Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dca61ea5 by security tracker role at 2023-08-08T08:12:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,67 @@
+CVE-2023-3573 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior
to 4.0 ...)
+ TODO: check
+CVE-2023-3572 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior
to 4.0 ...)
+ TODO: check
+CVE-2023-3571 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior
to 4.0 ...)
+ TODO: check
+CVE-2023-3570 (In PHOENIX CONTACTs WP 6xxx series web panels in versions prior
to 4.0 ...)
+ TODO: check
+CVE-2023-3569 (In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions
prior to ...)
+ TODO: check
+CVE-2023-3526 (In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions
prior to ...)
+ TODO: check
+CVE-2023-39978 (ImageMagick before 6.9.12-91 allows attackers to cause a
denial of ser ...)
+ TODO: check
+CVE-2023-39977 (An issue was discovered in the Linux kernel before 6.3.2.
There is an ...)
+ TODO: check
+CVE-2023-39976 (log_blackbox.c in libqb before 2.0.8 allows a buffer overflow
via long ...)
+ TODO: check
+CVE-2023-39530 (PrestaShop is an open source e-commerce web application. Prior
to vers ...)
+ TODO: check
+CVE-2023-39529 (PrestaShop is an open source e-commerce web application. Prior
to vers ...)
+ TODO: check
+CVE-2023-39528 (PrestaShop is an open source e-commerce web application. Prior
to vers ...)
+ TODO: check
+CVE-2023-39527 (PrestaShop is an open source e-commerce web application.
Versions prio ...)
+ TODO: check
+CVE-2023-39526 (PrestaShop is an open source e-commerce web application.
Versions prio ...)
+ TODO: check
+CVE-2023-39525 (PrestaShop is an open source e-commerce web application. Prior
to vers ...)
+ TODO: check
+CVE-2023-39523 (ScanCode.io is a server to script and automate software
composition an ...)
+ TODO: check
+CVE-2023-39440 (In SAP BusinessObjects Business Intelligence - version 420,
If a user ...)
+ TODO: check
+CVE-2023-39439 (SAP Commerce Cloud may accept an empty passphrase for user ID
and pass ...)
+ TODO: check
+CVE-2023-39437 (SAP business One allows - version 10.0, allows an attacker to
insert m ...)
+ TODO: check
+CVE-2023-39436 (SAP Supplier Relationship Management -versions 600, 602, 603,
604, 605 ...)
+ TODO: check
+CVE-2023-37569 (This vulnerability exists in ESDS Emagic Data Center
Management Suit d ...)
+ TODO: check
+CVE-2023-37492 (SAP NetWeaver Application Server ABAP and ABAP Platform -
versions SAP ...)
+ TODO: check
+CVE-2023-37491 (The ACL (AccessControlList) of SAP Message Server - versions
KERNEL 7. ...)
+ TODO: check
+CVE-2023-37490 (SAP Business Objects Installer - versions 420, 430, allows an
authenti ...)
+ TODO: check
+CVE-2023-37488 (In SAP NetWeaverProcess Integration - versions SAP_XIESR 7.50,
SAP_XIT ...)
+ TODO: check
+CVE-2023-37487 (SAP Business One (Service Layer) - version 10.0, allows an
authenticat ...)
+ TODO: check
+CVE-2023-37486 (Under certain conditionsSAP Commerce(OCC API) - versions
HY_COM 2105, ...)
+ TODO: check
+CVE-2023-37484 (SAP PowerDesigner - version 16.7, queries all password hashes
in the b ...)
+ TODO: check
+CVE-2023-37483 (SAP PowerDesigner - version 16.7, has improper access control
which mi ...)
+ TODO: check
+CVE-2023-36926 (Due to missing authentication check in SAP Host Agent -
version 7.22, ...)
+ TODO: check
+CVE-2023-36923 (SAP SQLA for PowerDesigner 17 bundled with SAP PowerDesigner
16.7 SP06 ...)
+ TODO: check
+CVE-2023-33993 (B1i module of SAP Business One - version 10.0, application
allows an a ...)
+ TODO: check
CVE-2023-4205 (An out-of-bounds memory access flaw was found in the Linux
kernel\u201 ...)
- linux <unfixed>
NOTE: https://www.spinics.net/lists/kernel/msg4876594.html
@@ -9,7 +73,7 @@ CVE-2023-4200 (A vulnerability has been found in
SourceCodester Inventory Manage
CVE-2023-4199 (A vulnerability, which was classified as critical, was found in
Source ...)
NOT-FOR-US: SourceCodester Inventory Management System
CVE-2023-4155
- - linux <unfixed>
+ - linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/7588dbcebcbf0193ab5b76987396d0254270b04a
@@ -2522,7 +2586,7 @@ CVE-2023-2579 (The InventoryPress WordPress plugin
through 1.7 does not sanitise
NOT-FOR-US: WordPress plugin
CVE-2023-2330 (The Caldera Forms Google Sheets Connector WordPress plugin
through 1.2 ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-2329 (The WooCommerce Google Sheet Connector WordPress plugin through
1.3.4 ...)
+CVE-2023-2329 (The WooCommerce Google Sheet Connector WordPress plugin before
1.3.6 d ...)
NOT-FOR-US: WordPress plugin
CVE-2020-36695 (Incorrect Default Permissions vulnerability in Hitachi Device
Manager ...)
NOT-FOR-US: Hitachi
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dca61ea5fa2f1a939301b976d04e00a3f178c3c9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dca61ea5fa2f1a939301b976d04e00a3f178c3c9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
