[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 22 Jul 2023 13:12:38 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7679d9e2 by security tracker role at 2023-07-22T20:12:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2023-3836 (A vulnerability classified as critical was found in Dahua Smart 
Park M ...)
+       TODO: check
+CVE-2023-3835 (A vulnerability classified as problematic has been found in Bug 
Finder ...)
+       TODO: check
+CVE-2023-3834 (A vulnerability was found in Bug Finder EX-RATE 1.0. It has 
been rated ...)
+       TODO: check
+CVE-2023-3833 (A vulnerability was found in Bug Finder Montage 1.0. It has 
been decla ...)
+       TODO: check
+CVE-2023-3832 (A vulnerability was found in Bug Finder Wedding Wonders 1.0. It 
has be ...)
+       TODO: check
+CVE-2023-3831 (A vulnerability was found in Bug Finder Finounce 1.0 and 
classified as ...)
+       TODO: check
+CVE-2023-3830 (A vulnerability was found in Bug Finder SASS BILLER 1.0. It has 
been r ...)
+       TODO: check
+CVE-2023-3829 (A vulnerability was found in Bug Finder ICOGenie 1.0. It has 
been decl ...)
+       TODO: check
+CVE-2023-3828 (A vulnerability was found in Bug Finder Listplace Directory 
Listing Pl ...)
+       TODO: check
+CVE-2023-3827 (A vulnerability was found in Bug Finder Listplace Directory 
Listing Pl ...)
+       TODO: check
+CVE-2023-38633 (A directory traversal problem in the URL decoder of librsvg 
before 2.5 ...)
+       TODO: check
+CVE-2023-38195 (Datalust Seq before 2023.2.9489 allows insertion of sensitive 
informat ...)
+       TODO: check
 CVE-2023-3826 (A vulnerability has been found in IBOS OA 4.5.5 and classified 
as crit ...)
        NOT-FOR-US: IBOS OA
 CVE-2023-3776 (A use-after-free vulnerability in the Linux kernel's net/sched: 
cls_fw ...)
@@ -189,6 +213,7 @@ CVE-2023-31462 (An issue was discovered in SteelSeries GG 
36.0.0. An attacker ca
 CVE-2023-31461 (Attackers can exploit an open API listener on SteelSeries GG 
36.0.0 to ...)
        NOT-FOR-US: SteelSeries
 CVE-2023-37450 [Processing web content may lead to arbitrary code execution]
+       {DSA-5457-1}
        - webkit2gtk 2.40.4-1
        [buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
        - wpewebkit 2.40.4-1
@@ -3748,6 +3773,7 @@ CVE-2023-32395 (A logic issue was addressed with improved 
state management. This
 CVE-2023-32394 (The issue was addressed with improved checks. This issue is 
fixed in i ...)
        NOT-FOR-US: Apple
 CVE-2023-32393 [Processing web content may lead to arbitrary code execution]
+       {DSA-5396-1}
        - webkit2gtk 2.40.0-1
        [buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
        - wpewebkit 2.40.2-2
@@ -5385,7 +5411,7 @@ CVE-2020-36728 (The Adning Advertising plugin for 
WordPress is vulnerable to fil
        NOT-FOR-US: Adning Advertising plugin for WordPress
 CVE-2020-36705 (The Adning Advertising plugin for WordPress is vulnerable to 
arbitrary ...)
        NOT-FOR-US: Adning Advertising plugin for WordPress
-CVE-2023-33865 (RenderDoc through 1.26 allows local privilege escalation via a 
symlink ...)
+CVE-2023-33865 (RenderDoc before 1.27 allows local privilege escalation via a 
symlink  ...)
        - renderdoc <unfixed> (bug #1037208)
        [buster] - renderdoc <postponed> (Can wait for next update)
        NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
@@ -5394,7 +5420,7 @@ CVE-2023-33865 (RenderDoc through 1.26 allows local 
privilege escalation via a s
        NOTE: 
https://github.com/baldurk/renderdoc/commit/1f72a09e3b4fd8ba45be4b0db4889444ef5179e2
 (v1.27)
        NOTE: 
https://github.com/baldurk/renderdoc/commit/203fc8382a79d53d2035613d9425d966b1d4958e
 (v1.27)
        NOTE: 
https://github.com/baldurk/renderdoc/commit/771aa8e769b72e6a36b31d6e2116db9952dcbe9b
 (v1.27)
-CVE-2023-33864 (RenderDoc through 1.26 allows an Integer Overflow with a 
resultant Buf ...)
+CVE-2023-33864 (StreamReader::ReadFromExternal in RenderDoc before 1.27 allows 
an Inte ...)
        - renderdoc <unfixed> (bug #1037208)
        NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
        NOTE: 
https://github.com/baldurk/renderdoc/commit/601ed56111ce3803d8476d438ade1c92d6092856
 (v1.27)
@@ -5402,7 +5428,7 @@ CVE-2023-33864 (RenderDoc through 1.26 allows an Integer 
Overflow with a resulta
        NOTE: 
https://github.com/baldurk/renderdoc/commit/1f72a09e3b4fd8ba45be4b0db4889444ef5179e2
 (v1.27)
        NOTE: 
https://github.com/baldurk/renderdoc/commit/203fc8382a79d53d2035613d9425d966b1d4958e
 (v1.27)
        NOTE: 
https://github.com/baldurk/renderdoc/commit/771aa8e769b72e6a36b31d6e2116db9952dcbe9b
 (v1.27)
-CVE-2023-33863 (RenderDoc through 1.26 allows an Integer Overflow with a 
resultant Buf ...)
+CVE-2023-33863 (SerialiseValue in RenderDoc before 1.27 allows an Integer 
Overflow wit ...)
        - renderdoc <unfixed> (bug #1037208)
        NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
        NOTE: 
https://github.com/baldurk/renderdoc/commit/601ed56111ce3803d8476d438ade1c92d6092856
 (v1.27)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7679d9e28d39d71d68623c7769bd5d6f8e1503a4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7679d9e28d39d71d68623c7769bd5d6f8e1503a4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to