[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 17 Jul 2023 01:12:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
274d83e4 by security tracker role at 2023-07-17T08:12:08+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2023-3700 (Improper Access Control in GitHub repository 
alextselegidis/easyappoin ...)
+       TODO: check
+CVE-2023-3696 (Prototype Pollution in GitHub repository automattic/mongoose 
prior to  ...)
+       TODO: check
+CVE-2023-3695 (A vulnerability classified as critical has been found in 
Campcodes Bea ...)
+       TODO: check
+CVE-2023-3694 (A vulnerability, which was classified as critical, has been 
found in S ...)
+       TODO: check
+CVE-2023-3693 (A vulnerability classified as critical was found in 
SourceCodester Lif ...)
+       TODO: check
+CVE-2023-3496
+       REJECTED
+CVE-2023-35901 (IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 
23.0.0 thro ...)
+       TODO: check
+CVE-2023-35012 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect 
Server) 11.5 ...)
+       TODO: check
+CVE-2023-33857 (IBM InfoSphere Information Server 11.7 could allow a remote 
attacker t ...)
+       TODO: check
+CVE-2023-2760 (An SQL injection vulnerability exists in TapHome core 
HandleMessageUpd ...)
+       TODO: check
+CVE-2023-2759 (A hidden API exists in TapHome's core platform before version 
2023.2 t ...)
+       TODO: check
+CVE-2022-4952 (A vulnerability has been found in OmniSharp 
csharp-language-server-pro ...)
+       TODO: check
 CVE-2023-3691 (A vulnerability, which was classified as problematic, was found 
in lay ...)
        TODO: check
 CVE-2023-3690 (A vulnerability, which was classified as critical, has been 
found in B ...)
@@ -1852,9 +1876,11 @@ CVE-2021-46891 (Vulnerability of incomplete read and 
write permission verificati
 CVE-2021-46890 (Vulnerability of incomplete read and write permission 
verification in  ...)
        NOT-FOR-US: Huawei
 CVE-2023-35001 (Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; 
nft_byte ...)
+       {DSA-5453-1}
        - linux <unfixed>
        NOTE: https://www.openwall.com/lists/oss-security/2023/07/05/3
 CVE-2023-31248 (Linux Kernel nftables Use-After-Free Local Privilege 
Escalation Vulner ...)
+       {DSA-5453-1}
        - linux <unfixed>
        [buster] - linux <not-affected> (Vulnerable code not present)
        NOTE: https://www.openwall.com/lists/oss-security/2023/07/05/2
@@ -1962,6 +1988,7 @@ CVE-2023-2321 (The WPForms Google Sheet Connector 
WordPress plugin before 3.4.6,
 CVE-2023-2320 (The CF7 Google Sheets Connector WordPress plugin before 5.0.2, 
cf7-goo ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-36813 (Kanboard is project management software that focuses on the 
Kanban met ...)
+       {DSA-5454-1}
        - kanboard 1.2.31+ds-1 (bug #1040265)
        NOTE: 
https://github.com/kanboard/kanboard/security/advisories/GHSA-9gvq-78jp-jxcx
        NOTE: 
https://github.com/kanboard/kanboard/commit/25b93343baeaf8ad018dcd87b094e47a5c6a3e0a
@@ -8891,10 +8918,10 @@ CVE-2023-30991
        RESERVED
 CVE-2023-30990 (IBM i 7.2, 7.3, 7.4, and 7.5 could allow a remote attacker to 
execute  ...)
        NOT-FOR-US: IBM
-CVE-2023-30989
-       RESERVED
-CVE-2023-30988
-       RESERVED
+CVE-2023-30989 (IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a 
local pr ...)
+       TODO: check
+CVE-2023-30988 (The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for 
i conta ...)
+       TODO: check
 CVE-2023-30987
        RESERVED
 CVE-2023-30986 (A vulnerability has been identified in Solid Edge SE2023 (All 
versions ...)
@@ -9504,7 +9531,7 @@ CVE-2023-2157 (A heap-based buffer overflow vulnerability 
was found in the Image
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/9a9896fce95d09e5e47b86baccbe1ce1a2fca76b
 (7.1.1-7)
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/7e4c992f148afc5b28111e540921d5b6e4e38673
 (6.9.12-85)
 CVE-2023-2156 (A flaw was found in the networking subsystem of the Linux 
kernel withi ...)
-       {DSA-5448-1}
+       {DSA-5453-1 DSA-5448-1}
        - linux 6.3.11-1
        [buster] - linux <not-affected> (Vulnerable code not present)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-547/
@@ -22458,8 +22485,8 @@ CVE-2023-26514
        RESERVED
 CVE-2023-26513 (Excessive Iteration vulnerability in Apache Software 
Foundation Apache ...)
        NOT-FOR-US: Apache Sling
-CVE-2023-26512
-       RESERVED
+CVE-2023-26512 (CWE-502 Deserialization of Untrusted Dataat 
therabbitmq-connector plug ...)
+       TODO: check
 CVE-2023-1025 (The Simple File List WordPress plugin before 6.0.10 does not 
sanitise  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-1024 (The WP Meta SEO plugin for WordPress is vulnerable to 
unauthorized sit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/274d83e4218c829fdfdb39a4d6daf66810ef0d81

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/274d83e4218c829fdfdb39a4d6daf66810ef0d81
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to