UI of Cisco IOS XE Software could
allow an ...)
+ TODO: check
+CVE-2023-20065 (A vulnerability in the Cisco IOx application hosting subsystem
of Cisc ...)
+ TODO: check
CVE-2023-20064 (A vulnerability in the GRand Unified Bootloader (GRUB) for
Cisco IOS X ...)
NOT-FOR-US: Cisco's use of GRUB
CVE-2023-20063
@@ -35441,16 +35569,16 @@ CVE-2023-20061 (Multiple vulnerabilities in Cisco
Unified Intelligence Center co
NOT-FOR-US: Cisco
CVE-2023-20060
RESERVED
-CVE-2023-20059
- RESERVED
+CVE-2023-20059 (A vulnerability in the implementation of the Cisco Network
Plug-and-Pl ...)
+ TODO: check
CVE-2023-20058 (A vulnerability in the web-based management interface of Cisco
Unified ...)
NOT-FOR-US: Cisco
CVE-2023-20057 (A vulnerability in the URL filtering mechanism of Cisco
AsyncOS Softwa ...)
NOT-FOR-US: Cisco
-CVE-2023-20056
- RESERVED
-CVE-2023-20055
- RESERVED
+CVE-2023-20056 (A vulnerability in the management CLI of Cisco access point
(AP) softw ...)
+ TODO: check
+CVE-2023-20055 (A vulnerability in the management API of Cisco DNA Center
could allow ...)
+ TODO: check
CVE-2023-20054
RESERVED
CVE-2023-20053 (A vulnerability in the web-based management interface of Cisco
Nexus D ...)
@@ -35492,8 +35620,8 @@ CVE-2023-20037 (A vulnerability in Cisco Industrial
Network Director could allow
NOT-FOR-US: Cisco
CVE-2023-20036
RESERVED
-CVE-2023-20035
- RESERVED
+CVE-2023-20035 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software
could allow ...)
+ TODO: check
CVE-2023-20034
RESERVED
CVE-2023-20033
@@ -35508,12 +35636,12 @@ CVE-2023-20031
RESERVED
CVE-2023-20030
RESERVED
-CVE-2023-20029
- RESERVED
+CVE-2023-20029 (A vulnerability in the Meraki onboarding feature of Cisco IOS
XE Softw ...)
+ TODO: check
CVE-2023-20028
RESERVED
-CVE-2023-20027
- RESERVED
+CVE-2023-20027 (A vulnerability in the implementation of the IPv4 Virtual
Fragmentatio ...)
+ TODO: check
CVE-2023-20026 (A vulnerability in the web-based management interface of Cisco
Small B ...)
NOT-FOR-US: Cisco
CVE-2023-20025 (A vulnerability in the web-based management interface of Cisco
Small B ...)
@@ -78543,20 +78671,20 @@ CVE-2022-28499
RESERVED
CVE-2022-28498
RESERVED
-CVE-2022-28497
- RESERVED
-CVE-2022-28496
- RESERVED
+CVE-2022-28497 (TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered
to contai ...)
+ TODO: check
+CVE-2022-28496 (TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 discovered to
contain a ...)
+ TODO: check
CVE-2022-28495
RESERVED
CVE-2022-28494 (TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered
to contai ...)
TODO: check
-CVE-2022-28493
- RESERVED
-CVE-2022-28492
- RESERVED
-CVE-2022-28491
- RESERVED
+CVE-2022-28493 (A vulnerability in TOTOLINK CP900 V6.3c.566 allows attackers
to start ...)
+ TODO: check
+CVE-2022-28492 (TOTOLINK Technology CPE with firmware V6.3c.566 ,allows remote
attacke ...)
+ TODO: check
+CVE-2022-28491 (TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 contains a
command inje ...)
+ TODO: check
CVE-2022-28490
RESERVED
CVE-2022-28489
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcbf43fdffa6fba8afc6a02fa36e7dd0927d7129
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcbf43fdffa6fba8afc6a02fa36e7dd0927d7129
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
