Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4ae91f99 by security tracker role at 2023-07-31T08:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2023-4007 (Cross-site Scripting (XSS) - Stored in GitHub repository
thorsten/phpm ...)
+ TODO: check
+CVE-2023-4006 (Improper Neutralization of Formula Elements in a CSV File in
GitHub re ...)
+ TODO: check
+CVE-2023-4005 (Insufficient Session Expiration in GitHub repository
fossbilling/fossb ...)
+ TODO: check
+CVE-2023-35019 (IBM Security Verify Governance, Identity Manager 10.0 could
allow a re ...)
+ TODO: check
+CVE-2023-35016 (IBM Security Verify Governance, Identity Manager 10.0 could
allow a re ...)
+ TODO: check
+CVE-2023-34360 (A stored cross-site scripting (XSS) issue was discovered
within the Cu ...)
+ TODO: check
+CVE-2023-34359 (ASUS RT-AX88U's httpd is subject to an unauthenticated DoS
condition. ...)
+ TODO: check
+CVE-2023-34358 (ASUS RT-AX88U's httpd is subject to an unauthenticated DoS
condition. ...)
+ TODO: check
CVE-2023-4004
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code not present)
@@ -2687,7 +2703,7 @@ CVE-2023-31405 (SAP NetWeaver AS for Java - versions
ENGINEAPI 7.50, SERVERCORE
CVE-2023-3605 (A vulnerability was found in PHPGurukul Online Shopping Portal
1.0. It ...)
NOT-FOR-US: PHPGurukul Online Shopping Portal
CVE-2023-3417 (Thunderbird allowed the Text Direction Override Unicode
Character in f ...)
- {DSA-5463-1}
+ {DSA-5463-1 DLA-3510-1}
- thunderbird 1:102.13.1-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-27/#CVE-2023-3417
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-28/#CVE-2023-3417
@@ -28745,8 +28761,8 @@ CVE-2023-24973
RESERVED
CVE-2023-24972
RESERVED
-CVE-2023-24971
- RESERVED
+CVE-2023-24971 (IBM B2B Advanced Communications 1.0.0.0 and IBM
Multi-Enterprise Integ ...)
+ TODO: check
CVE-2023-24970
RESERVED
CVE-2023-24969
@@ -36356,8 +36372,8 @@ CVE-2023-22597 (InHand Networks InRouter 302, prior to
version IR302 V3.5.56, an
NOT-FOR-US: InHand Networks InRouter
CVE-2023-22596
RESERVED
-CVE-2023-22595
- RESERVED
+CVE-2023-22595 (IBM B2B Advanced Communications 1.0.0.0 and IBM
Multi-Enterprise Integ ...)
+ TODO: check
CVE-2023-22594 (IBM Robotic Process Automation for Cloud Pak 20.12.0 through
21.0.4 is ...)
NOT-FOR-US: IBM
CVE-2023-22593 (IBM Robotic Process Automation for Cloud Pak 21.0.1 through
21.0.7.3 a ...)
@@ -54232,8 +54248,8 @@ CVE-2022-43833
RESERVED
CVE-2022-43832
RESERVED
-CVE-2022-43831
- RESERVED
+CVE-2022-43831 (IBM Storage Scale Container Native Storage Access 5.1.2.1
through 5.1. ...)
+ TODO: check
CVE-2022-43830
REJECTED
CVE-2022-43829
@@ -259701,8 +259717,8 @@ CVE-2020-4870 (IBM MQ 9.2 CD and LTS are vulnerable
to a denial of service attac
NOT-FOR-US: IBM
CVE-2020-4869 (IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial
of servi ...)
NOT-FOR-US: IBM
-CVE-2020-4868
- RESERVED
+CVE-2020-4868 (IBM TRIRIGA 3.0, 4.0, and 4.4 could allow a remote attacker to
obtain ...)
+ TODO: check
CVE-2020-4867
RESERVED
CVE-2020-4866 (IBM Engineering products are vulnerable to cross-site
scripting. This ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ae91f99ab742884140af91860e4465198189508
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ae91f99ab742884140af91860e4465198189508
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
