Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9289f9b4 by security tracker role at 2023-06-19T20:12:21+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,117 @@ +CVE-2023-3318 (A vulnerability was found in SourceCodester Resort Management System 1 ...) + TODO: check +CVE-2023-3316 (A NULL pointer dereference in TIFFClose() is caused by a failure to op ...) + TODO: check +CVE-2023-3312 (A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpuf ...) + TODO: check +CVE-2023-35843 (NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability ...) + TODO: check +CVE-2023-35779 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Seed ...) + TODO: check +CVE-2023-35776 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) + TODO: check +CVE-2023-35775 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Backu ...) + TODO: check +CVE-2023-35772 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alain Go ...) + TODO: check +CVE-2023-34461 (PyBB is an open source bulletin board. A manual code review of the PyB ...) + TODO: check +CVE-2023-34373 (Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr ...) + TODO: check +CVE-2023-34167 (Vulnerability of spoofing trustlists of Huawei desktop.Successful expl ...) + TODO: check +CVE-2023-34166 (Vulnerability of system restart triggered by abnormal callbacks passed ...) + TODO: check +CVE-2023-34163 (Permission control vulnerability in the window management module.Succe ...) + TODO: check +CVE-2023-34162 (Version update determination vulnerability in the user profile module. ...) + TODO: check +CVE-2023-34161 (nappropriate authorization vulnerability in the SettingsProvider modul ...) + TODO: check +CVE-2023-34160 (Vulnerability of spoofing trustlists of Huawei desktop.Successful expl ...) + TODO: check +CVE-2023-34159 (Improper permission control vulnerability in the Notepad app.Successfu ...) + TODO: check +CVE-2023-34158 (Vulnerability of spoofing trustlists of Huawei desktop.Successful expl ...) + TODO: check +CVE-2023-34156 (Vulnerability of services denied by early fingerprint APIs on HarmonyO ...) + TODO: check +CVE-2023-34155 (Vulnerability of unauthorized calling on HUAWEI phones and tablets.Suc ...) + TODO: check +CVE-2023-33213 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gVec ...) + TODO: check +CVE-2023-31411 (A remote unprivileged attacker can modify and access configuration set ...) + TODO: check +CVE-2023-31410 (A remote unprivileged attacker can intercept the communication via e.g ...) + TODO: check +CVE-2023-2907 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2023-2899 (The Google Map Shortcode WordPress plugin through 3.1.2 does not valid ...) + TODO: check +CVE-2023-2812 (The Ultimate Dashboard WordPress plugin before 3.7.6 does not sanitise ...) + TODO: check +CVE-2023-2811 (The AI ChatBot WordPress plugin before 4.5.6 does not sanitise and esc ...) + TODO: check +CVE-2023-2805 (The SupportCandy WordPress plugin before 3.1.7 does not properly sanit ...) + TODO: check +CVE-2023-2779 (The Social Share, Social Login and Social Comments WordPress plugin be ...) + TODO: check +CVE-2023-2751 (The Upload Resume WordPress plugin through 1.2.0 does not validate the ...) + TODO: check +CVE-2023-2742 (The AI ChatBot WordPress plugin before 4.5.5 does not sanitize and esc ...) + TODO: check +CVE-2023-2719 (The SupportCandy WordPress plugin before 3.1.7 does not properly sanit ...) + TODO: check +CVE-2023-2684 (The File Renaming on Upload WordPress plugin before 2.5.2 does not san ...) + TODO: check +CVE-2023-2654 (The Conditional Menus WordPress plugin before 1.2.1 does not escape a ...) + TODO: check +CVE-2023-2600 (The Custom Base Terms WordPress plugin before 1.0.3 does not sanitize ...) + TODO: check +CVE-2023-2527 (The Integration for Contact Form 7 and Zoho CRM, Bigin WordPress plugi ...) + TODO: check +CVE-2023-2492 (The QueryWall: Plug'n Play Firewall WordPress plugin through 1.1.1 doe ...) + TODO: check +CVE-2023-2401 (The QuBot WordPress plugin before 1.1.6 does not sanitise and escape s ...) + TODO: check +CVE-2023-2399 (The QuBot WordPress plugin before 1.1.6 doesn't filter user input on c ...) + TODO: check +CVE-2023-2359 (The Slider Revolution WordPress plugin through 6.6.12 does not check f ...) + TODO: check +CVE-2022-48506 (A flawed pseudorandom number generator in Dominion Voting Systems Imag ...) + TODO: check +CVE-2022-48501 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48500 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48499 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48498 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48497 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48496 (Vulnerability of lax app identity verification in the pre-authorizatio ...) + TODO: check +CVE-2022-48495 (Vulnerability of unauthorized access to foreground app information.Suc ...) + TODO: check +CVE-2022-48494 (Vulnerability of lax app identity verification in the pre-authorizatio ...) + TODO: check +CVE-2022-48493 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48492 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48491 (Vulnerability of missing authentication on certain HUAWEI phones.Succe ...) + TODO: check +CVE-2022-48490 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48489 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48488 (Vulnerability of bypassing the default desktop security controls.Succe ...) + TODO: check +CVE-2022-48487 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check +CVE-2022-48486 (Configuration defects in the secure OS module.Successful exploitation ...) + TODO: check CVE-2023-3311 (A vulnerability, which was classified as problematic, was found in Pun ...) NOT-FOR-US: PuneethReddyHC online-shopping-system-advanced CVE-2023-3310 (A vulnerability, which was classified as critical, has been found in c ...) @@ -95,7 +209,7 @@ CVE-2023-35824 (An issue was discovered in the Linux kernel before 6.3.2. A use- CVE-2023-35823 (An issue was discovered in the Linux kernel before 6.3.2. A use-after- ...) - linux 6.3.7-1 NOTE: https://git.kernel.org/linus/30cf57da176cca80f11df0d9b7f71581fe601389 (6.4-rc1) -CVE-2023-35005 +CVE-2023-35005 (In Apache Airflow, some potentially sensitive values were being shown ...) - airflow <itp> (bug #819700) CVE-2023-3306 (A vulnerability was found in Ruijie RG-EW1200G EW_3.0(1)B11P204. It ha ...) NOT-FOR-US: Ruijie @@ -1424,10 +1538,10 @@ CVE-2023-28653 (The affected application lacks proper validation of user-supplie NOT-FOR-US: Horner Automation CVE-2023-27916 (The affected application lacks proper validation of user-supplied data ...) NOT-FOR-US: Horner Automation -CVE-2023-34417 +CVE-2023-34417 (Memory safety bugs present in Firefox 113. Some of these bugs showed e ...) - firefox 114.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-20/#CVE-2023-34417 -CVE-2023-34416 +CVE-2023-34416 (Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thu ...) {DSA-5423-1 DSA-5421-1 DLA-3452-1 DLA-3448-1} - firefox 114.0-1 - firefox-esr 102.12.0esr-1 @@ -1435,10 +1549,10 @@ CVE-2023-34416 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-19/#CVE-2023-34416 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-20/#CVE-2023-34416 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-21/#CVE-2023-34416 -CVE-2023-34415 +CVE-2023-34415 (When choosing a site-isolated process for a document loaded from a dat ...) - firefox 114.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-20/#CVE-2023-34415 -CVE-2023-34414 +CVE-2023-34414 (The error page for sites with invalid TLS certificates was missing the ...) {DSA-5423-1 DSA-5421-1 DLA-3452-1 DLA-3448-1} - firefox 114.0-1 - firefox-esr 102.12.0esr-1 @@ -1888,7 +2002,7 @@ CVE-2018-25086 (A vulnerability was found in sea75300 FanPress CM up to 3.6.3. I NOT-FOR-US: sea75300 FanPress CM CVE-2010-10010 (A vulnerability classified as problematic has been found in Stars Alli ...) NOT-FOR-US: Stars Alliance PsychoStats -CVE-2023-3022 +CVE-2023-3022 (A flaw was found in the IPv6 module of the Linux kernel. The arg.resul ...) - linux 5.2.6-1 NOTE: https://git.kernel.org/linus/a65120bae4b7425a39c5783aa3d4fc29677eef0e CVE-2023-3021 (Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-libr ...) @@ -3905,7 +4019,7 @@ CVE-2023-2610 (Integer Overflow or Wraparound in GitHub repository vim/vim prior [bullseye] - vim <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d NOTE: https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a (v9.0.1532) -CVE-2023-32216 +CVE-2023-32216 (Memory safety bugs present in Firefox 112. Some of these bugs showed ...) - firefox 113.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/#CVE-2023-32216 CVE-2023-32215 (Memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some ...) @@ -3916,7 +4030,7 @@ CVE-2023-32215 (Memory safety bugs present in Firefox 112 and Firefox ESR 102.10 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/#CVE-2023-32215 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-17/#CVE-2023-32215 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-18/#CVE-2023-32215 -CVE-2023-32214 +CVE-2023-32214 (Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged ...) - firefox <not-affected> (Only affects Firefox on Windows) - firefox-esr <not-affected> (Only affects Firefox ESR on Windows) - thunderbird <not-affected> (Only affects Firefox ESR on Windows) @@ -3947,13 +4061,13 @@ CVE-2023-32211 (A type checking bug would have led to invalid code being compile NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/#CVE-2023-32211 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-17/#CVE-2023-32211 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-18/#CVE-2023-32211 -CVE-2023-32210 +CVE-2023-32210 (Documents were incorrectly assuming an ordering of principal objects w ...) - firefox 113.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/#CVE-2023-32210 -CVE-2023-32209 +CVE-2023-32209 (A maliciously crafted favicon could have led to an out of memory crash ...) - firefox 113.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/#CVE-2023-32209 -CVE-2023-32208 +CVE-2023-32208 (Service workers could reveal script base URL due to dynamic `import()` ...) - firefox 113.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-16/#CVE-2023-32208 CVE-2023-32207 (A missing delay in popup notifications could have made it possible for ...) @@ -4847,6 +4961,7 @@ CVE-2023-31139 (DHIS2 Core contains the service layer and Web API for DHIS2, an CVE-2023-31138 (DHIS2 Core contains the service layer and Web API for DHIS2, an inform ...) NOT-FOR-US: DHIS2 CVE-2023-31137 (MaraDNS is open-source software that implements the Domain Name System ...) + {DLA-3457-1} - maradns <unfixed> (bug #1035936) NOTE: https://github.com/samboy/MaraDNS/commit/bab062bde40b2ae8a91eecd522e84d8b993bab58 NOTE: https://github.com/samboy/MaraDNS/security/advisories/GHSA-58m7-826v-9c3c @@ -5475,8 +5590,8 @@ CVE-2023-2223 (The Login rebuilder WordPress plugin before 2.8.1 does not saniti NOT-FOR-US: WordPress plugin CVE-2023-2222 RESERVED -CVE-2023-2221 - RESERVED +CVE-2023-2221 (The WP Custom Cursors WordPress plugin before 3.2 does not properly sa ...) + TODO: check CVE-2022-4944 (A vulnerability, which was classified as problematic, has been found i ...) NOT-FOR-US: KodExplorer CVE-2023-2220 (A vulnerability was found in Dream Technology mica up to 3.0.5. It has ...) @@ -9139,12 +9254,10 @@ CVE-2023-29548 (A wrong lowering instruction in the ARM64 Ion compiler resulted CVE-2023-29547 (When a secure cookie existed in the Firefox cookie jar an insecure coo ...) - firefox 112.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29547 -CVE-2023-29546 - RESERVED +CVE-2023-29546 (When recording the screen while in Private Browsing on Firefox for And ...) - firefox <not-affected> (Only affects Firefox on Android) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29546 -CVE-2023-29545 - RESERVED +CVE-2023-29545 (Similar to CVE-2023-28163, this time when choosing 'Save Link As', sug ...) - firefox <not-affected> (Only affects Firefox on Windows) - firefox-esr <not-affected> (Only affects Firefox ESR on Windows) - thunderbird <not-affected> (Only affects Thunderbird on Windows) @@ -9157,8 +9270,7 @@ CVE-2023-29544 (If multiple instances of resource exhaustion occurred at the inc CVE-2023-29543 (An attacker could have caused memory corruption and a potentially expl ...) - firefox 112.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29543 -CVE-2023-29542 - RESERVED +CVE-2023-29542 (A newline in a filename could have been used to bypass the file extens ...) - firefox <not-affected> (Only affects Firefox on Windows) - firefox-esr <not-affected> (Only affects Firefox ESR on Windows) - thunderbird <not-affected> (Only affects Thunderbird on Windows) @@ -9205,8 +9317,7 @@ CVE-2023-29535 (Following a Garbage Collector compaction, weak maps may have bee NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29535 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/#CVE-2023-29535 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/#CVE-2023-29535 -CVE-2023-29534 - RESERVED +CVE-2023-29534 (Different techniques existed to obscure the fullscreen notification in ...) - firefox <not-affected> (Only affects Firefox on Android) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29534 CVE-2023-29533 (A website could have obscured the fullscreen notification by using a c ...) @@ -9217,16 +9328,14 @@ CVE-2023-29533 (A website could have obscured the fullscreen notification by usi NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29533 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/#CVE-2023-29533 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/#CVE-2023-29533 -CVE-2023-29532 - RESERVED +CVE-2023-29532 (A local attacker can trick the Mozilla Maintenance Service into applyi ...) - firefox <not-affected> (Only affects Firefox on Windows) - firefox-esr <not-affected> (Only affects Firefox ESR on Windows) - thunderbird <not-affected> (Only affects Thunderbird on Windows) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#CVE-2023-29532 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-14/#CVE-2023-29532 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/#CVE-2023-29532 -CVE-2023-29531 - RESERVED +CVE-2023-29531 (An attacker could have caused an out of bounds memory access using Web ...) - firefox <not-affected> (Only affects Firefox on macOS) - firefox-esr <not-affected> (Only affects Firefox ESR on macOS) - thunderbird <not-affected> (Only affects Thunderbird on macOS) @@ -12548,8 +12657,8 @@ CVE-2023-1503 (A vulnerability classified as critical has been found in SourceCo NOT-FOR-US: SourceCodester Alphaware Simple E-Commerce System CVE-2023-1502 (A vulnerability was found in SourceCodester Alphaware Simple E-Commerc ...) NOT-FOR-US: SourceCodester Alphaware Simple E-Commerce System -CVE-2019-25136 - RESERVED +CVE-2019-25136 (A compromised child process could have injected XBL Bindings into priv ...) + TODO: check CVE-2018-25082 (A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classi ...) NOT-FOR-US: zwczou WeChat SDK Python CVE-2016-15029 (A vulnerability has been found in Ydalb mapicoin up to 1.9.0 and class ...) @@ -14726,8 +14835,8 @@ CVE-2023-27994 RESERVED CVE-2023-27993 (A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 ...) NOT-FOR-US: FortiGuard -CVE-2023-27992 - RESERVED +CVE-2023-27992 (The pre-authentication command injection vulnerability in the Zyxel NA ...) + TODO: check CVE-2023-27991 (The post-authentication command injection vulnerability in the CLI com ...) NOT-FOR-US: Zyxel CVE-2023-27990 (The XSS vulnerability in Zyxel ATP series firmware versions 4.32 throu ...) @@ -21024,8 +21133,8 @@ CVE-2023-25749 (Android applications with unpatched vulnerabilities can be launc CVE-2023-25748 (By displaying a prompt with a long description, the fullscreen notific ...) - firefox <not-affected> (Android-specific) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/#CVE-2023-25748 -CVE-2023-25747 - RESERVED +CVE-2023-25747 (A potential use-after-free in libaudio was fixed by disabling the AAud ...) + TODO: check CVE-2023-25746 (Memory safety bugs present in Firefox ESR 102.7. Some of these bugs sh ...) {DSA-5355-1 DSA-5350-1 DLA-3324-1 DLA-3319-1} - firefox-esr 102.8.0esr-1 @@ -21085,8 +21194,7 @@ CVE-2023-25737 (An invalid downcast from <code>nsTextNode</code> to <code>SVGEle NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25737 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25737 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25737 -CVE-2023-25736 - RESERVED +CVE-2023-25736 (An invalid downcast from `nsHTMLDocument` to `nsIContent` could have l ...) - firefox 110.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25736 CVE-2023-25735 (Cross-compartment wrappers wrapping a scripted proxy could have caused ...) @@ -21104,8 +21212,7 @@ CVE-2023-25734 (After downloading a Windows <code>.url</code> shortcut from the NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25734 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25734 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25734 -CVE-2023-25733 - RESERVED +CVE-2023-25733 (The return value from `gfx::SourceSurfaceSkia::Map()` wasn't being ver ...) - firefox 110.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25733 CVE-2023-25732 (When encoding data from an <code>inputStream</code> in <code>xpcom</co ...) @@ -24941,8 +25048,8 @@ CVE-2023-0491 (The Schedulicity WordPress plugin through 2.21 does not validate NOT-FOR-US: WordPress plugin CVE-2023-0490 (The f(x) TOC WordPress plugin through 1.1.0 does not validate and esca ...) NOT-FOR-US: WordPress plugin -CVE-2023-0489 - RESERVED +CVE-2023-0489 (The SlideOnline WordPress plugin through 1.2.1 does not validate and e ...) + TODO: check CVE-2023-0488 (Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload ...) - pyload <itp> (bug #1001980) CVE-2023-0487 (The My Sticky Elements WordPress plugin before 2.0.9 does not properly ...) @@ -26913,8 +27020,8 @@ CVE-2023-0370 (The WPB Advanced FAQ WordPress plugin through 1.0.6 does not vali NOT-FOR-US: WordPress plugin CVE-2023-0369 (The GoToWP WordPress plugin through 5.1.1 does not validate and escape ...) NOT-FOR-US: WordPress plugin -CVE-2023-0368 - RESERVED +CVE-2023-0368 (The Responsive Tabs For WPBakery Page Builder (formerly Visual Compose ...) + TODO: check CVE-2022-4892 (A vulnerability was found in MyCMS. It has been classified as problema ...) NOT-FOR-US: MyCMS CVE-2022-47909 (Livestatus Query Language (LQL) injection in the AuthUser HTTP query h ...) @@ -33820,8 +33927,8 @@ CVE-2022-47588 RESERVED CVE-2022-47587 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Corn ...) NOT-FOR-US: WordPress plugin -CVE-2022-47586 - RESERVED +CVE-2022-47586 (Unauth. SQL Injection (SQLi) vulnerability in Themefic Ultimate Addons ...) + TODO: check CVE-2022-47585 RESERVED CVE-2022-47584 @@ -37324,8 +37431,8 @@ CVE-2022-46852 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i NOT-FOR-US: WordPress plugin CVE-2022-46851 (Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force St ...) NOT-FOR-US: WordPress plugin -CVE-2022-46850 - RESERVED +CVE-2022-46850 (Auth. (author+) Broken Access Control vulnerability leading to Arbitra ...) + TODO: check CVE-2022-46849 RESERVED CVE-2022-46848 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...) @@ -86584,6 +86691,7 @@ CVE-2022-30258 (An issue was discovered in Technitium DNS Server through 8.0.2 t CVE-2022-30257 (An issue was discovered in Technitium DNS Server through 8.0.2 that al ...) NOT-FOR-US: Technitium DNS Server CVE-2022-30256 (An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allo ...) + {DLA-3457-1} - maradns <unfixed> (bug #1033252) [bullseye] - maradns <no-dsa> (Minor issue) NOTE: https://maradns.samiam.org/security.html#CVE-2022-30256 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9289f9b4ade5cc76e3bd84ad65ac38c244df52dd -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9289f9b4ade5cc76e3bd84ad65ac38c244df52dd You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits