Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8163efde by security tracker role at 2023-04-22T20:10:31+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2023-31038
+ RESERVED
+CVE-2023-2245 (A vulnerability was found in hansunCMS 1.4.3. It has been
declared as ...)
+ TODO: check
+CVE-2023-2244 (A vulnerability was found in SourceCodester Online Eyewear Shop
1.0. I ...)
+ TODO: check
+CVE-2023-2243 (A vulnerability was found in SourceCodester Complaint
Management Syste ...)
+ TODO: check
+CVE-2023-2242 (A vulnerability has been found in SourceCodester Online
Computer and L ...)
+ TODO: check
+CVE-2023-2241 (A vulnerability, which was classified as critical, was found in
PoDoFo ...)
+ TODO: check
+CVE-2012-10014
+ RESERVED
+CVE-2012-10013
+ RESERVED
CVE-2023-31037
RESERVED
CVE-2023-31036
@@ -250,8 +266,8 @@ CVE-2023-30913
RESERVED
CVE-2023-2240 (Improper Privilege Management in GitHub repository
microweber/microweb ...)
NOT-FOR-US: microweber
-CVE-2023-2239
- RESERVED
+CVE-2023-2239 (Exposure of Private Personal Information to an Unauthorized
Actor in G ...)
+ TODO: check
CVE-2023-2238
RESERVED
CVE-2023-2237
@@ -288,8 +304,8 @@ CVE-2023-2222
RESERVED
CVE-2023-2221
RESERVED
-CVE-2022-4944
- RESERVED
+CVE-2022-4944 (A vulnerability, which was classified as problematic, has been
found i ...)
+ TODO: check
CVE-2023-2220 (A vulnerability was found in Dream Technology mica up to 3.0.5.
It has ...)
NOT-FOR-US: Dream Technology mica
CVE-2023-2219 (A vulnerability was found in SourceCodester Task Reminder
System 1.0 a ...)
@@ -729,18 +745,23 @@ CVE-2023-30793
CVE-2023-2138 (Use of Hard-coded Credentials in GitHub repository
nuxtlabs/github-mod ...)
NOT-FOR-US: nuxtlabs/github-module
CVE-2023-2137 (Heap buffer overflow in sqlite in Google Chrome prior to
112.0.5615.13 ...)
+ {DSA-5393-1}
- chromium 112.0.5615.138-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-2136 (Integer overflow in Skia in Google Chrome prior to
112.0.5615.137 allo ...)
+ {DSA-5393-1}
- chromium 112.0.5615.138-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-2135 (Use after free in DevTools in Google Chrome prior to
112.0.5615.137 al ...)
+ {DSA-5393-1}
- chromium 112.0.5615.138-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-2134 (Out of bounds memory access in Service Worker API in Google
Chrome pri ...)
+ {DSA-5393-1}
- chromium 112.0.5615.138-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-2133 (Out of bounds memory access in Service Worker API in Google
Chrome pri ...)
+ {DSA-5393-1}
- chromium 112.0.5615.138-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2023-2132
@@ -3746,7 +3767,7 @@ CVE-2023-29551
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29551
CVE-2023-29550
RESERVED
- {DSA-5385-1 DLA-3391-1}
+ {DSA-5392-1 DSA-5385-1 DLA-3391-1}
- firefox 112.0-1
- firefox-esr 102.10.0esr-1
- thunderbird 1:102.10.0-1
@@ -3759,7 +3780,7 @@ CVE-2023-29549
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29549
CVE-2023-29548
RESERVED
- {DSA-5385-1 DLA-3391-1}
+ {DSA-5392-1 DSA-5385-1 DLA-3391-1}
- firefox 112.0-1
- firefox-esr 102.10.0esr-1
- thunderbird 1:102.10.0-1
@@ -3799,7 +3820,7 @@ CVE-2023-29542
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/#CVE-2023-29542
CVE-2023-29541
RESERVED
- {DSA-5385-1 DLA-3391-1}
+ {DSA-5392-1 DSA-5385-1 DLA-3391-1}
- firefox 112.0-1
- firefox-esr 102.10.0esr-1
- thunderbird 1:102.10.0-1
@@ -3812,7 +3833,7 @@ CVE-2023-29540
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29540
CVE-2023-29539
RESERVED
- {DSA-5385-1 DLA-3391-1}
+ {DSA-5392-1 DSA-5385-1 DLA-3391-1}
- firefox 112.0-1
- firefox-esr 102.10.0esr-1
- thunderbird 1:102.10.0-1
@@ -3829,7 +3850,7 @@ CVE-2023-29537
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29537
CVE-2023-29536
RESERVED
- {DSA-5385-1 DLA-3391-1}
+ {DSA-5392-1 DSA-5385-1 DLA-3391-1}
- firefox 112.0-1
- firefox-esr 102.10.0esr-1
- thunderbird 1:102.10.0-1
@@ -3838,7 +3859,7 @@ CVE-2023-29536
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/#CVE-2023-29536
CVE-2023-29535
RESERVED
- {DSA-5385-1 DLA-3391-1}
+ {DSA-5392-1 DSA-5385-1 DLA-3391-1}
- firefox 112.0-1
- firefox-esr 102.10.0esr-1
- thunderbird 1:102.10.0-1
@@ -3851,7 +3872,7 @@ CVE-2023-29534
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29534
CVE-2023-29533
RESERVED
- {DSA-5385-1 DLA-3391-1}
+ {DSA-5392-1 DSA-5385-1 DLA-3391-1}
- firefox 112.0-1
- firefox-esr 102.10.0esr-1
- thunderbird 1:102.10.0-1
@@ -3910,7 +3931,7 @@ CVE-2023-1946 (A vulnerability was found in
SourceCodester Survey Application Sy
NOT-FOR-US: SourceCodester Survey Application System
CVE-2023-1945
RESERVED
- {DSA-5385-1 DLA-3391-1}
+ {DSA-5392-1 DSA-5385-1 DLA-3391-1}
- firefox-esr 102.10.0esr-1
- thunderbird 1:102.10.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/#CVE-2023-1945
@@ -4036,6 +4057,7 @@ CVE-2023-29480
NOTE: https://www.rnpgp.org/blog/2023-04-13-rnp-release-0-16-3/
CVE-2023-29479
RESERVED
+ {DSA-5392-1}
- rnp <unfixed> (bug #1034558)
- thunderbird 1:102.10.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/#CVE-2023-29479
@@ -4418,8 +4440,8 @@ CVE-2023-1877 (Command Injection in GitHub repository
microweber/microweber prio
NOT-FOR-US: microweber
CVE-2023-1876
REJECTED
-CVE-2023-1875
- RESERVED
+CVE-2023-1875 (Cross-site Scripting (XSS) - Stored in GitHub repository
thorsten/phpm ...)
+ TODO: check
CVE-2023-1874 (The WP Data Access plugin for WordPress is vulnerable to
privilege esc ...)
NOT-FOR-US: WP Data Access plugin for WordPress
CVE-2023-1873 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -7617,6 +7639,7 @@ CVE-2023-28428 (PDFio is a C library for reading and
writing PDF files. In versi
NOTE:
https://github.com/michaelrsweet/pdfio/commit/97d4955666779dc5b0665e15dd951a5c12426a31
(v1.1.1)
NOTE:
https://github.com/michaelrsweet/pdfio/security/advisories/GHSA-68x8-9phf-j7jf
CVE-2023-28427 (matrix-js-sdk is a Matrix messaging protocol Client-Server SDK
for Jav ...)
+ {DSA-5392-1}
- node-matrix-js-sdk <unfixed> (bug #1033621)
[bullseye] - node-matrix-js-sdk <no-dsa> (Minor issue)
[buster] - node-matrix-js-sdk <no-dsa> (Minor issue)
@@ -18746,6 +18769,7 @@ CVE-2023-0548 (The Namaste! LMS WordPress plugin before
2.5.9.4 does not sanitiz
NOT-FOR-US: WordPress plugin
CVE-2023-0547
RESERVED
+ {DSA-5392-1}
- thunderbird 1:102.10.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/#CVE-2023-0547
CVE-2023-0546 (The Contact Form Plugin WordPress plugin before 4.3.25 does not
proper ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8163efdec326cce2f439528875c7a5226c2a02c4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8163efdec326cce2f439528875c7a5226c2a02c4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
